Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/zZaEXr3EtMrV5GDFqR230R4uN60.roa
File: zZaEXr3EtMrV5GDFqR230R4uN60.roa (raw, json)
Hash identifier: PjCIk2JcyvvjQjpjlwdj+cXINOEajOd0R5qhIPW9zZE=
Subject key identifier: CD:96:84:5E:BD:C4:B4:CA:D5:E4:60:C5:A9:1D:B7:D1:1E:2E:37:AD
Certificate issuer: /CN=3026806a6b8dac68c2a32b65849229524fc33da7
Certificate serial: 019425FDC6F2CA8B0E972E8F5C6C10DA4964
Authority key identifier: 30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/zZaEXr3EtMrV5GDFqR230R4uN60.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47536
IP address blocks: 193.105.29.0/24 maxlen: 24
2001:678:964::/48 maxlen: 48
2001:678:a00::/48 maxlen: 48
2a12:79c0:100::/48 maxlen: 48
2a12:79c0:200::/48 maxlen: 48
2a12:79c0:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:f2:ca:8b:0e:97:2e:8f:5c:6c:10:da:49:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3026806a6b8dac68c2a32b65849229524fc33da7
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd96845ebdc4b4cad5e460c5a91db7d11e2e37ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6a:db:aa:e6:30:45:3e:ef:c3:87:7c:8b:b4:
56:c9:60:09:ff:bf:ec:40:e6:ac:1e:4a:c6:3d:9d:
6d:7f:7b:ea:06:65:41:ef:fd:82:bc:40:30:bd:77:
39:7b:61:f1:d8:e6:63:f9:29:80:33:95:d0:09:4c:
52:6b:69:56:b3:1b:9d:bf:49:4c:03:d8:f9:bc:92:
a0:39:b5:68:b2:91:cb:a0:3e:a7:d4:4f:d8:37:4e:
99:fc:fe:08:24:69:07:9c:bb:70:03:27:e1:86:40:
b8:a7:f7:df:7e:8e:cc:c7:c4:63:e6:78:ba:f7:98:
1c:16:7b:57:7d:b9:53:22:a8:f6:6d:28:1a:fe:cb:
41:72:13:04:2f:29:56:b5:ce:4c:cb:aa:4e:6f:fd:
bb:dc:6a:b3:c7:90:61:b1:10:e2:ad:74:c0:eb:75:
66:0d:d8:83:ca:1d:0c:51:a8:c0:cf:37:71:53:77:
1f:c6:79:e1:81:ca:7c:0a:5d:0d:44:a9:f9:59:b3:
c4:db:dc:32:fd:d6:02:d5:38:b9:7e:9d:33:2a:1a:
04:6a:10:21:56:71:c8:54:c3:82:5d:e0:64:da:5b:
c2:76:d3:f3:41:23:cc:75:2a:7a:6b:eb:65:6a:b4:
09:89:b1:11:ad:e2:9c:fc:91:1c:6f:70:86:20:e9:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:96:84:5E:BD:C4:B4:CA:D5:E4:60:C5:A9:1D:B7:D1:1E:2E:37:AD
X509v3 Authority Key Identifier:
keyid:30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/zZaEXr3EtMrV5GDFqR230R4uN60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.29.0/24
IPv6:
2001:678:964::/48
2001:678:a00::/48
2a12:79c0:100::/48
2a12:79c0:200::/48
2a12:79c0:300::/48
Signature Algorithm: sha256WithRSAEncryption
18:88:39:d9:51:d6:c3:ca:11:80:af:1e:e8:8b:c8:ed:d4:d9:
