Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/y_jzZWxrMh2AT3qjdH5sDFcbnso.roa
File: y_jzZWxrMh2AT3qjdH5sDFcbnso.roa (raw, json)
Hash identifier: UBOvdV+QBpMo/gPKyJWNtGffNnN28PAA/OvI521Vudc=
Subject key identifier: CB:F8:F3:65:6C:6B:32:1D:80:4F:7A:A3:74:7E:6C:0C:57:1B:9E:CA
Certificate issuer: /CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af
Certificate serial: 0196ED5EA68DB06EE4F90FF1B602E0D45903
Authority key identifier: AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/y_jzZWxrMh2AT3qjdH5sDFcbnso.roa
Signing time: Tue 20 May 2025 11:05:25 +0000
ROA not before: Tue 20 May 2025 11:05:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35463
IP address blocks: 93.175.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:5e:a6:8d:b0:6e:e4:f9:0f:f1:b6:02:e0:d4:59:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af
Validity
Not Before: May 20 11:05:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbf8f3656c6b321d804f7aa3747e6c0c571b9eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7e:ce:0e:04:50:3c:61:a1:7f:3a:74:a4:62:
89:b0:39:a1:15:ba:1d:9c:be:40:e6:9e:c2:d9:7a:
03:08:95:bf:68:7b:6d:07:e3:ce:21:30:be:c9:2b:
e2:b7:bb:a5:84:d4:c2:09:33:ff:3a:d6:57:4d:38:
73:a8:54:a7:4e:ba:41:56:51:cd:ff:e6:7f:c3:ce:
67:bb:e0:ba:90:0b:4e:2e:df:a5:2c:a8:2f:16:ee:
3b:41:83:01:77:da:cf:1b:2a:7c:12:48:bd:62:32:
d4:ca:05:d5:c0:2e:64:10:d6:cf:b0:fe:8e:f9:29:
39:80:e4:97:71:10:4b:ea:97:af:a4:53:cd:37:18:
9a:6f:2e:1b:fd:33:94:5c:91:20:09:59:b1:5f:2f:
c5:e5:05:7e:4d:06:3b:e0:41:a9:31:e6:aa:2d:5f:
17:31:49:5c:b4:d0:54:bb:9d:22:ae:4c:6c:2c:6c:
67:8d:1c:e3:14:c1:87:c4:e7:ee:90:ef:74:89:df:
79:ad:b4:5a:d6:5a:40:eb:f9:c6:84:b5:89:9b:7e:
5f:49:cb:45:92:f1:22:1e:9e:3a:ea:27:ca:ea:07:
cc:09:f0:27:84:78:a9:d9:10:82:3b:03:b3:e1:56:
e0:27:1f:cc:b7:15:36:ef:06:15:56:5c:25:7d:85:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F8:F3:65:6C:6B:32:1D:80:4F:7A:A3:74:7E:6C:0C:57:1B:9E:CA
X509v3 Authority Key Identifier:
keyid:AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/y_jzZWxrMh2AT3qjdH5sDFcbnso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.175.160.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:4c:ab:51:6e:84:cf:32:ae:48:e5:d6:fe:d0:c1:5b:3d:db:
81:ad:9d:e0:6f:c5:1c:79:fc:da:71:80:91:99:c1:d1:83:99:
79:03:fb:6c:43:36:9c:c5:ef:2c:4d:2d:0d:3f:2e:53:3b:d7:
35:04:23:41:f6:4e:4d:75:a2:1b:f0:86:7c:9a:e3:a9:2d:77:
44:6a:f8:ae:3f:15:b6:eb:f3:1f:19:9f:73:2b:d1:e9:a4:de:
83:8a:bd:85:0a:14:f4:c2:5d:07:17:da:64:78:4d:eb:7b:90:
34:8a:e4:e2:0d:e3:aa:9a:90:39:77:f6:77:fc:2e:b3:83:d4:
bc:06:bb:70:8a:2c:b4:88:de:78:e5:bf:69:41:59:6b:ad:b4:
13:ff:10:88:32:e5:9e:16:4b:6d:f0:d5:21:5e:15:f3:e3:4a:
d3:a4:07:a6:c6:a6:d1:fd:aa:5e:0a:9d:ce:31:5f:aa:58:56:
30:e3:94:25:1a:fd:34:83:57:98:16:a3:42:bb:5a:52:25:61:
51:cf:2e:82:7e:ea:22:d9:cf:70:22:ff:35:dc:15:ab:4e:e3:
40:2e:d9:58:77:45:29:64:c4:97:c5:04:3d:85:72:b1:94:8c:
d1:f3:f9:df:6c:42:8d:b3:60:88:26:19:61:35:82:d7:7c:47:
1d:dc:a2:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbtXqaNsG7k+Q/xtgLg1FkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTQ3OWFmZTNhOWExOGUxYzM3NGZjYTAyMmQxZmYyYTI1
NWIxYWYwHhcNMjUwNTIwMTEwNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY4ZjM2NTZjNmIzMjFkODA0ZjdhYTM3NDdlNmMwYzU3MWI5ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+H7ODgRQPGGhfzp0pGKJsDmhFbod
nL5A5p7C2XoDCJW/aHttB+POITC+ySvit7ulhNTCCTP/OtZXTThzqFSnTrpBVlHN
/+Z/w85nu+C6kAtOLt+lLKgvFu47QYMBd9rPGyp8Eki9YjLUygXVwC5kENbPsP6O
+Sk5gOSXcRBL6pevpFPNNxiaby4b/TOUXJEgCVmxXy/F5QV+TQY74EGpMeaqLV8X
MUlctNBUu50irkxsLGxnjRzjFMGHxOfukO90id95rbRa1lpA6/nGhLWJm35fSctF
kvEiHp466ifK6gfMCfAnhHip2RCCOwOz4VbgJx/MtxU27wYVVlwlfYXcgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMv482VsazIdgE96o3R+bAxXG57KMB8GA1UdIwQY
MBaAFK2Uea/jqaGOHDdPygItH/KiVbGvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQt
YjE2MjQyYjliZGU3LzEveV9qelpXeHJNaDJBVDNxamRINXNERmNibnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQtYjE2MjQyYjliZGU3
LzEvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEXa+gMA0G
CSqGSIb3DQEBCwUAA4IBAQCqTKtRboTPMq5I5db+0MFbPduBrZ3gb8UcefzacYCR
mcHRg5l5A/tsQzacxe8sTS0NPy5TO9c1BCNB9k5NdaIb8IZ8muOpLXdEaviuPxW2
6/MfGZ9zK9HppN6Dir2FChT0wl0HF9pkeE3re5A0iuTiDeOqmpA5d/Z3/C6zg9S8
Brtwiiy0iN545b9pQVlrrbQT/xCIMuWeFktt8NUhXhXz40rTpAemxqbR/apeCp3O
MV+qWFYw45QlGv00g1eYFqNCu1pSJWFRzy6Cfuoi2c9wIv813BWrTuNALtlYd0Up
ZMSXxQQ9hXKxlIzR8/nfbEKNs2CIJhlhNYLXfEcd3KLo
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:37:57 2025 by rpki-client