Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZZDAanVXsQmpsfBdtN_LSEovwoI.roa
File: ZZDAanVXsQmpsfBdtN_LSEovwoI.roa (raw, json)
Hash identifier: 0N0DR276lK3dqM448fQds+vjyC8+pVIxZ+wyoI4ayF0=
Subject key identifier: 65:90:C0:6A:75:57:B1:09:A9:B1:F0:5D:B4:DF:CB:48:4A:2F:C2:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425228CD59A90DC4AED8CAC83E70F69D1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZZDAanVXsQmpsfBdtN_LSEovwoI.roa
Signing time: Thu 02 Jan 2025 03:50:08 +0000
ROA not before: Thu 02 Jan 2025 03:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215734
IP address blocks: 2a06:de00:de10::/48 maxlen: 48
2a06:de00:de11::/48 maxlen: 48
2a06:de00:de12::/48 maxlen: 48
2a06:de00:de15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:8c:d5:9a:90:dc:4a:ed:8c:ac:83:e7:0f:69:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6590c06a7557b109a9b1f05db4dfcb484a2fc282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c8:2b:6a:34:0d:00:e4:62:61:25:15:df:89:
53:cf:3b:b8:9d:9f:5f:12:53:95:7d:72:d7:57:c9:
05:f4:61:9f:c0:44:ba:7a:b1:a2:60:8b:29:10:43:
f5:d7:ad:90:ce:9b:c9:12:c9:b4:46:b5:71:60:c8:
cc:bf:a3:0f:c2:d5:72:64:dd:32:c2:09:d3:75:59:
c3:16:a7:81:9a:c2:32:4d:cb:02:eb:af:8c:f9:ee:
a9:47:27:40:fa:c1:75:bc:71:1f:d4:89:79:48:00:
80:fd:ce:a0:46:bf:f2:55:e6:85:6a:db:de:a0:be:
f2:e0:96:8d:65:4c:38:7a:ae:42:19:04:61:0d:fc:
b3:18:04:7c:59:90:cb:c4:e8:99:ca:ea:96:0c:f1:
43:e1:9c:82:0a:4a:7e:58:fd:24:9d:da:a0:65:6f:
b3:65:fb:44:24:8d:d6:da:a0:54:d1:23:bd:67:42:
f2:38:72:b9:c5:bd:bb:51:da:57:4c:ac:b3:4d:31:
d5:6e:7a:d5:5f:d2:26:55:4c:cf:ab:f9:67:c7:fb:
08:0e:6d:65:ef:c5:94:65:c2:ab:4c:f9:dd:95:7c:
1a:75:58:76:b2:47:f5:7d:eb:95:ef:f6:0f:a5:96:
0b:b4:3b:90:f0:db:8c:09:59:63:51:30:40:c2:f5:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:90:C0:6A:75:57:B1:09:A9:B1:F0:5D:B4:DF:CB:48:4A:2F:C2:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZZDAanVXsQmpsfBdtN_LSEovwoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:de10::-2a06:de00:de12:ffff:ffff:ffff:ffff:ffff
2a06:de00:de15::/48
Signature Algorithm: sha256WithRSAEncryption
77:b9:f2:64:b4:e6:17:f7:db:37:3e:84:2d:5c:01:f4:c8:cf:
51:40:6a:ef:4a:87:a4:11:d8:0c:42:33:77:3f:c7:d8:12:4b:
01:7c:63:f6:b5:9a:23:da:fd:04:87:54:65:85:fc:15:92:5e:
e3:70:73:1d:7c:54:ef:32:1b:be:2b:82:7e:60:f9:3f:65:5d:
bd:b4:80:b8:f0:30:40:8a:91:88:c6:83:d0:38:3f:62:0e:be:
96:6f:78:01:c6:01:d1:5f:12:63:50:c8:fe:80:5e:62:fa:3c:
b2:8f:94:37:bb:78:1e:34:1c:0b:f7:ea:2d:f1:73:95:52:86:
89:e4:4a:99:5d:8a:ea:3b:3c:d8:3f:36:75:18:72:eb:a5:b1:
de:85:66:00:cf:a1:37:7b:9b:88:58:90:5c:34:28:61:36:61:
52:89:c3:10:c2:43:65:f3:e2:78:00:a2:b2:ed:46:52:e3:47:
32:cc:be:aa:cc:1c:ab:06:cc:da:2b:64:eb:60:2b:8f:bd:8f:
1b:54:1f:1c:93:0a:d5:b4:7f:d1:1f:c7:ae:35:85:7d:30:51:
87:c5:8d:29:b4:aa:be:8b:b1:ef:8a:22:3f:b3:11:44:b1:bb:
1d:32:b1:44:d3:bd:fd:2c:77:87:05:12:c2:20:c7:32:b1:bd:
6f:4d:af:b6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIozVmpDcSu2MrIPnD2nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTkwYzA2YTc1NTdiMTA5YTliMWYwNWRiNGRmY2I0ODRhMmZjMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18grajQNAORiYSUV34lTzzu4nZ9f
ElOVfXLXV8kF9GGfwES6erGiYIspEEP1162QzpvJEsm0RrVxYMjMv6MPwtVyZN0y
wgnTdVnDFqeBmsIyTcsC66+M+e6pRydA+sF1vHEf1Il5SACA/c6gRr/yVeaFatve
oL7y4JaNZUw4eq5CGQRhDfyzGAR8WZDLxOiZyuqWDPFD4ZyCCkp+WP0kndqgZW+z
ZftEJI3W2qBU0SO9Z0LyOHK5xb27UdpXTKyzTTHVbnrVX9ImVUzPq/lnx/sIDm1l
78WUZcKrTPndlXwadVh2skf1feuV7/YPpZYLtDuQ8NuMCVljUTBAwvWt4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGWQwGp1V7EJqbHwXbTfy0hKL8KCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWlpEQWFuVlhzUW1wc2ZCZHROX0xTRW92d29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQqBt4A
3hADBwAqBt4A3hIDBwAqBt4A3hUwDQYJKoZIhvcNAQELBQADggEBAHe58mS05hf3
2zc+hC1cAfTIz1FAau9Kh6QR2AxCM3c/x9gSSwF8Y/a1miPa/QSHVGWF/BWSXuNw
cx18VO8yG74rgn5g+T9lXb20gLjwMECKkYjGg9A4P2IOvpZveAHGAdFfEmNQyP6A
XmL6PLKPlDe7eB40HAv36i3xc5VShonkSpldiuo7PNg/NnUYcuulsd6FZgDPoTd7
m4hYkFw0KGE2YVKJwxDCQ2Xz4ngAorLtRlLjRzLMvqrMHKsGzNorZOtgK4+9jxtU
HxyTCtW0f9Efx641hX0wUYfFjSm0qr6Lse+KIj+zEUSxux0ysUTTvf0sd4cFEsIg
xzKxvW9Nr7Y=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:45:31 2025 by rpki-client