f5:bc:fe:cd:3f:58:08:8a:17:44:7a:6a:57:6c:90:6e:86:07:
9d:cc:88:32:41:c3:b7:b2:39:52:80:c4:84:16:a6:4d:10:4b:
b0:c3:07:8f:d4:e9:8f:2d:b9:1c:6a:56:50:9c:75:cf:15:85:
92:56:5e:ab:f0:29:dd:bc:ff:aa:8e:2d:1d:de:ed:df:df:97:
b7:d5:fa:ec:85:c3:96:fe:c2:5b:4e:ae:d4:e6:01:f5:f3:fe:
ba:0c:d4:5f:04:a9:e2:f7:8e:48:aa:04:c1:d3:f3:f8:82:8c:
97:98:ad:1b:5c:29:e9:3c:d8:93:ed:f0:86:29:0c:f0:a6:48:
d5:75:59:03:ae:58:9d:82:23:03:cf:e4:64:ac:dc:74:b5:bc:
5d:25:dd:69:7e:4b:2c:ef:7b:5d:d2:f3:4e:13:6c:2d:96:a0:
26:2b:be:be:cb:f7:e4:59:02:09:84:dd:8e:d2:79:fd:7f:91:
81:85:7f:87:9e:90:f6:15:25:24:b5:a4:b8:ac:2e:52:c7:e9:
8b:1c:c5:e2:79:d8:21:0d:c2:91:c8:9a:6b:b4:06:a7:f4:1c:
be:3a:4b:ba:08:17:49:74:06:15:20:32:f5:d2:f8:bf:67:ff:
29:5e:af:d8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQl/cbyyosOly6PXGwQ2klkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjY4MDZhNmI4ZGFjNjhjMmEzMmI2NTg0OTIyOTUyNGZj
MzNkYTcwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDk2ODQ1ZWJkYzRiNGNhZDVlNDYwYzVhOTFkYjdkMTFlMmUzN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mrbquYwRT7vw4d8i7RWyWAJ/7/s
QOasHkrGPZ1tf3vqBmVB7/2CvEAwvXc5e2Hx2OZj+SmAM5XQCUxSa2lWsxudv0lM
A9j5vJKgObVospHLoD6n1E/YN06Z/P4IJGkHnLtwAyfhhkC4p/fffo7Mx8Rj5ni6
95gcFntXfblTIqj2bSga/stBchMELylWtc5My6pOb/273Gqzx5BhsRDirXTA63Vm
DdiDyh0MUajAzzdxU3cfxnnhgcp8Cl0NRKn5WbPE29wy/dYC1Ti5fp0zKhoEahAh
VnHIVMOCXeBk2lvCdtPzQSPMdSp6a+tlarQJibERreKc/JEcb3CGIOk8YwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFM2WhF69xLTK1eRgxakdt9EeLjetMB8GA1UdIwQY
MBaAFDAmgGprjaxowqMrZYSSKVJPwz2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUt
MDhlMmIxMDE3OTI3LzEvelphRVhyM0V0TXJWNUdERnFSMjMwUjR1TjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUtMDhlMmIxMDE3OTI3
LzEvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAwWkdMDME
AgACMC0DBwAgAQZ4CWQDBwAgAQZ4CgADBwAqEnnAAQADBwAqEnnAAgADBwAqEnnA
AwAwDQYJKoZIhvcNAQELBQADggEBABiIOdlR1sPKEYCvHuiLyO3U2fW8/s0/WAiK
F0R6aldskG6GB53MiDJBw7eyOVKAxIQWpk0QS7DDB4/U6Y8tuRxqVlCcdc8VhZJW
XqvwKd28/6qOLR3e7d/fl7fV+uyFw5b+wltOrtTmAfXz/roM1F8EqeL3jkiqBMHT
8/iCjJeYrRtcKek82JPt8IYpDPCmSNV1WQOuWJ2CIwPP5GSs3HS1vF0l3Wl+Syzv
e13S804TbC2WoCYrvr7L9+RZAgmE3Y7Sef1/kYGFf4eekPYVJSS1pLisLlLH6Ysc
xeJ52CENwpHImmu0Bqf0HL46S7oIF0l0BhUgMvXS+L9n/yler9g=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:28:17 2025 by rpki-client