Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z7Z_YEX5oANF-n8YHYoIAmLHVdw.roa
File: Z7Z_YEX5oANF-n8YHYoIAmLHVdw.roa (raw, json)
Hash identifier: NKKWuUj0y9Fcs6t4VwNUaQYad4h0P6PuYx0poVtlYxI=
Subject key identifier: 67:B6:7F:60:45:F9:A0:03:45:FA:7F:18:1D:8A:08:02:62:C7:55:DC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019681A3FE5EF082022498368F59E9928D71
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z7Z_YEX5oANF-n8YHYoIAmLHVdw.roa
Signing time: Tue 29 Apr 2025 13:02:10 +0000
ROA not before: Tue 29 Apr 2025 13:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 2a09:7b00::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a10:33c0::/29 maxlen: 29
2a13:2dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 14:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:a3:fe:5e:f0:82:02:24:98:36:8f:59:e9:92:8d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 29 13:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67b67f6045f9a00345fa7f181d8a080262c755dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d9:ec:d1:67:c3:d1:eb:8b:0e:de:b3:18:31:
94:e7:e8:75:ca:4c:64:50:6f:ad:7b:0f:7a:8f:4b:
f3:a5:86:1d:5b:14:c5:4b:a4:6f:ff:43:1b:c5:41:
86:9e:24:88:cb:7e:c5:e4:be:81:b9:ed:97:64:6e:
75:37:c6:14:68:a9:f9:5d:9a:23:bd:7c:1c:0f:68:
e5:6f:97:c5:a3:a8:4b:58:80:b1:f8:0d:a8:f5:09:
41:ca:af:95:2c:30:27:38:4f:01:a8:b0:33:51:d6:
87:f4:d1:05:4e:75:61:84:72:3d:e5:b0:b0:5b:6e:
b8:c9:f0:8f:c8:59:a1:52:1e:20:fd:8f:69:0f:23:
3d:ee:d9:22:fd:4d:19:c2:ec:4d:06:b1:91:c4:42:
81:95:56:20:fe:b9:d6:84:29:d8:3c:43:dd:6d:cb:
70:44:bd:7a:64:8a:1b:3d:4f:05:f2:f7:53:3a:3b:
b2:d3:eb:28:83:38:32:c6:2b:72:dc:07:61:99:72:
e0:91:99:07:1e:49:89:83:75:f8:8c:fa:ad:80:e3:
fb:1a:72:5d:34:17:20:21:cf:bf:1c:83:0a:82:b2:
56:a8:1a:27:6b:55:59:64:e3:c5:86:41:06:9a:80:
45:39:ab:d7:a8:cb:c8:a0:72:2e:e2:25:2e:7b:14:
87:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B6:7F:60:45:F9:A0:03:45:FA:7F:18:1D:8A:08:02:62:C7:55:DC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z7Z_YEX5oANF-n8YHYoIAmLHVdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7b00::/29
2a0f:1640::/29
2a10:33c0::/29
2a13:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:37:b1:11:36:78:66:4e:5f:de:e7:1c:24:44:b4:e1:66:9a:
25:f6:56:b1:9a:b9:6e:74:75:62:d0:f0:0c:4c:d0:50:f4:80:
0e:65:e1:52:52:16:01:51:79:82:31:f0:4c:a3:01:a1:a2:e8:
3e:3a:66:74:f9:46:e3:5e:57:84:7f:63:e9:08:9f:30:03:88:
77:f4:07:bb:64:4f:dc:91:f8:dd:45:06:a0:ec:f0:80:f2:8c:
97:35:d8:cf:43:7f:f5:f0:05:e0:36:2e:a4:56:07:6f:f1:09:
03:90:57:6e:77:e9:59:91:c8:00:ae:46:55:bb:77:73:3a:31:
d6:fb:2e:82:87:f5:18:c7:6d:f6:dd:39:56:7e:ee:1c:2a:f6:
f6:27:45:a8:73:1f:6c:a0:c4:6e:3e:c4:32:69:1a:cf:27:08:
05:55:35:e7:bc:71:b6:a6:f2:97:1b:d7:14:83:57:32:be:92:
53:90:28:9f:b2:05:75:17:9d:a3:54:de:e3:a3:2b:aa:b1:91:
f4:4a:2f:3f:12:2c:62:1f:af:66:08:41:d1:df:19:cb:c9:81:
5e:8e:dc:b9:74:3d:ce:b2:85:77:87:47:c7:34:31:36:1f:04:
3f:7b:96:e3:c6:c2:58:ad:8d:b2:7e:5a:f7:8b:fb:7a:54:b1:
f5:68:63:75
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZaBo/5e8IICJJg2j1npko1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI5MTMwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I2N2Y2MDQ1ZjlhMDAzNDVmYTdmMTgxZDhhMDgwMjYyYzc1NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntns0WfD0euLDt6zGDGU5+h1ykxk
UG+tew96j0vzpYYdWxTFS6Rv/0MbxUGGniSIy37F5L6Bue2XZG51N8YUaKn5XZoj
vXwcD2jlb5fFo6hLWICx+A2o9QlByq+VLDAnOE8BqLAzUdaH9NEFTnVhhHI95bCw
W264yfCPyFmhUh4g/Y9pDyM97tki/U0ZwuxNBrGRxEKBlVYg/rnWhCnYPEPdbctw
RL16ZIobPU8F8vdTOjuy0+sogzgyxity3AdhmXLgkZkHHkmJg3X4jPqtgOP7GnJd
NBcgIc+/HIMKgrJWqBona1VZZOPFhkEGmoBFOavXqMvIoHIu4iUuexSH4wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGe2f2BF+aADRfp/GB2KCAJix1XcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWjdaX1lFWDVvQU5GLW44WUhZb0lBbUxIVmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgl7AAMF
AyoPFkADBQMqEDPAAwUDKhMtwDANBgkqhkiG9w0BAQsFAAOCAQEAjjexETZ4Zk5f
3uccJES04WaaJfZWsZq5bnR1YtDwDEzQUPSADmXhUlIWAVF5gjHwTKMBoaLoPjpm
dPlG415XhH9j6QifMAOId/QHu2RP3JH43UUGoOzwgPKMlzXYz0N/9fAF4DYupFYH
b/EJA5BXbnfpWZHIAK5GVbt3czox1vsugof1GMdt9t05Vn7uHCr29idFqHMfbKDE
bj7EMmkazycIBVU157xxtqbylxvXFINXMr6SU5Aon7IFdRedo1Te46MrqrGR9Eov
PxIsYh+vZghB0d8Zy8mBXo7cuXQ9zrKFd4dHxzQxNh8EP3uW48bCWK2Nsn5a94v7
elSx9WhjdQ==
-----END CERTIFICATE-----
Generated at Tue May 6 00:13:23 2025 by rpki-client