Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZdSp6CTf-9MhBiix8bsbJdC4JII.roa
File: ZdSp6CTf-9MhBiix8bsbJdC4JII.roa (raw, json)
Hash identifier: v3rqHd2N3IZ+AOxKZCSuyVf2VA0r8hmwBU4WgxiIlC4=
Subject key identifier: 65:D4:A9:E8:24:DF:FB:D3:21:06:28:B1:F1:BB:1B:25:D0:B8:24:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425222C834713DE7C4E149DD4EA1B1A9E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZdSp6CTf-9MhBiix8bsbJdC4JII.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208223
IP address blocks: 2a0e:b107:1a30::/48 maxlen: 48
2a0e:b107:1a31::/48 maxlen: 48
2a0e:b107:1a32::/48 maxlen: 48
2a0e:b107:1a33::/48 maxlen: 48
2a0e:b107:1a34::/48 maxlen: 48
2a0e:b107:1a35::/48 maxlen: 48
2a0e:b107:1a36::/48 maxlen: 48
2a0e:b107:1a37::/48 maxlen: 48
2a0e:b107:1a38::/48 maxlen: 48
2a0e:b107:1a39::/48 maxlen: 48
2a0e:b107:1a3a::/48 maxlen: 48
2a0e:b107:1a3b::/48 maxlen: 48
2a0e:b107:1a3c::/48 maxlen: 48
2a0e:b107:1a3d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2c:83:47:13:de:7c:4e:14:9d:d4:ea:1b:1a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d4a9e824dffbd3210628b1f1bb1b25d0b82482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:34:ee:aa:b2:de:d8:55:5a:b1:ba:9a:09:
39:8f:f7:99:aa:f2:10:86:e9:1d:17:36:ae:92:03:
7c:ae:17:48:a4:0d:51:7f:cb:06:2e:f8:db:7e:6f:
5d:0a:28:55:84:af:e2:21:04:d9:e8:1c:c4:71:af:
8d:bc:77:f0:87:23:1c:43:d5:a1:3d:eb:8d:6f:64:
05:b5:df:a4:83:eb:a9:53:99:12:1a:48:50:9b:df:
6f:24:0d:ee:39:ee:81:d9:d9:0d:04:d3:63:34:3d:
4c:13:de:97:2c:ae:69:77:9b:a1:24:c9:44:ad:49:
94:ab:0e:97:c7:8c:29:79:53:c6:8b:f0:40:ae:06:
e7:d5:3e:3b:ac:4f:10:2c:8a:31:b0:f3:6d:1e:2f:
e4:18:46:db:c7:b8:40:ae:42:49:a6:53:ba:a2:54:
07:0f:b2:03:6e:8e:8c:1e:2b:67:ab:01:4a:69:a6:
33:66:47:9b:9b:55:f7:7a:60:9b:22:65:76:ce:a3:
4a:62:5a:27:28:41:fd:04:62:ba:c1:22:92:1e:e4:
0b:9a:fb:6e:3d:fb:2f:e2:06:0f:25:95:69:3d:1c:
1d:0d:c8:b5:c0:73:4d:c6:03:2e:79:d5:a2:62:cc:
96:44:94:e6:a7:b9:76:30:cb:87:b4:ab:a0:51:95:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D4:A9:E8:24:DF:FB:D3:21:06:28:B1:F1:BB:1B:25:D0:B8:24:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZdSp6CTf-9MhBiix8bsbJdC4JII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a30::-2a0e:b107:1a3d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:50:ba:25:61:a5:97:89:62:a7:c3:79:c6:a4:64:d1:7e:fb:
d6:95:f1:36:6c:ed:78:00:4b:af:d7:1c:50:a4:cd:97:89:5b:
7b:29:1b:6a:0b:b7:93:6f:d4:93:ea:68:72:ae:5d:8d:9d:04:
b5:4f:21:d9:ce:29:18:20:27:01:e2:4a:8e:0e:3e:de:9f:96:
9f:48:98:a2:78:43:d7:ae:d3:c3:35:59:83:ea:36:a9:b7:f0:
ff:22:32:fd:ec:5a:28:ac:4d:5e:a1:cb:b9:3e:34:48:a1:c2:
09:01:c5:b4:fb:be:bb:90:0b:2d:d3:b8:8b:a4:ad:68:1f:6d:
c7:de:30:c6:d4:50:b4:cf:fb:92:3f:e5:1b:36:de:ca:11:dc:
18:74:7f:6b:67:2f:0e:de:3a:13:3e:bd:ee:e4:74:df:54:af:
df:26:94:92:77:0b:4c:b9:86:5e:3f:64:27:72:25:da:fd:88:
66:53:45:11:57:ce:a7:7f:d3:80:3d:7b:3b:6b:fc:68:37:07:
27:a9:ee:60:01:4a:65:6a:b0:68:b0:6d:f7:91:71:49:77:ea:
14:c4:a7:94:bd:ab:22:a0:40:c5:4b:07:b1:36:f7:04:14:6b:
56:84:5d:3a:0f:54:18:3d:bb:26:74:ae:ee:7f:35:3b:41:a8:
36:f9:e9:46
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIiyDRxPefE4UndTqGxqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ0YTllODI0ZGZmYmQzMjEwNjI4YjFmMWJiMWIyNWQwYjgyNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5E07qqy3thVWrG6mgk5j/eZqvIQ
hukdFzaukgN8rhdIpA1Rf8sGLvjbfm9dCihVhK/iIQTZ6BzEca+NvHfwhyMcQ9Wh
PeuNb2QFtd+kg+upU5kSGkhQm99vJA3uOe6B2dkNBNNjND1ME96XLK5pd5uhJMlE
rUmUqw6Xx4wpeVPGi/BArgbn1T47rE8QLIoxsPNtHi/kGEbbx7hArkJJplO6olQH
D7IDbo6MHitnqwFKaaYzZkebm1X3emCbImV2zqNKYlonKEH9BGK6wSKSHuQLmvtu
Pfsv4gYPJZVpPRwdDci1wHNNxgMuedWiYsyWRJTmp7l2MMuHtKugUZVsJwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGXUqegk3/vTIQYosfG7GyXQuCSCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWmRTcDZDVGYtOU1oQmlpeDhic2JKZEM0SklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDrEH
GjADBwEqDrEHGjwwDQYJKoZIhvcNAQELBQADggEBADxQuiVhpZeJYqfDecakZNF+
+9aV8TZs7XgAS6/XHFCkzZeJW3spG2oLt5Nv1JPqaHKuXY2dBLVPIdnOKRggJwHi
So4OPt6flp9ImKJ4Q9eu08M1WYPqNqm38P8iMv3sWiisTV6hy7k+NEihwgkBxbT7
vruQCy3TuIukrWgfbcfeMMbUULTP+5I/5Rs23soR3Bh0f2tnLw7eOhM+ve7kdN9U
r98mlJJ3C0y5hl4/ZCdyJdr9iGZTRRFXzqd/04A9eztr/Gg3Byep7mABSmVqsGiw
bfeRcUl36hTEp5S9qyKgQMVLB7E29wQUa1aEXToPVBg9uyZ0ru5/NTtBqDb56UY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:27:33 2025 by rpki-client