Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tV4zflXI9fSIgwxFKkPQRhAyRyk.roa
File: tV4zflXI9fSIgwxFKkPQRhAyRyk.roa (raw, json)
Hash identifier: Z1f74NH3kzNP7yaoZvmLnAHN/rFjIJBtqJkrZ6Pd0is=
Subject key identifier: B5:5E:33:7E:55:C8:F5:F4:88:83:0C:45:2A:43:D0:46:10:32:47:29
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 01941FFA2202967768D5CC3074E97F73297B
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tV4zflXI9fSIgwxFKkPQRhAyRyk.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/29 maxlen: 29
45.144.44.0/30 maxlen: 30
2a0e:eac0:2000::/44 maxlen: 48
2a0e:eac0:2010::/44 maxlen: 48
2a0e:eac0:2100::/44 maxlen: 48
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2110::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:22:02:96:77:68:d5:cc:30:74:e9:7f:73:29:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b55e337e55c8f5f488830c452a43d04610324729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d1:ef:54:20:62:f7:18:31:37:77:85:8f:cb:
1d:5a:db:18:80:4f:63:0e:f4:8d:21:4e:9e:a6:4e:
6b:02:65:d4:7a:a6:d4:c9:73:d9:0b:fd:67:1d:c2:
b3:d6:f3:34:66:07:8b:1b:f8:c4:a7:cb:de:1c:5d:
3e:ed:a1:ca:2e:ea:60:4a:2d:d1:79:d2:ff:17:fe:
39:c2:ba:cb:2a:26:47:d8:85:85:b3:ba:4c:f1:e8:
7d:e1:14:09:1a:3b:4f:9a:03:11:93:fe:74:b2:3e:
4d:21:f5:13:d0:b7:54:12:28:85:ef:43:3c:60:43:
3b:dc:6e:6a:17:e1:e5:db:e5:80:52:14:d5:99:1c:
31:ad:fc:49:bf:aa:1a:91:f7:de:48:41:90:4f:0c:
31:79:2a:31:6d:01:e5:86:37:c8:b9:c2:30:06:41:
f3:b8:74:00:a4:cd:28:c6:9b:a8:eb:04:6d:fc:e9:
8c:4c:b3:a6:0a:fc:94:b7:a9:0e:23:db:73:38:8c:
bd:25:34:60:35:c0:f4:82:d5:68:8e:ed:fe:62:80:
f8:9a:5a:89:b1:d4:b0:e9:34:5c:75:5e:91:5a:ae:
71:01:6c:24:de:fc:c5:10:14:1e:57:54:bd:09:d0:
48:12:70:e1:e1:b7:49:48:46:ba:7b:0e:42:30:22:
2f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5E:33:7E:55:C8:F5:F4:88:83:0C:45:2A:43:D0:46:10:32:47:29
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tV4zflXI9fSIgwxFKkPQRhAyRyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/29
IPv6:
2a0e:eac0:2000::/43
2a0e:eac0:2100::/43
Signature Algorithm: sha256WithRSAEncryption
0e:cf:ce:ff:80:21:25:eb:58:c7:15:72:94:20:65:4b:d3:3c:
78:a0:b8:5a:16:0b:5f:7c:e2:3e:65:66:e3:e0:08:ed:d2:e0:
da:59:4c:cc:76:ae:01:a6:2f:8b:e5:65:84:c9:b3:52:d2:39:
1e:d2:3f:1e:1b:a7:5d:86:6c:05:4f:7d:2f:da:e4:6c:80:db:
95:9c:36:db:9e:75:e7:0a:d4:84:18:00:34:16:e1:90:72:7f:
8e:6c:00:0e:c1:17:fc:fa:31:b7:f1:f6:5f:1f:6a:90:ec:47:
98:94:77:b9:e6:4e:33:65:c9:4d:9d:b2:44:e0:f6:2c:74:07:
34:fb:bb:6b:92:4f:53:41:d8:c4:1f:53:30:34:99:83:98:ac:
14:b5:1f:38:ba:6a:be:fc:33:1f:70:0c:8b:e2:48:56:94:3a:
7a:0d:51:c4:54:9b:39:1e:29:19:b7:71:e8:90:84:48:c7:9d:
d1:4a:41:3c:30:73:2c:81:ef:1f:2f:69:db:a8:b8:00:0f:4a:
af:b1:3d:a4:75:f6:bc:63:06:19:18:d3:21:9a:a8:14:ab:e7:
49:d7:5b:67:ac:25:9b:b0:eb:7a:33:f9:f9:e4:98:c7:7b:93:
80:e9:e5:c5:56:e6:ec:6c:68:6a:94:c7:d4:ce:90:06:9a:c3:
95:3d:5e:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+iIClndo1cwwdOl/cyl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTVlMzM3ZTU1YzhmNWY0ODg4MzBjNDUyYTQzZDA0NjEwMzI0NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tHvVCBi9xgxN3eFj8sdWtsYgE9j
DvSNIU6epk5rAmXUeqbUyXPZC/1nHcKz1vM0ZgeLG/jEp8veHF0+7aHKLupgSi3R
edL/F/45wrrLKiZH2IWFs7pM8eh94RQJGjtPmgMRk/50sj5NIfUT0LdUEiiF70M8
YEM73G5qF+Hl2+WAUhTVmRwxrfxJv6oakffeSEGQTwwxeSoxbQHlhjfIucIwBkHz
uHQApM0oxpuo6wRt/OmMTLOmCvyUt6kOI9tzOIy9JTRgNcD0gtVoju3+YoD4mlqJ
sdSw6TRcdV6RWq5xAWwk3vzFEBQeV1S9CdBIEnDh4bdJSEa6ew5CMCIvPQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLVeM35VyPX0iIMMRSpD0EYQMkcpMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvdFY0emZsWEk5ZlNJZ3d4RktrUFFSaEF5UnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTANBAIAATAHAwUDLZAsADAY
BAIAAjASAwcFKg7qwCAAAwcFKg7qwCEAMA0GCSqGSIb3DQEBCwUAA4IBAQAOz87/
gCEl61jHFXKUIGVL0zx4oLhaFgtffOI+ZWbj4Ajt0uDaWUzMdq4Bpi+L5WWEybNS
0jke0j8eG6ddhmwFT30v2uRsgNuVnDbbnnXnCtSEGAA0FuGQcn+ObAAOwRf8+jG3
8fZfH2qQ7EeYlHe55k4zZclNnbJE4PYsdAc0+7trkk9TQdjEH1MwNJmDmKwUtR84
umq+/DMfcAyL4khWlDp6DVHEVJs5HikZt3HokIRIx53RSkE8MHMsge8fL2nbqLgA
D0qvsT2kdfa8YwYZGNMhmqgUq+dJ11tnrCWbsOt6M/n55JjHe5OA6eXFVubsbGhq
lMfUzpAGmsOVPV4E
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:31 2025 by rpki-client