Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/Bozz1f8-yfX9yXxPZKU9Cta0NYQ.roa
File: Bozz1f8-yfX9yXxPZKU9Cta0NYQ.roa (raw, json)
Hash identifier: 0IGwBXtpx1d8BB60fzDWUMcEXZ7eXrr4gU64azlIoKw=
Subject key identifier: 06:8C:F3:D5:FF:3E:C9:F5:FD:C9:7C:4F:64:A5:3D:0A:D6:B4:35:84
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0196644C1751AF2349034525FCD6329D4D5F
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/Bozz1f8-yfX9yXxPZKU9Cta0NYQ.roa
Signing time: Wed 23 Apr 2025 20:17:10 +0000
ROA not before: Wed 23 Apr 2025 20:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0a:c383::/32 maxlen: 32
2a0a:c387::/32 maxlen: 32
2a11:5881::/32 maxlen: 32
2a11:8f81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:64:4c:17:51:af:23:49:03:45:25:fc:d6:32:9d:4d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 23 20:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=068cf3d5ff3ec9f5fdc97c4f64a53d0ad6b43584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c5:47:39:8c:a0:11:38:5a:1d:d6:b9:28:31:
ec:cc:c4:2a:de:1a:ce:0a:33:67:22:21:44:cc:ab:
79:45:83:15:43:58:e4:1c:89:fa:7b:4e:7c:77:07:
51:1b:39:ad:c9:3c:ea:f7:cd:83:35:30:1a:95:0e:
91:ac:05:8e:2c:73:c3:81:7a:ae:5e:91:0a:30:34:
58:c3:c5:e1:46:53:51:bd:43:58:a3:3d:de:46:4d:
85:53:6b:c4:09:2d:2a:b5:a2:e9:ac:37:6b:f6:da:
22:5b:5d:8a:d3:fe:ae:30:47:d4:17:17:32:c2:e2:
93:cc:78:37:aa:b3:37:80:77:e6:e1:6c:d5:ce:0b:
9c:fe:8a:bb:0a:a3:db:01:de:72:46:8e:ff:0f:64:
5b:0f:18:7c:e9:35:ee:66:7e:29:aa:31:a3:36:a5:
6c:53:48:64:41:88:e7:48:17:d1:19:99:cc:fa:60:
6c:c8:8b:bc:46:ae:e1:7d:47:9e:a5:3f:ee:a0:1e:
29:b1:7e:c6:42:4d:5b:96:1a:c1:31:3d:72:03:fd:
33:b1:2a:d5:1b:dc:cf:eb:6f:6c:af:2e:de:8f:cc:
24:84:91:a5:2e:a9:e3:bb:b4:41:58:4a:2c:62:db:
7d:b4:74:b3:69:5c:57:5f:b1:0b:c2:bf:b0:6f:e3:
80:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8C:F3:D5:FF:3E:C9:F5:FD:C9:7C:4F:64:A5:3D:0A:D6:B4:35:84
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/Bozz1f8-yfX9yXxPZKU9Cta0NYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c383::/32
2a0a:c387::/32
2a11:5881::/32
2a11:8f81::/32
Signature Algorithm: sha256WithRSAEncryption
0d:cd:f5:90:bd:20:80:52:05:01:f0:c3:4a:bc:3f:42:c4:f9:
cd:29:44:b1:66:e5:1d:7d:84:0e:c4:a7:ee:5e:de:ba:22:42:
9f:dc:1d:51:cd:19:97:94:5d:d1:43:eb:f9:57:df:fe:04:49:
c5:06:18:58:78:b2:23:bc:1a:e4:e5:07:80:f9:e1:73:83:c2:
f1:e9:ae:5d:4d:73:23:4f:78:74:3e:47:1c:ca:fe:4e:c3:91:
37:a0:dd:d7:e6:82:48:30:9c:48:6f:a5:a5:81:98:92:17:29:
19:fb:b3:3c:2a:31:6f:60:0b:67:66:fb:5f:2a:32:9b:65:a3:
b1:59:17:ff:b4:f4:b1:af:ab:40:af:9e:0f:74:4d:e0:04:bd:
ca:80:9a:dc:ce:36:6a:d4:95:29:af:27:88:7b:39:7f:cf:64:
47:f3:b0:62:19:34:38:19:27:98:55:82:04:47:b9:4f:5c:27:
51:46:e9:b1:a5:30:ab:ac:2b:8e:c9:c0:2f:f0:07:89:1f:1d:
4e:3b:46:1f:27:7a:40:f1:8b:60:84:25:44:6d:cf:83:f6:df:
74:74:a4:95:56:81:3e:f6:91:83:f7:af:6d:33:b4:6b:ae:86:
c2:47:83:5c:fc:82:89:f6:10:bb:c5:4c:0b:4a:e8:3b:a5:70:
44:68:95:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZZkTBdRryNJA0Ul/NYynU1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDIzMjAxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhjZjNkNWZmM2VjOWY1ZmRjOTdjNGY2NGE1M2QwYWQ2YjQzNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sVHOYygEThaHda5KDHszMQq3hrO
CjNnIiFEzKt5RYMVQ1jkHIn6e058dwdRGzmtyTzq982DNTAalQ6RrAWOLHPDgXqu
XpEKMDRYw8XhRlNRvUNYoz3eRk2FU2vECS0qtaLprDdr9toiW12K0/6uMEfUFxcy
wuKTzHg3qrM3gHfm4WzVzguc/oq7CqPbAd5yRo7/D2RbDxh86TXuZn4pqjGjNqVs
U0hkQYjnSBfRGZnM+mBsyIu8Rq7hfUeepT/uoB4psX7GQk1blhrBMT1yA/0zsSrV
G9zP629sry7ej8wkhJGlLqnju7RBWEosYtt9tHSzaVxXX7ELwr+wb+OAtQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAaM89X/Psn1/cl8T2SlPQrWtDWEMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvQm96ejFmOC15Zlg5eVh4UFpLVTlDdGEwTllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgrDgwMF
ACoKw4cDBQAqEViBAwUAKhGPgTANBgkqhkiG9w0BAQsFAAOCAQEADc31kL0ggFIF
AfDDSrw/QsT5zSlEsWblHX2EDsSn7l7euiJCn9wdUc0Zl5Rd0UPr+Vff/gRJxQYY
WHiyI7wa5OUHgPnhc4PC8emuXU1zI094dD5HHMr+TsORN6Dd1+aCSDCcSG+lpYGY
khcpGfuzPCoxb2ALZ2b7Xyoym2WjsVkX/7T0sa+rQK+eD3RN4AS9yoCa3M42atSV
Ka8niHs5f89kR/OwYhk0OBknmFWCBEe5T1wnUUbpsaUwq6wrjsnAL/AHiR8dTjtG
Hyd6QPGLYIQlRG3Pg/bfdHSklVaBPvaRg/evbTO0a66GwkeDXPyCifYQu8VMC0ro
O6VwRGiVUw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:13:24 2025 by rpki-client