Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/ZdiJyoo-l9tkMe9J769OhHUhgMY.roa
File: ZdiJyoo-l9tkMe9J769OhHUhgMY.roa (raw, json)
Hash identifier: AHUi1asCEzcucu2jHRjdz9eQqbhd55OH2AnByHrwu+A=
Subject key identifier: 65:D8:89:CA:8A:3E:97:DB:64:31:EF:49:EF:AF:4E:84:75:21:80:C6
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F7B9DCF956066BEFF2C302C6328D7
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/ZdiJyoo-l9tkMe9J769OhHUhgMY.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207359
IP address blocks: 2a01:e901:10e::/48 maxlen: 48
2a01:e901:11e::/48 maxlen: 48
2a01:e901:12e::/48 maxlen: 48
2a01:e901:13e::/48 maxlen: 48
2a01:e901:14e::/48 maxlen: 48
2a01:e901:15e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7b:9d:cf:95:60:66:be:ff:2c:30:2c:63:28:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d889ca8a3e97db6431ef49efaf4e84752180c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:93:f8:4a:98:95:57:91:11:c6:74:11:21:87:
7e:34:c1:5c:69:40:da:69:b7:40:0c:52:66:7d:c2:
2f:c2:45:66:43:26:c9:8f:37:a4:bc:67:05:75:10:
fc:a0:ad:a4:b9:26:5b:25:82:0c:2f:69:14:ca:8b:
2a:15:19:9d:0a:ee:46:05:af:6b:13:1b:42:37:82:
17:93:91:95:fe:60:af:39:11:a2:04:04:01:e6:4a:
34:a6:d4:84:88:e8:d4:14:07:af:a0:78:57:ec:f0:
07:92:4a:42:be:a0:0f:c8:1e:4b:d3:80:5d:49:66:
e3:77:1b:64:4e:09:bd:3e:96:5a:3a:03:93:32:c6:
0f:95:ba:4f:ef:71:82:9b:f9:0a:29:92:8c:53:03:
ae:d6:dd:c8:ef:e2:18:46:ed:8b:88:c5:03:85:6c:
77:59:40:f6:54:69:02:46:0b:18:b9:71:5e:93:20:
35:1f:87:45:88:5f:7e:8e:fa:db:6f:86:39:fd:8b:
99:3e:c9:60:e7:9a:d5:b6:48:b3:87:75:15:fd:f6:
cb:d1:dd:f4:c8:33:fd:75:20:00:1e:ba:bf:e3:fa:
7a:8e:f4:fe:27:81:95:85:5b:81:0c:1d:05:95:db:
99:6c:50:86:2a:fc:6d:01:35:9b:a5:91:1b:72:7b:
a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D8:89:CA:8A:3E:97:DB:64:31:EF:49:EF:AF:4E:84:75:21:80:C6
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/ZdiJyoo-l9tkMe9J769OhHUhgMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10e::/48
2a01:e901:11e::/48
2a01:e901:12e::/48
2a01:e901:13e::/48
2a01:e901:14e::/48
2a01:e901:15e::/48
Signature Algorithm: sha256WithRSAEncryption
a1:f0:f6:2e:a0:b6:b9:f9:37:1a:b1:91:db:6a:37:6f:c2:59:
a5:9d:34:39:24:a9:bb:c8:97:c8:31:bf:58:78:ce:23:15:9a:
5d:95:12:6f:3c:2e:87:d2:16:7f:4a:49:53:06:0b:76:8b:82:
a2:62:0d:45:7d:01:c5:0b:c6:01:3d:28:b7:9c:c7:1f:7f:80:
fc:d0:a3:7d:da:12:1e:03:1c:41:fc:94:02:1c:05:d0:ca:13:
4c:1f:37:05:8a:b1:b3:68:7f:68:4c:c2:1e:ae:1b:66:03:be:
ab:1a:cc:b9:6f:bc:31:a6:5d:0f:b1:53:c3:57:7e:6a:00:97:
0d:7e:e4:e4:82:66:12:6b:1d:94:8f:44:93:6e:73:fd:45:ac:
a0:c5:d1:75:d9:90:f6:1e:83:66:26:c8:3e:da:e9:e1:95:50:
ee:bf:d4:fc:15:43:86:49:02:29:b2:62:8e:09:f3:38:8d:f6:
c4:5c:21:d3:97:98:4f:a5:f3:ae:24:cf:45:b5:4f:2b:9a:39:
de:f6:0d:c7:4f:e1:a2:12:a6:1b:ef:c2:a6:ab:80:2d:c2:bc:
dd:85:6c:00:69:e9:22:f5:53:d5:c6:04:a0:88:6f:de:91:5f:
66:77:c2:a4:ea:cb:c1:9f:0d:f3:6c:f3:fd:e4:de:d1:ec:6d:
cb:77:42:d2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiH3udz5VgZr7/LDAsYyjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ4ODljYThhM2U5N2RiNjQzMWVmNDllZmFmNGU4NDc1MjE4MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZP4SpiVV5ERxnQRIYd+NMFcaUDa
abdADFJmfcIvwkVmQybJjzekvGcFdRD8oK2kuSZbJYIML2kUyosqFRmdCu5GBa9r
ExtCN4IXk5GV/mCvORGiBAQB5ko0ptSEiOjUFAevoHhX7PAHkkpCvqAPyB5L04Bd
SWbjdxtkTgm9PpZaOgOTMsYPlbpP73GCm/kKKZKMUwOu1t3I7+IYRu2LiMUDhWx3
WUD2VGkCRgsYuXFekyA1H4dFiF9+jvrbb4Y5/YuZPslg55rVtkizh3UV/fbL0d30
yDP9dSAAHrq/4/p6jvT+J4GVhVuBDB0FlduZbFCGKvxtATWbpZEbcnujJwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGXYicqKPpfbZDHvSe+vToR1IYDGMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvWmRpSnlvby1sOXRrTWU5Sjc2OU9oSFVoZ01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEO
AwcAKgHpAQEeAwcAKgHpAQEuAwcAKgHpAQE+AwcAKgHpAQFOAwcAKgHpAQFeMA0G
CSqGSIb3DQEBCwUAA4IBAQCh8PYuoLa5+TcasZHbajdvwlmlnTQ5JKm7yJfIMb9Y
eM4jFZpdlRJvPC6H0hZ/SklTBgt2i4KiYg1FfQHFC8YBPSi3nMcff4D80KN92hIe
AxxB/JQCHAXQyhNMHzcFirGzaH9oTMIerhtmA76rGsy5b7wxpl0PsVPDV35qAJcN
fuTkgmYSax2Uj0STbnP9RaygxdF12ZD2HoNmJsg+2unhlVDuv9T8FUOGSQIpsmKO
CfM4jfbEXCHTl5hPpfOuJM9FtU8rmjne9g3HT+GiEqYb78Kmq4AtwrzdhWwAaeki
9VPVxgSgiG/ekV9md8Kk6svBnw3zbPP95N7R7G3Ld0LS
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:12 2025 by rpki-client