Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/zin7g8rz3XZKgyY-2CCTccUUZMI.roa
File: zin7g8rz3XZKgyY-2CCTccUUZMI.roa (raw, json)
Hash identifier: FyDDLGXT5pU6Mg/1Kd+gQOcE2BEnBTlrNQt3oLOsDkc=
Subject key identifier: CE:29:FB:83:CA:F3:DD:76:4A:83:26:3E:D8:20:93:71:C5:14:64:C2
Certificate issuer: /CN=0462b6e3ba500902e63ee14e5cac9112832a2c27
Certificate serial: 01956847F01275289286A24319946C0B9D51
Authority key identifier: 04:62:B6:E3:BA:50:09:02:E6:3E:E1:4E:5C:AC:91:12:83:2A:2C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGK247pQCQLmPuFOXKyREoMqLCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/zin7g8rz3XZKgyY-2CCTccUUZMI.roa
Signing time: Wed 05 Mar 2025 21:48:19 +0000
ROA not before: Wed 05 Mar 2025 21:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212500
IP address blocks: 2a14:9c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/BGK247pQCQLmPuFOXKyREoMqLCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/BGK247pQCQLmPuFOXKyREoMqLCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGK247pQCQLmPuFOXKyREoMqLCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:47:f0:12:75:28:92:86:a2:43:19:94:6c:0b:9d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0462b6e3ba500902e63ee14e5cac9112832a2c27
Validity
Not Before: Mar 5 21:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce29fb83caf3dd764a83263ed8209371c51464c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d5:60:7c:a5:bb:51:7f:9c:64:b7:27:e8:31:
dd:5a:34:c9:b1:21:38:f3:7e:c2:f6:04:00:99:85:
2d:6a:da:99:0d:4b:47:2a:2e:cc:b7:79:4b:d6:dc:
70:54:d2:8e:ee:63:92:7f:df:9f:93:63:0f:dd:8a:
0b:d6:35:a2:c8:cb:80:bd:e7:8b:11:12:5e:be:4e:
aa:53:1a:89:55:85:69:78:32:f2:98:7e:1a:82:33:
bb:cb:79:1a:46:ae:73:bf:4b:0c:8b:2a:fc:fc:c9:
56:08:de:03:d0:ce:11:b9:90:97:94:65:b3:ef:ac:
36:bf:01:95:5c:ae:e1:3f:e6:92:d0:a4:f7:96:5e:
08:cf:60:15:0e:77:a6:04:4b:6b:d8:b0:56:73:e1:
a6:b1:bb:3a:92:69:25:a2:3e:1e:26:ce:21:4b:db:
d2:6a:db:96:bf:8e:c3:1d:b2:0e:6f:39:74:45:2a:
f7:3e:f4:db:01:ef:cb:10:4f:87:af:dc:88:97:3c:
54:3a:16:51:3b:f6:a0:4e:e0:2a:42:66:58:88:b2:
ee:b4:3d:1d:ca:e3:8a:af:21:68:e7:e3:93:ca:bb:
80:98:61:88:c3:c5:36:5a:ac:a6:f7:4c:b3:6b:1e:
31:64:e5:9d:5e:fd:7a:38:20:53:49:c2:6c:b2:7f:
cc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:29:FB:83:CA:F3:DD:76:4A:83:26:3E:D8:20:93:71:C5:14:64:C2
X509v3 Authority Key Identifier:
keyid:04:62:B6:E3:BA:50:09:02:E6:3E:E1:4E:5C:AC:91:12:83:2A:2C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGK247pQCQLmPuFOXKyREoMqLCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/zin7g8rz3XZKgyY-2CCTccUUZMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee1b01-51ad-4a02-b278-6416cd377b48/1/BGK247pQCQLmPuFOXKyREoMqLCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
