Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vr_zbA-NZ5Xp8P1tfn2d-cBJgcw.roa
File: vr_zbA-NZ5Xp8P1tfn2d-cBJgcw.roa (raw, json)
Hash identifier: zxd1M8bOQs1nXo2/V4VDR4uUd6cKgFzCDa4Gr1iIuIo=
Subject key identifier: BE:BF:F3:6C:0F:8D:67:95:E9:F0:FD:6D:7E:7D:9D:F9:C0:49:81:CC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252246173CD3696AF755304A8C154097
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vr_zbA-NZ5Xp8P1tfn2d-cBJgcw.roa
Signing time: Thu 02 Jan 2025 03:49:50 +0000
ROA not before: Thu 02 Jan 2025 03:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210864
IP address blocks: 2a0e:b107:1a00::/48 maxlen: 48
2a0e:b107:1a01::/48 maxlen: 48
2a0e:b107:1a02::/48 maxlen: 48
2a0e:b107:1a03::/48 maxlen: 48
2a0e:b107:1a04::/48 maxlen: 48
2a0e:b107:1a05::/48 maxlen: 48
2a0e:b107:1a06::/48 maxlen: 48
2a0e:b107:1a07::/48 maxlen: 48
2a0e:b107:1a08::/48 maxlen: 48
2a0e:b107:1a09::/48 maxlen: 48
2a0e:b107:1a0a::/48 maxlen: 48
2a0e:b107:1a0b::/48 maxlen: 48
2a0e:b107:1a0c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:46:17:3c:d3:69:6a:f7:55:30:4a:8c:15:40:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bebff36c0f8d6795e9f0fd6d7e7d9df9c04981cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:06:c9:52:52:88:70:f0:35:3e:53:a9:3d:41:
bc:e1:07:a0:f1:0c:20:d4:7c:43:f0:85:6a:f5:a6:
23:32:c5:1e:11:df:b0:d2:4e:bc:e6:7e:3f:a9:a5:
78:6e:c0:3f:e1:7a:74:e5:2a:81:e5:91:c4:62:ad:
d3:eb:1e:43:b6:bd:6a:80:bf:af:03:39:09:27:74:
cb:b9:41:be:9c:90:84:ba:6e:5c:77:30:5d:97:7e:
9a:f2:c7:71:a4:ba:eb:41:21:ad:8d:4b:33:17:ed:
78:71:ed:58:a1:8b:bf:f9:a7:57:e6:d8:7d:c1:c0:
22:ca:e6:d7:94:0c:6c:d5:d3:3b:df:a5:3e:78:2e:
24:9f:24:df:e5:e7:65:e3:60:20:95:a6:c1:59:b3:
6a:46:8f:2f:a7:e2:b7:20:e3:03:cd:64:d6:5c:f0:
58:bd:5d:d6:b1:37:9e:d3:2b:11:83:8d:bc:dd:d8:
9a:87:22:38:9f:95:59:b8:ec:23:97:1c:bb:e5:97:
61:ce:53:fe:d7:e2:17:c6:6f:07:49:1a:ea:63:22:
11:dc:f7:e1:b8:04:0e:9f:f4:31:55:c9:bb:b7:0e:
30:fa:99:37:e9:c9:23:50:77:93:5d:d1:2c:c3:ff:
38:a6:fa:bd:67:e9:84:19:9a:d2:4e:7e:ec:66:21:
3c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BF:F3:6C:0F:8D:67:95:E9:F0:FD:6D:7E:7D:9D:F9:C0:49:81:CC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vr_zbA-NZ5Xp8P1tfn2d-cBJgcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a00::-2a0e:b107:1a0c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:a6:79:e6:a1:bc:07:db:a2:b9:64:09:d5:4d:23:61:aa:77:
ce:03:11:40:48:c3:f0:2a:5d:a4:c3:21:44:4a:71:3b:56:5f:
ff:42:78:5d:b5:5a:4d:0e:0b:8c:1e:4c:a1:82:e3:92:91:1f:
b5:64:f0:ea:c3:51:4c:c9:04:ea:0c:61:94:42:05:ce:be:f0:
d6:6e:bd:ad:5f:ef:02:f7:2c:76:cc:5a:9b:20:e9:92:75:f3:
92:72:81:b2:89:bc:43:a2:0a:d1:aa:f8:e1:70:43:85:e9:01:
b8:57:ad:a8:3b:85:d4:ef:0f:9a:a1:2c:24:d7:27:e0:bf:a9:
7c:b9:e4:c7:e3:0a:fc:47:54:4e:94:23:5d:83:7a:35:42:87:
91:eb:80:21:d7:12:9a:cb:86:01:31:8d:72:86:64:18:a9:b7:
a8:da:1d:f6:5b:e6:07:aa:1c:d7:d3:c3:2e:41:22:44:ee:9b:
2f:e5:dd:67:6b:71:62:2d:b4:aa:3f:c4:1a:83:3d:74:a7:9b:
0b:93:ef:e0:7a:94:c2:b0:cb:cd:79:61:2f:51:22:33:4e:78:
65:e9:91:06:25:c1:30:cd:35:8d:97:89:d0:f1:03:b8:db:ac:
a6:d4:9a:fa:a7:52:b0:74:7e:12:29:a6:67:6d:33:22:72:12:
e2:f4:14:05
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQlIkYXPNNpavdVMEqMFUCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWJmZjM2YzBmOGQ2Nzk1ZTlmMGZkNmQ3ZTdkOWRmOWMwNDk4MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AbJUlKIcPA1PlOpPUG84Qeg8Qwg
1HxD8IVq9aYjMsUeEd+w0k685n4/qaV4bsA/4Xp05SqB5ZHEYq3T6x5Dtr1qgL+v
AzkJJ3TLuUG+nJCEum5cdzBdl36a8sdxpLrrQSGtjUszF+14ce1YoYu/+adX5th9
wcAiyubXlAxs1dM736U+eC4knyTf5edl42AglabBWbNqRo8vp+K3IOMDzWTWXPBY
vV3WsTee0ysRg4283diahyI4n5VZuOwjlxy75ZdhzlP+1+IXxm8HSRrqYyIR3Pfh
uAQOn/QxVcm7tw4w+pk36ckjUHeTXdEsw/84pvq9Z+mEGZrSTn7sZiE8cwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL6/82wPjWeV6fD9bX59nfnASYHMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdnJfemJBLU5aNVhwOFAxdGZuMmQtY0JKZ2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgEqDrEH
GgMHACoOsQcaDDANBgkqhkiG9w0BAQsFAAOCAQEAlqZ55qG8B9uiuWQJ1U0jYap3
zgMRQEjD8CpdpMMhREpxO1Zf/0J4XbVaTQ4LjB5MoYLjkpEftWTw6sNRTMkE6gxh
lEIFzr7w1m69rV/vAvcsdsxamyDpknXzknKBsom8Q6IK0ar44XBDhekBuFetqDuF
1O8PmqEsJNcn4L+pfLnkx+MK/EdUTpQjXYN6NUKHkeuAIdcSmsuGATGNcoZkGKm3
qNod9lvmB6oc19PDLkEiRO6bL+XdZ2txYi20qj/EGoM9dKebC5Pv4HqUwrDLzXlh
L1EiM054ZemRBiXBMM01jZeJ0PEDuNusptSa+qdSsHR+EimmZ20zInIS4vQUBQ==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:50:48 2025 by rpki-client