Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Zo2MKi4GCxnbJnp8EPKQOkB00vY.roa
File: Zo2MKi4GCxnbJnp8EPKQOkB00vY.roa (raw, json)
Hash identifier: pyL4Qp4gKAsCiz/ZUbA9+rYxUHWbV6CV8D6/DG2NZAE=
Subject key identifier: 66:8D:8C:2A:2E:06:0B:19:DB:26:7A:7C:10:F2:90:3A:40:74:D2:F6
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197896D2EFBC108B1CD84504E26D4D59706
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Zo2MKi4GCxnbJnp8EPKQOkB00vY.roa
Signing time: Thu 19 Jun 2025 18:22:03 +0000
ROA not before: Thu 19 Jun 2025 18:22:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:8306::/32 maxlen: 32
2a11:8447::/32 maxlen: 32
2a11:cd04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:89:6d:2e:fb:c1:08:b1:cd:84:50:4e:26:d4:d5:97:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jun 19 18:22:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=668d8c2a2e060b19db267a7c10f2903a4074d2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4a:94:d4:ee:9c:9c:3d:43:3e:00:d5:a0:6d:
2b:0e:f7:7b:14:22:73:3d:8c:50:59:ad:32:68:1e:
2c:9e:f2:59:37:25:eb:fe:6d:f7:09:5c:c6:89:63:
28:fe:e3:11:58:dc:d2:4e:10:b3:db:8c:b3:b1:01:
bd:7d:ce:73:1d:14:e7:22:a4:69:0e:49:99:98:57:
79:8e:68:6c:0d:81:83:5d:5e:7a:fe:d3:7f:45:f1:
cd:36:b0:f7:54:bc:b0:47:8d:89:3e:55:aa:42:d5:
ed:0a:45:1f:3c:58:be:a2:45:15:53:b8:34:d4:15:
1f:cc:f8:64:91:d6:f8:10:4a:ac:3e:42:59:85:b5:
1c:5f:0c:51:a6:ef:e6:6f:b5:4c:ed:4c:6e:29:64:
d5:db:68:76:1e:42:1b:2e:be:37:36:bb:e3:ad:e8:
63:79:73:ab:dc:45:6e:47:35:85:65:a2:27:22:0b:
d5:d3:ec:94:47:bf:d4:02:5a:9b:13:59:11:26:9c:
27:f1:0b:7b:b3:fe:64:94:3c:60:c0:b9:be:f3:76:
7c:a0:92:c8:3d:e4:79:d4:ce:40:e6:54:9c:4b:af:
94:c6:7a:5b:5e:88:9e:25:99:7f:07:97:8b:f3:36:
cc:ef:e5:3c:ff:22:47:ad:be:12:3a:89:de:7d:a9:
eb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8D:8C:2A:2E:06:0B:19:DB:26:7A:7C:10:F2:90:3A:40:74:D2:F6
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Zo2MKi4GCxnbJnp8EPKQOkB00vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8306::/32
2a11:8447::/32
2a11:cd04::/32
Signature Algorithm: sha256WithRSAEncryption
69:f2:df:48:f5:ad:e6:81:6e:5f:ce:6d:c6:d7:f0:cc:73:4c:
8f:07:a5:37:04:c9:e7:cf:b6:f7:39:1a:f7:b2:3d:53:ac:ce:
e2:f2:b8:8a:c8:d7:8b:60:22:d6:19:78:43:0e:5a:8e:6d:d3:
d5:c8:d5:a9:c4:7d:4d:80:b1:dc:ef:e8:a3:f6:ef:c4:4a:cf:
48:ed:df:b0:3f:c6:a2:9f:69:c4:6e:e2:e6:db:47:6f:53:db:
9b:04:ae:95:fa:f2:1f:d2:27:16:4c:6a:88:4d:40:3a:34:8f:
b0:7f:f2:60:11:c9:b5:91:b9:a6:0b:25:e2:55:9b:72:29:17:
8a:86:02:16:11:5f:5b:23:42:0d:69:74:ed:3c:32:04:b5:a5:
15:02:a4:ed:ee:72:2a:b3:7e:87:65:cf:df:c3:15:01:92:a3:
4f:82:5d:e0:ac:00:50:e7:1a:55:6f:8c:7a:68:cc:64:82:8b:
7c:00:64:f1:6e:37:5f:a2:71:72:5a:95:2e:3e:3d:06:80:b7:
a1:ce:04:4a:e5:8e:30:c5:02:9a:c6:6a:be:ce:18:9d:3f:de:
c7:f6:30:9c:c6:19:53:4b:75:0a:2a:1e:6a:0e:c8:28:4c:47:
e7:18:f5:73:65:71:d3:04:4f:f9:a7:3b:af:cd:a2:e0:c1:6e:
b9:b2:3f:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZeJbS77wQixzYRQTibU1ZcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNjE5MTgyMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhkOGMyYTJlMDYwYjE5ZGIyNjdhN2MxMGYyOTAzYTQwNzRkMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EqU1O6cnD1DPgDVoG0rDvd7FCJz
PYxQWa0yaB4snvJZNyXr/m33CVzGiWMo/uMRWNzSThCz24yzsQG9fc5zHRTnIqRp
DkmZmFd5jmhsDYGDXV56/tN/RfHNNrD3VLywR42JPlWqQtXtCkUfPFi+okUVU7g0
1BUfzPhkkdb4EEqsPkJZhbUcXwxRpu/mb7VM7UxuKWTV22h2HkIbLr43Nrvjrehj
eXOr3EVuRzWFZaInIgvV0+yUR7/UAlqbE1kRJpwn8Qt7s/5klDxgwLm+83Z8oJLI
PeR51M5A5lScS6+UxnpbXoieJZl/B5eL8zbM7+U8/yJHrb4SOonefanrGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGaNjCouBgsZ2yZ6fBDykDpAdNL2MB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvWm8yTUtpNEdDeG5iSm5wOEVQS1FPa0IwMHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhGDBgMF
ACoRhEcDBQAqEc0EMA0GCSqGSIb3DQEBCwUAA4IBAQBp8t9I9a3mgW5fzm3G1/DM
c0yPB6U3BMnnz7b3ORr3sj1TrM7i8riKyNeLYCLWGXhDDlqObdPVyNWpxH1NgLHc
7+ij9u/ESs9I7d+wP8ain2nEbuLm20dvU9ubBK6V+vIf0icWTGqITUA6NI+wf/Jg
Ecm1kbmmCyXiVZtyKReKhgIWEV9bI0INaXTtPDIEtaUVAqTt7nIqs36HZc/fwxUB
kqNPgl3grABQ5xpVb4x6aMxkgot8AGTxbjdfonFyWpUuPj0GgLehzgRK5Y4wxQKa
xmq+zhidP97H9jCcxhlTS3UKKh5qDsgoTEfnGPVzZXHTBE/5pzuvzaLgwW65sj+S
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:14:04 2025 by rpki-client