6e:ea:8c:c6:19:96:90:4c:bd:1f:d3:94:e2:9a:3c:fd:32:bd:
ed:67:9f:9d:64:7c:de:7d:e6:22:aa:2e:fb:13:a0:f3:30:98:
84:ce:e5:78:cb:6a:4b:1e:c1:35:4a:28:81:58:f3:46:32:70:
d2:04:c1:4e:16:68:8f:6c:db:a8:51:3b:68:46:3b:49:b0:f5:
a5:64:7c:e3:be:b6:e9:58:d5:67:33:be:a4:e4:11:af:36:a2:
93:9e:90:c8:65:71:ee:c0:59:c8:7e:4d:bb:9b:28:3b:ae:7a:
25:9e:a3:2a:ad:52:22:a8:c8:f1:6d:e4:18:71:fe:98:00:17:
bd:0d:4b:ab:71:b8:46:d8:77:1b:70:5e:9e:f6:1c:81:4b:95:
41:a2:f5:10:93:1e:9d:9f:ab:aa:e7:c7:e7:eb:ce:a5:68:d5:
df:73:1a:08:94:6b:67:9b:66:ce:26:bd:aa:53:4c:72:58:9d:
bd:65:b5:e6:3b:81:c6:51:ab:1a:cd:ce:cb:c3:c9:6f:92:0d:
6f:c5:e3:9b:65:a8:97:3d:76:40:ea:da:aa:c3:f5:7b:e6:21:
a9:e9:0a:08:78:07:2e:ab:89:4e:2e:e4:62:96:57:c6:5e:89:
54:74:13:17:8c:6c:c5:5b:c8:a9:20:77:eb:91:f6:30:95:b4:
9c:3f:55:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoR/ASdSiShqJDGZRsC51RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjJiNmUzYmE1MDA5MDJlNjNlZTE0ZTVjYWM5MTEyODMy
YTJjMjcwHhcNMjUwMzA1MjE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI5ZmI4M2NhZjNkZDc2NGE4MzI2M2VkODIwOTM3MWM1MTQ2NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNVgfKW7UX+cZLcn6DHdWjTJsSE4
837C9gQAmYUtatqZDUtHKi7Mt3lL1txwVNKO7mOSf9+fk2MP3YoL1jWiyMuAveeL
ERJevk6qUxqJVYVpeDLymH4agjO7y3kaRq5zv0sMiyr8/MlWCN4D0M4RuZCXlGWz
76w2vwGVXK7hP+aS0KT3ll4Iz2AVDnemBEtr2LBWc+Gmsbs6kmkloj4eJs4hS9vS
atuWv47DHbIObzl0RSr3PvTbAe/LEE+Hr9yIlzxUOhZRO/agTuAqQmZYiLLutD0d
yuOKryFo5+OTyruAmGGIw8U2Wqym90yzax4xZOWdXv16OCBTScJssn/M3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM4p+4PK8912SoMmPtggk3HFFGTCMB8GA1UdIwQY
MBaAFARituO6UAkC5j7hTlyskRKDKiwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdLMjQ3cFFDUUxtUHVGT1hLeVJFb01xTENjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lZTFiMDEtNTFhZC00YTAyLWIyNzgt
NjQxNmNkMzc3YjQ4LzEvemluN2c4cnozWFpLZ3lZLTJDQ1RjY1VVWk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lZTFiMDEtNTFhZC00YTAyLWIyNzgtNjQxNmNkMzc3YjQ4
LzEvQkdLMjQ3cFFDUUxtUHVGT1hLeVJFb01xTENjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhScgDAN
BgkqhkiG9w0BAQsFAAOCAQEAbuqMxhmWkEy9H9OU4po8/TK97WefnWR83n3mIqou
+xOg8zCYhM7leMtqSx7BNUoogVjzRjJw0gTBThZoj2zbqFE7aEY7SbD1pWR84762
6VjVZzO+pOQRrzaik56QyGVx7sBZyH5Nu5soO656JZ6jKq1SIqjI8W3kGHH+mAAX
vQ1Lq3G4Rth3G3BenvYcgUuVQaL1EJMenZ+rqufH5+vOpWjV33MaCJRrZ5tmzia9
qlNMclidvWW15juBxlGrGs3Oy8PJb5INb8Xjm2Wolz12QOraqsP1e+YhqekKCHgH
LquJTi7kYpZXxl6JVHQTF4xsxVvIqSB365H2MJW0nD9VsA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:29:46 2025 by rpki-client