Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YZaIEzZoydORUvqJ_TiM7V6r0cE.roa
File: YZaIEzZoydORUvqJ_TiM7V6r0cE.roa (raw, json)
Hash identifier: q85fUr7nIpmxY0701nkYAXu5jJKi/bsqO1dcK8g6lHU=
Subject key identifier: 61:96:88:13:36:68:C9:D3:91:52:FA:89:FD:38:8C:ED:5E:AB:D1:C1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196A0A947AAA8CAFDC5D30FFD586C5C4802
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YZaIEzZoydORUvqJ_TiM7V6r0cE.roa
Signing time: Mon 05 May 2025 13:36:10 +0000
ROA not before: Mon 05 May 2025 13:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0c:4880::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:de40::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:a9:47:aa:a8:ca:fd:c5:d3:0f:fd:58:6c:5c:48:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 5 13:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=619688133668c9d39152fa89fd388ced5eabd1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:c4:b5:94:50:5b:4e:45:9c:7e:10:6a:07:
2b:b2:55:f3:40:d2:e2:52:55:d3:7e:74:d6:6e:39:
44:1d:5a:b9:70:2f:2a:6d:1e:61:ab:80:4d:ce:3a:
86:25:81:6f:42:1b:95:b6:04:2d:1d:2b:cc:3f:c9:
a1:5a:52:58:65:7f:23:40:4d:60:57:c4:89:12:86:
32:3a:6a:5a:ab:68:f7:a5:08:7d:5c:04:4f:5b:95:
d3:ce:96:f0:08:32:c4:47:52:04:ec:28:f3:b7:c6:
af:f1:01:ec:1a:d1:14:44:f8:76:0e:04:ed:c4:74:
c5:be:06:90:0d:cc:91:2a:a1:88:7c:f5:6c:6c:17:
17:68:d6:a9:d9:84:6a:1c:f4:d8:7b:1a:30:8b:4a:
aa:68:b8:4b:f9:03:8f:f4:4f:b3:d8:09:8f:ec:8f:
f1:ab:78:9c:2b:03:b7:3a:02:bd:32:4c:cf:37:fe:
54:05:79:d5:08:41:43:8a:ef:e1:00:86:28:ac:8a:
9a:48:7b:d5:ec:eb:dc:4a:d8:aa:80:da:a4:97:06:
b1:c2:6a:4c:e7:06:e9:56:79:b3:cf:ee:08:80:16:
78:c2:a1:b6:4c:25:26:78:22:7f:7a:f8:f6:55:ed:
db:fe:54:2e:d3:4c:15:ad:e9:ba:1a:27:35:4c:2c:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:96:88:13:36:68:C9:D3:91:52:FA:89:FD:38:8C:ED:5E:AB:D1:C1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YZaIEzZoydORUvqJ_TiM7V6r0cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:e980::/29
2a0f:14c0::/29
2a0f:1540::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:2dc0::/29
2a0f:2ec0::/29
2a0f:de40::/29
2a0f:e140::/29
2a0f:e5c0::/29
2a13:2e40::/29
2a13:d100::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:81:c0:70:45:77:f5:dc:ca:9e:85:65:b2:95:a9:1e:b8:b2:
a0:b8:a8:39:d6:de:b8:5d:d8:2d:ab:49:84:14:86:49:1b:75:
c6:6b:d7:b9:c5:58:bc:56:15:a2:66:56:da:63:b3:98:fe:bc:
0b:cf:ac:03:d3:e0:c9:4a:26:c1:09:ef:71:bd:d9:14:66:cd:
e5:ea:52:87:13:05:77:52:22:bc:d2:62:84:b4:d9:73:fe:c7:
ed:64:04:61:bb:38:71:62:68:04:c1:fd:9a:53:19:dd:30:36:
c4:c9:57:27:52:68:3a:75:82:9a:94:93:c0:5c:6c:61:a8:c3:
bd:1d:67:2d:e5:74:d2:f3:96:ed:92:a6:77:a5:aa:5f:53:18:
54:07:31:0c:91:c7:f8:eb:13:ff:78:7f:c8:9a:41:a3:2f:72:
c3:8a:82:be:3d:32:f5:c9:08:10:48:f4:5e:1f:12:24:5f:55:
a0:9a:2e:a4:97:c3:8c:e5:4a:04:48:61:e5:98:b4:bd:15:26:
c6:d0:78:04:a3:48:d8:98:44:bb:80:d8:7d:55:ba:3c:db:71:
2b:52:9b:97:da:9a:66:b3:f8:3c:5f:f9:5d:18:26:f1:8e:e3:
71:fa:55:f5:dd:2a:72:49:0a:d4:13:43:48:47:14:de:dc:c6:
69:77:13:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZagqUeqqMr9xdMP/VhsXEgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTA1MTMzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk2ODgxMzM2NjhjOWQzOTE1MmZhODlmZDM4OGNlZDVlYWJkMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzrEtZRQW05FnH4QagcrslXzQNLi
UlXTfnTWbjlEHVq5cC8qbR5hq4BNzjqGJYFvQhuVtgQtHSvMP8mhWlJYZX8jQE1g
V8SJEoYyOmpaq2j3pQh9XARPW5XTzpbwCDLER1IE7Cjzt8av8QHsGtEURPh2DgTt
xHTFvgaQDcyRKqGIfPVsbBcXaNap2YRqHPTYexowi0qqaLhL+QOP9E+z2AmP7I/x
q3icKwO3OgK9MkzPN/5UBXnVCEFDiu/hAIYorIqaSHvV7OvcStiqgNqklwaxwmpM
5wbpVnmzz+4IgBZ4wqG2TCUmeCJ/evj2Ve3b/lQu00wVrem6Gic1TCxpUQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGGWiBM2aMnTkVL6if04jO1eq9HBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWVphSUV6Wm95ZE9SVXZxSl9UaU03VjZyMGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFAyoMSIAD
BQMqDumAAwUDKg8UwAMFAyoPFUADBQMqDxdAAwUDKg8XwAMFAyoPGEADBQMqDy3A
AwUDKg8uwAMFAyoP3kADBQMqD+FAAwUDKg/lwAMFAyoTLkADBQMqE9EAAwUDKhP6
ADANBgkqhkiG9w0BAQsFAAOCAQEAi4HAcEV39dzKnoVlspWpHriyoLioOdbeuF3Y
LatJhBSGSRt1xmvXucVYvFYVomZW2mOzmP68C8+sA9PgyUomwQnvcb3ZFGbN5epS
hxMFd1IivNJihLTZc/7H7WQEYbs4cWJoBMH9mlMZ3TA2xMlXJ1JoOnWCmpSTwFxs
YajDvR1nLeV00vOW7ZKmd6WqX1MYVAcxDJHH+OsT/3h/yJpBoy9yw4qCvj0y9ckI
EEj0Xh8SJF9VoJoupJfDjOVKBEhh5Zi0vRUmxtB4BKNI2JhEu4DYfVW6PNtxK1Kb
l9qaZrP4PF/5XRgm8Y7jcfpV9d0qckkK1BNDSEcU3tzGaXcTKw==
-----END CERTIFICATE-----
Generated at Thu May 8 06:27:12 2025 by rpki-client