Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/CicZBBxXimIHZjGjJxw0-P_TKwA.roa
File: CicZBBxXimIHZjGjJxw0-P_TKwA.roa (raw, json)
Hash identifier: WCF5D0GYPfyQKw7aRx70x9QWu1BJyay4IJiNMiHqns8=
Subject key identifier: 0A:27:19:04:1C:57:8A:62:07:66:31:A3:27:1C:34:F8:FF:D3:2B:00
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 019427B5DC2D4642F8B1D8234CDA300460E0
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/CicZBBxXimIHZjGjJxw0-P_TKwA.roa
Signing time: Thu 02 Jan 2025 15:50:17 +0000
ROA not before: Thu 02 Jan 2025 15:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211444
IP address blocks: 2a09:be41::/32 maxlen: 32
2a09:be42::/32 maxlen: 32
2a09:be43::/32 maxlen: 32
2a09:be44::/32 maxlen: 32
2a09:be45::/32 maxlen: 32
2a09:be46::/32 maxlen: 32
2a09:be47::/32 maxlen: 32
2a0e:ec02::/32 maxlen: 48
2a0e:ec03::/32 maxlen: 48
2a12:49c0::/32 maxlen: 32
2a12:49c1::/32 maxlen: 32
2a12:49c2::/32 maxlen: 32
2a12:49c3::/32 maxlen: 32
2a12:49c4::/32 maxlen: 32
2a12:49c5::/32 maxlen: 32
2a12:49c6::/32 maxlen: 32
2a12:49c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:dc:2d:46:42:f8:b1:d8:23:4c:da:30:04:60:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 2 15:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a2719041c578a62076631a3271c34f8ffd32b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0e:1d:20:d0:d4:d8:35:a0:ca:62:bf:42:1e:
ae:18:61:a0:fb:38:3c:61:ba:6f:28:20:4c:0e:9a:
c7:4c:f9:ba:e5:c9:71:62:49:6e:1b:fa:29:d0:31:
fe:8a:ec:bf:1b:d0:38:37:5f:7d:be:8f:06:15:28:
a6:fc:0c:23:aa:55:72:a2:8c:94:76:09:7d:40:de:
ef:75:7b:a4:b2:bc:57:7f:fb:7b:6b:29:75:93:b8:
2b:ea:87:b5:85:1d:43:2d:a3:48:87:8b:a9:59:03:
2c:f1:61:86:7f:ea:74:19:a4:d9:b6:5c:1d:1a:82:
5b:00:38:f4:eb:82:43:ec:2b:08:b6:e6:1b:c9:fb:
57:4b:7f:d0:27:0b:61:f1:eb:81:bc:ed:e7:d4:b2:
bd:9f:4c:26:69:ee:3b:a4:d5:ed:06:3a:2f:ad:30:
e8:f9:7b:ad:34:08:34:57:2a:97:58:69:c3:44:48:
78:06:0a:1f:e9:75:1f:40:b5:75:d8:d4:de:8f:50:
07:fa:c9:c5:ac:d5:86:24:d0:15:bb:53:35:26:31:
a0:69:e6:77:25:09:31:af:48:5a:6a:be:8b:86:ff:
ed:1e:5e:1e:6f:54:38:57:58:7d:e2:10:8d:d5:9d:
8b:3b:17:f3:c7:1c:92:f8:a6:f2:5b:4d:86:4f:8f:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:27:19:04:1C:57:8A:62:07:66:31:A3:27:1C:34:F8:FF:D3:2B:00
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/CicZBBxXimIHZjGjJxw0-P_TKwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec02::/31
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:f9:ce:a8:c1:4d:60:d8:5b:f2:b0:a3:f7:95:79:8b:92:74:
77:69:f9:c1:4e:9b:48:aa:c4:0c:1b:37:3d:38:1f:06:25:ad:
ae:41:5b:02:31:a3:47:bb:55:4a:53:62:c4:cc:af:c4:4e:ec:
8f:54:ea:9e:16:d4:dc:69:fc:0b:94:dd:ef:1f:b1:14:ec:1c:
3e:25:ad:ad:c9:97:3c:f8:14:c1:02:7d:70:78:91:0c:2e:a5:
4e:31:66:ba:0c:b5:94:ee:f3:ea:d4:4c:81:b8:21:1a:47:3c:
e3:49:12:86:a7:a7:38:22:b2:a7:d8:f8:29:64:e8:da:35:9c:
5c:3f:91:dd:02:c0:5f:07:fe:10:c7:43:13:98:0e:e0:a1:dc:
8c:31:f5:8c:52:26:aa:05:e5:db:dd:ee:2c:0f:8b:df:fd:62:
01:2c:c3:3f:bf:56:ac:67:3f:73:6d:86:53:1d:4e:49:45:fc:
7d:a2:98:8b:7d:92:6b:5c:2a:62:bc:2b:52:9a:40:e8:37:cc:
8a:89:66:8a:ca:62:fb:dd:7d:57:17:06:06:1e:4d:b6:44:fa:
99:8e:28:4a:de:79:98:6c:8d:36:78:14:6f:eb:d6:fc:5d:52:
b6:e4:9b:4f:b5:cb:c4:34:81:6f:15:37:ca:bd:c2:c4:77:cf:
b1:b3:23:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntdwtRkL4sdgjTNowBGDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjUwMTAyMTU1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTI3MTkwNDFjNTc4YTYyMDc2NjMxYTMyNzFjMzRmOGZmZDMyYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g4dINDU2DWgymK/Qh6uGGGg+zg8
YbpvKCBMDprHTPm65clxYkluG/op0DH+iuy/G9A4N199vo8GFSim/AwjqlVyooyU
dgl9QN7vdXuksrxXf/t7ayl1k7gr6oe1hR1DLaNIh4upWQMs8WGGf+p0GaTZtlwd
GoJbADj064JD7CsItuYbyftXS3/QJwth8euBvO3n1LK9n0wmae47pNXtBjovrTDo
+XutNAg0VyqXWGnDREh4Bgof6XUfQLV12NTej1AH+snFrNWGJNAVu1M1JjGgaeZ3
JQkxr0haar6Lhv/tHl4eb1Q4V1h94hCN1Z2LOxfzxxyS+KbyW02GT49i5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAonGQQcV4piB2YxoyccNPj/0ysAMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvQ2ljWkJCeFhpbUlIWmpHakp4dzAtUF9US3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqCb5B
AwUDKgm+QAMFASoO7AIDBQMqEknAMA0GCSqGSIb3DQEBCwUAA4IBAQCR+c6owU1g
2FvysKP3lXmLknR3afnBTptIqsQMGzc9OB8GJa2uQVsCMaNHu1VKU2LEzK/ETuyP
VOqeFtTcafwLlN3vH7EU7Bw+Ja2tyZc8+BTBAn1weJEMLqVOMWa6DLWU7vPq1EyB
uCEaRzzjSRKGp6c4IrKn2PgpZOjaNZxcP5HdAsBfB/4Qx0MTmA7godyMMfWMUiaq
BeXb3e4sD4vf/WIBLMM/v1asZz9zbYZTHU5JRfx9opiLfZJrXCpivCtSmkDoN8yK
iWaKymL73X1XFwYGHk22RPqZjihK3nmYbI02eBRv69b8XVK25JtPtcvENIFvFTfK
vcLEd8+xsyNG
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:40:59 2025 by rpki-client