Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tOKffNLeqoCRQyLhX0pk9w0e9gE.roa
File: tOKffNLeqoCRQyLhX0pk9w0e9gE.roa (raw, json)
Hash identifier: ZtE1N4hx0o7ezg+y2AZrHnoAdijePQwyuxVbH8gDLhU=
Subject key identifier: B4:E2:9F:7C:D2:DE:AA:80:91:43:22:E1:5F:4A:64:F7:0D:1E:F6:01
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 01975A5967EA16950C869490C300EB130A72
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tOKffNLeqoCRQyLhX0pk9w0e9gE.roa
Signing time: Tue 10 Jun 2025 14:58:17 +0000
ROA not before: Tue 10 Jun 2025 14:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/29 maxlen: 29
45.144.44.0/30 maxlen: 30
2a0e:eac0:2000::/44 maxlen: 48
2a0e:eac0:2001::/48 maxlen: 48
2a0e:eac0:2002::/48 maxlen: 48
2a0e:eac0:2010::/44 maxlen: 48
2a0e:eac0:2100::/44 maxlen: 48
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2110::/44 maxlen: 48
2a0e:eac0:2200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:59:67:ea:16:95:0c:86:94:90:c3:00:eb:13:0a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Jun 10 14:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4e29f7cd2deaa80914322e15f4a64f70d1ef601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:91:7d:cd:92:ce:32:e4:26:9e:03:46:d1:
2e:3d:27:97:fa:0a:5d:4c:0e:07:80:0f:ea:80:b8:
fc:b3:90:8c:22:04:9b:2d:4c:3f:0d:c8:11:a1:9f:
e4:f5:63:e8:d1:87:c7:43:8f:19:a9:7d:83:a8:97:
98:10:04:d1:7d:90:1d:57:e4:b1:86:4b:c3:17:ec:
47:ac:52:00:b9:4b:ba:06:16:45:2c:2a:69:47:e7:
0b:a1:de:30:df:88:e9:4c:92:fe:23:ed:f4:49:7a:
e0:11:57:89:a4:4e:e0:7f:7a:52:95:cc:0c:8b:da:
f8:e3:8a:56:c0:c4:07:8e:f1:5d:f4:d4:8d:54:01:
f9:69:7d:e8:7e:06:02:b4:e4:4c:8c:c1:2d:7f:db:
7f:ff:41:b5:72:32:9e:f3:7e:10:31:f5:f4:8f:dd:
89:93:f6:e1:94:e8:13:74:1c:b1:33:d8:cb:81:0e:
70:ce:51:53:e2:7e:5e:af:57:5e:ae:56:4b:5e:93:
94:c5:5e:8d:dc:78:1a:64:3e:d6:fe:33:57:40:b7:
47:ab:a9:e1:b2:df:8c:b4:fc:39:02:56:34:0f:d6:
5b:fb:a8:32:b8:fd:97:10:72:de:96:2b:fc:4d:b0:
c6:90:97:c5:70:a6:1e:e8:8c:39:61:a9:68:24:a6:
0b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E2:9F:7C:D2:DE:AA:80:91:43:22:E1:5F:4A:64:F7:0D:1E:F6:01
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tOKffNLeqoCRQyLhX0pk9w0e9gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/29
IPv6:
2a0e:eac0:2000::/43
2a0e:eac0:2100::/43
2a0e:eac0:2200::/48
Signature Algorithm: sha256WithRSAEncryption
56:c9:7c:c6:73:30:dc:7e:7d:fe:ed:4a:4d:d7:13:9c:08:69:
64:56:6a:ea:31:55:2f:1b:dc:59:e6:eb:d4:da:f2:fd:78:16:
8e:1b:5c:3f:2d:78:75:ea:3e:ac:ae:4c:1c:77:52:b1:3f:05:
b1:29:50:34:c1:5e:18:b9:49:e1:bd:16:89:54:60:a4:9a:13:
b1:40:45:53:99:43:a8:27:fb:41:ad:1e:3d:da:c4:9e:cb:2f:
9a:65:9b:eb:03:42:e0:d7:8e:7f:d8:75:37:46:ae:d6:7a:1e:
37:f6:a1:79:47:fd:3f:39:cf:de:54:e1:6b:57:cb:ae:ea:11:
9d:6f:4f:81:2f:0b:20:14:67:db:9e:c5:9b:d4:1a:b7:30:51:
ee:ab:cf:ff:dc:66:be:a7:2d:0d:0f:7d:8a:0f:9e:49:76:60:
f4:39:15:fb:03:51:5e:36:fd:d7:e2:b4:8b:59:bb:7c:11:3e:
d8:cb:fd:18:27:f8:fd:aa:58:b5:36:f8:28:89:b4:03:85:ba:
7c:51:07:7f:f4:ad:69:1a:fc:52:6c:3b:36:1d:0f:f5:a4:b6:
44:db:55:16:74:bd:b2:f0:9f:82:d4:63:4c:b2:24:d2:08:43:
af:51:91:bb:70:59:9e:4f:dc:f2:ea:8d:8f:b9:4f:fc:3b:b5:
ae:7e:0b:7d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdaWWfqFpUMhpSQwwDrEwpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjUwNjEwMTQ1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGUyOWY3Y2QyZGVhYTgwOTE0MzIyZTE1ZjRhNjRmNzBkMWVmNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMqRfc2SzjLkJp4DRtEuPSeX+gpd
TA4HgA/qgLj8s5CMIgSbLUw/DcgRoZ/k9WPo0YfHQ48ZqX2DqJeYEATRfZAdV+Sx
hkvDF+xHrFIAuUu6BhZFLCppR+cLod4w34jpTJL+I+30SXrgEVeJpE7gf3pSlcwM
i9r444pWwMQHjvFd9NSNVAH5aX3ofgYCtORMjMEtf9t//0G1cjKe834QMfX0j92J
k/bhlOgTdByxM9jLgQ5wzlFT4n5er1derlZLXpOUxV6N3HgaZD7W/jNXQLdHq6nh
st+MtPw5AlY0D9Zb+6gyuP2XEHLeliv8TbDGkJfFcKYe6Iw5YaloJKYLaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLTin3zS3qqAkUMi4V9KZPcNHvYBMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvdE9LZmZOTGVxb0NSUXlMaFgwcGs5dzBlOWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjANBAIAATAHAwUDLZAsADAh
BAIAAjAbAwcFKg7qwCAAAwcFKg7qwCEAAwcAKg7qwCIAMA0GCSqGSIb3DQEBCwUA
A4IBAQBWyXzGczDcfn3+7UpN1xOcCGlkVmrqMVUvG9xZ5uvU2vL9eBaOG1w/LXh1
6j6srkwcd1KxPwWxKVA0wV4YuUnhvRaJVGCkmhOxQEVTmUOoJ/tBrR492sSeyy+a
ZZvrA0Lg145/2HU3Rq7Weh439qF5R/0/Oc/eVOFrV8uu6hGdb0+BLwsgFGfbnsWb
1Bq3MFHuq8//3Ga+py0ND32KD55JdmD0ORX7A1FeNv3X4rSLWbt8ET7Yy/0YJ/j9
qli1NvgoibQDhbp8UQd/9K1pGvxSbDs2HQ/1pLZE21UWdL2y8J+C1GNMsiTSCEOv
UZG7cFmeT9zy6o2PuU/8O7Wufgt9
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:34:54 2025 by rpki-client