Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/zi6tgxxdXu-KjRvwqkHo4TAbCCY.roa
File: zi6tgxxdXu-KjRvwqkHo4TAbCCY.roa (raw, json)
Hash identifier: /Ka11sy39OKnCI674OTDKtIC713gWaXNerptag8ixr0=
Subject key identifier: CE:2E:AD:83:1C:5D:5E:EF:8A:8D:1B:F0:AA:41:E8:E1:30:1B:08:26
Certificate issuer: /CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Certificate serial: 01941F8CA05800319847FA75007DC5F84AB6
Authority key identifier: D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/zi6tgxxdXu-KjRvwqkHo4TAbCCY.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200081
IP address blocks: 2a01:ea00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a0:58:00:31:98:47:fa:75:00:7d:c5:f8:4a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce2ead831c5d5eef8a8d1bf0aa41e8e1301b0826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:63:ea:04:be:05:87:8b:cd:51:62:db:c3:66:
1e:be:d2:1b:81:a3:a8:c2:1c:7f:d4:52:b3:9b:73:
9a:c2:68:b5:ee:15:6f:a0:08:f9:f8:7c:c1:83:78:
1c:6f:57:a3:1b:06:f0:e4:d8:b6:aa:25:5d:b8:a4:
e6:dc:03:91:7a:4a:d0:8b:5c:56:88:b9:df:d1:b6:
28:9a:52:7f:1d:d4:c7:0d:1c:e7:10:10:67:29:58:
ed:04:53:4d:5c:ee:01:86:8a:d8:48:48:0a:5a:9a:
3b:58:2e:ae:94:2f:83:9c:43:e2:c1:cd:46:96:4e:
92:51:57:4b:b8:cb:e1:85:f4:94:03:78:9d:72:33:
00:30:5d:db:b4:4a:f4:40:25:cd:c5:e8:50:4d:77:
b8:87:10:f2:ed:66:4a:b9:e7:b8:0c:0e:3c:17:dd:
2b:98:44:e8:e3:16:22:5c:30:8e:f1:82:8d:1a:c9:
5a:a7:28:02:47:84:8b:d3:4e:71:8c:fa:4f:42:33:
23:90:c0:c3:31:61:ba:96:c9:29:93:48:b9:e3:14:
ea:77:57:fb:47:ad:a7:d5:a0:b1:d2:f4:b0:e4:b7:
6a:38:bd:0a:30:0d:ac:8c:25:89:b3:c5:7c:da:f3:
e5:27:96:88:08:2c:4a:8e:b8:2e:20:45:80:1f:e2:
ca:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2E:AD:83:1C:5D:5E:EF:8A:8D:1B:F0:AA:41:E8:E1:30:1B:08:26
X509v3 Authority Key Identifier:
keyid:D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/zi6tgxxdXu-KjRvwqkHo4TAbCCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ea00::/48
Signature Algorithm: sha256WithRSAEncryption
2b:47:d8:90:cb:a2:3b:e8:1d:3b:62:c6:00:ab:44:3c:c6:19:
24:45:2e:00:39:c6:16:df:a9:e2:01:b9:e3:f6:3f:ed:18:5c:
f5:9b:5c:29:29:52:df:31:cf:d6:31:53:7a:9d:80:9d:af:ff:
ba:37:ca:41:eb:2a:5e:f0:f4:ad:5c:20:62:1e:b9:b5:be:b4:
6c:aa:96:91:b8:ec:d8:37:ae:56:25:3d:54:09:ef:38:b2:eb:
e9:2f:eb:0e:28:b1:f7:62:4f:5d:53:83:4e:3a:b1:d6:64:74:
b2:a2:ad:36:f9:a1:cb:7d:08:2a:9b:a3:21:9b:fa:88:3d:e2:
7e:31:0c:28:e7:9d:a8:96:f5:7d:c5:18:7b:9a:8d:4c:c4:51:
1b:19:ae:63:d1:28:1f:f0:af:2f:9d:20:44:2e:08:f7:6b:3c:
58:ba:c1:97:98:29:47:a5:84:95:23:e8:f1:f7:11:73:83:27:
ba:3c:1c:84:c5:79:c7:32:99:10:6b:6f:8b:45:f6:a1:50:59:
72:f0:d8:aa:2c:32:e6:15:07:5c:9a:23:ce:a8:dc:c0:d2:36:
b9:7e:45:26:25:2b:6e:07:dd:18:c9:29:6a:f2:b0:db:39:29:
38:49:2b:2b:5f:e6:e4:32:d6:71:f0:c5:55:fe:1b:69:8b:53:
9a:26:53:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjKBYADGYR/p1AH3F+Eq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTVmMmU5MTQ5Y2UxYjQyOGM4ZjFlZGZjMDA5MjE1ZTI4
NDdmNTUwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTJlYWQ4MzFjNWQ1ZWVmOGE4ZDFiZjBhYTQxZThlMTMwMWIwODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WPqBL4Fh4vNUWLbw2YevtIbgaOo
whx/1FKzm3Oawmi17hVvoAj5+HzBg3gcb1ejGwbw5Ni2qiVduKTm3AORekrQi1xW
iLnf0bYomlJ/HdTHDRznEBBnKVjtBFNNXO4BhorYSEgKWpo7WC6ulC+DnEPiwc1G
lk6SUVdLuMvhhfSUA3idcjMAMF3btEr0QCXNxehQTXe4hxDy7WZKuee4DA48F90r
mETo4xYiXDCO8YKNGslapygCR4SL005xjPpPQjMjkMDDMWG6lskpk0i54xTqd1f7
R62n1aCx0vSw5LdqOL0KMA2sjCWJs8V82vPlJ5aICCxKjrguIEWAH+LK3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM4urYMcXV7vio0b8KpB6OEwGwgmMB8GA1UdIwQY
MBaAFNUV8ukUnOG0KMjx7fwAkhXihH9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTIt
MDA4OTk0NDk4MGNhLzEvemk2dGd4eGRYdS1LalJ2d3FrSG80VEFiQ0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTItMDA4OTk0NDk4MGNh
LzEvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHqAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQArR9iQy6I76B07YsYAq0Q8xhkkRS4AOcYW36ni
Abnj9j/tGFz1m1wpKVLfMc/WMVN6nYCdr/+6N8pB6ype8PStXCBiHrm1vrRsqpaR
uOzYN65WJT1UCe84suvpL+sOKLH3Yk9dU4NOOrHWZHSyoq02+aHLfQgqm6Mhm/qI
PeJ+MQwo552olvV9xRh7mo1MxFEbGa5j0Sgf8K8vnSBELgj3azxYusGXmClHpYSV
I+jx9xFzgye6PByExXnHMpkQa2+LRfahUFly8NiqLDLmFQdcmiPOqNzA0ja5fkUm
JStuB90YySlq8rDbOSk4SSsrX+bkMtZx8MVV/htpi1OaJlN4
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:03:07 2025 by rpki-client