Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/ZUnY6DcgMFOkn5YPuY63h16XVew.roa
File: ZUnY6DcgMFOkn5YPuY63h16XVew.roa (raw, json)
Hash identifier: j75VTgwm6ax4o8jG9UYWYEtlaoF5sYfNI7iKEcRNxJM=
Subject key identifier: 65:49:D8:E8:37:20:30:53:A4:9F:96:0F:B9:8E:B7:87:5E:97:55:EC
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 0194206867CEE52B186B1E0627088ADF3BBA
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/ZUnY6DcgMFOkn5YPuY63h16XVew.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201641
IP address blocks: 185.102.100.0/22 maxlen: 24
194.15.212.0/24 maxlen: 24
2001:67c:6e8::/48 maxlen: 48
2a10:a600::/32 maxlen: 48
2a10:a600:c0da::/48 maxlen: 48
2a10:a600:c0db::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:67:ce:e5:2b:18:6b:1e:06:27:08:8a:df:3b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6549d8e837203053a49f960fb98eb7875e9755ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e4:23:56:91:0d:fa:ba:3c:2d:c0:ff:5a:05:
36:e2:4e:f1:83:b6:80:0c:a3:d5:8e:5f:37:91:43:
c7:df:5e:d5:18:53:a7:01:e8:9a:3e:28:36:70:b7:
78:d9:4d:fd:f5:5c:a9:76:a0:dc:ff:73:f1:75:f5:
42:ed:92:f0:5b:04:d7:ed:f8:3c:3d:ef:31:5d:81:
3b:db:1c:be:7b:b9:71:a2:89:86:7f:4f:e3:18:47:
94:e7:33:b8:bd:79:2b:91:ba:a8:d0:71:11:00:f2:
fd:45:f9:ea:8f:81:a6:d3:1d:33:c3:00:3d:e5:6a:
37:85:0b:fe:bb:d6:8e:50:2a:9d:5a:22:3c:cb:c1:
3b:55:14:3b:b3:74:b2:c3:51:86:32:4e:a4:78:f4:
9d:31:54:58:23:39:8b:c6:56:23:dd:b0:3d:be:20:
cb:7e:39:6d:a1:37:85:3c:b8:c4:44:d5:8c:22:7f:
c5:02:06:09:17:e9:14:a8:b5:ba:ca:20:41:17:f1:
e3:64:c6:5b:01:ee:f3:bc:6e:7c:e6:a3:10:4b:df:
48:d0:f8:ad:01:76:e7:91:7c:10:91:9f:c8:87:54:
2b:2d:d7:07:a3:4c:e2:71:27:70:10:7b:49:84:78:
36:a8:b6:0a:1c:8a:92:29:14:7f:10:fc:9f:bb:f6:
ea:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:49:D8:E8:37:20:30:53:A4:9F:96:0F:B9:8E:B7:87:5E:97:55:EC
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/ZUnY6DcgMFOkn5YPuY63h16XVew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.100.0/22
194.15.212.0/24
IPv6:
2001:67c:6e8::/48
2a10:a600::/32
Signature Algorithm: sha256WithRSAEncryption
79:cf:d6:b9:b3:a8:99:79:f8:87:2a:ea:40:0f:5e:a0:ff:9b:
36:c5:da:a6:89:ca:bc:e8:e4:2e:f2:f9:56:c2:ed:0a:6b:30:
bb:1f:37:33:71:e8:41:ef:2e:87:5f:eb:6d:26:91:c9:df:ed:
25:19:95:77:27:17:2f:2d:df:b5:61:75:4b:34:90:fd:64:82:
72:a8:44:2c:e9:4d:6e:70:8a:27:76:ef:9b:5e:29:85:72:cf:
53:03:4f:2d:77:df:1a:6b:9a:1a:2f:1c:87:f4:08:1c:bb:9d:
12:95:42:95:34:15:7c:fa:d2:09:7d:9f:58:94:03:d5:ef:f8:
f6:30:30:b9:bd:62:48:4f:a3:99:c6:44:12:43:53:06:2e:0f:
5b:ab:16:42:22:c0:bd:41:ca:2b:e3:55:41:1d:32:fc:e5:47:
88:0a:67:d0:e3:8d:90:c3:23:10:5f:1d:8e:c9:64:6b:94:7f:
d2:4a:6c:4e:38:33:19:aa:87:3f:32:3c:3a:37:5c:65:8d:96:
92:e1:5a:29:27:05:f2:3e:32:78:fb:bd:77:c0:04:91:1f:25:
81:14:32:d4:60:9e:0f:d1:29:4c:a7:e0:df:9c:db:2c:4c:b0:
a0:bf:47:da:cf:90:e0:65:11:b0:31:5b:10:76:ba:8c:af:d3:
27:b4:4a:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaGfO5SsYax4GJwiK3zu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ5ZDhlODM3MjAzMDUzYTQ5Zjk2MGZiOThlYjc4NzVlOTc1NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuQjVpEN+ro8LcD/WgU24k7xg7aA
DKPVjl83kUPH317VGFOnAeiaPig2cLd42U399VypdqDc/3PxdfVC7ZLwWwTX7fg8
Pe8xXYE72xy+e7lxoomGf0/jGEeU5zO4vXkrkbqo0HERAPL9Rfnqj4Gm0x0zwwA9
5Wo3hQv+u9aOUCqdWiI8y8E7VRQ7s3Syw1GGMk6kePSdMVRYIzmLxlYj3bA9viDL
fjltoTeFPLjERNWMIn/FAgYJF+kUqLW6yiBBF/HjZMZbAe7zvG585qMQS99I0Pit
AXbnkXwQkZ/Ih1QrLdcHo0zicSdwEHtJhHg2qLYKHIqSKRR/EPyfu/bqLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGVJ2Og3IDBTpJ+WD7mOt4del1XsMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvWlVuWTZEY2dNRk9rbjVZUHVZNjNoMTZYVmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWZkAwQA
wg/UMBYEAgACMBADBwAgAQZ8BugDBQAqEKYAMA0GCSqGSIb3DQEBCwUAA4IBAQB5
z9a5s6iZefiHKupAD16g/5s2xdqmicq86OQu8vlWwu0KazC7HzczcehB7y6HX+tt
JpHJ3+0lGZV3JxcvLd+1YXVLNJD9ZIJyqEQs6U1ucIondu+bXimFcs9TA08td98a
a5oaLxyH9Agcu50SlUKVNBV8+tIJfZ9YlAPV7/j2MDC5vWJIT6OZxkQSQ1MGLg9b
qxZCIsC9Qcor41VBHTL85UeICmfQ442QwyMQXx2OyWRrlH/SSmxOODMZqoc/Mjw6
N1xljZaS4VopJwXyPjJ4+713wASRHyWBFDLUYJ4P0SlMp+DfnNssTLCgv0faz5Dg
ZRGwMVsQdrqMr9MntEp0
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:37:37 2025 by rpki-client