Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/tteeEx_UHwSzotofaQO5wxZ_ugA.roa
File: tteeEx_UHwSzotofaQO5wxZ_ugA.roa (raw, json)
Hash identifier: 6J8PWS09Iv6b8y8k1LDtC9qNTp2Y/khQlLJjRszf4aQ=
Subject key identifier: B6:D7:9E:13:1F:D4:1F:04:B3:A2:DA:1F:69:03:B9:C3:16:7F:BA:00
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 0197404ADF0B372C377C63C22500BA4744B5
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/tteeEx_UHwSzotofaQO5wxZ_ugA.roa
Signing time: Thu 05 Jun 2025 13:32:18 +0000
ROA not before: Thu 05 Jun 2025 13:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53813
IP address blocks: 147.161.210.0/23 maxlen: 24
164.137.185.0/24 maxlen: 24
164.137.186.0/24 maxlen: 24
164.137.187.0/24 maxlen: 24
164.137.188.0/24 maxlen: 24
164.137.189.0/24 maxlen: 24
164.137.190.0/24 maxlen: 24
164.137.191.0/24 maxlen: 24
164.137.192.0/24 maxlen: 24
2a03:eec0:3211::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:4a:df:0b:37:2c:37:7c:63:c2:25:00:ba:47:44:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Jun 5 13:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6d79e131fd41f04b3a2da1f6903b9c3167fba00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:88:b8:6a:be:6b:b3:be:07:49:f3:26:9a:
d0:0d:24:af:77:f4:33:a3:77:b6:a1:89:02:63:0c:
db:58:13:1a:44:fc:54:fb:79:00:28:26:96:e9:ea:
c9:52:43:ac:5b:ee:c4:80:49:75:a3:fb:9c:78:54:
a7:e2:bd:25:cd:3a:bf:62:68:f9:14:c9:f7:46:54:
d1:04:4a:a4:db:34:1d:91:7a:b0:9a:fd:3e:1b:a6:
b2:c4:56:87:5a:f3:ee:00:f1:85:57:08:b9:83:eb:
f2:49:14:6f:fd:b5:13:46:74:52:af:4a:74:c5:24:
2e:44:99:55:e9:e8:88:19:76:52:a1:db:7b:17:3d:
9f:14:12:c4:e9:7a:cf:af:15:25:b1:b6:0a:37:63:
01:ab:96:76:3f:0e:c8:f9:5f:00:7d:f4:63:4b:13:
be:42:90:f9:f7:22:35:cc:4b:aa:9f:6c:66:37:04:
4d:3f:bf:6c:45:2c:c6:4d:40:83:1f:54:1b:37:f5:
df:42:13:7a:81:25:84:a3:1b:b8:86:97:6d:f0:7a:
bf:43:f2:6c:2a:1a:0c:04:37:37:61:34:b2:5d:13:
b5:92:cc:ed:49:52:21:3d:c9:31:35:d9:d0:1e:97:
6d:42:80:82:c4:8c:78:72:de:a2:62:92:bb:ef:c8:
5a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D7:9E:13:1F:D4:1F:04:B3:A2:DA:1F:69:03:B9:C3:16:7F:BA:00
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/tteeEx_UHwSzotofaQO5wxZ_ugA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.210.0/23
164.137.185.0-164.137.192.255
IPv6:
2a03:eec0:3211::/48
Signature Algorithm: sha256WithRSAEncryption
49:ab:e3:b4:57:e9:cd:74:74:c1:8f:ae:31:57:6d:93:e3:cc:
53:c5:62:80:a3:58:4f:be:7d:0b:eb:d7:7f:06:0c:a6:95:21:
fd:d0:05:17:91:47:5c:45:b0:3c:d3:50:00:3c:dd:58:f6:45:
85:13:67:2d:8c:1b:c4:65:9d:13:08:94:29:40:d8:a8:7a:a2:
d1:3f:01:5b:ba:8a:24:10:21:7d:13:05:9a:c6:6d:ee:ef:3d:
76:80:66:70:19:02:77:ed:65:98:51:6f:a6:fb:77:89:dc:3f:
41:e9:2b:eb:64:67:82:f4:71:b1:f0:3c:08:05:97:11:c3:fa:
fe:f2:cf:5d:ab:65:cd:64:59:12:90:2f:03:f8:ee:bb:8f:a1:
c3:b3:ef:45:51:e1:83:3e:59:0d:27:fe:75:ef:a2:8d:af:29:
d4:15:3e:05:f7:de:7e:44:67:aa:3a:1c:c9:fe:fd:b7:9c:4f:
fb:b2:43:57:4a:f7:cb:63:33:ba:3b:a0:59:0d:0d:f2:2d:07:
4b:d9:cf:4d:d2:a1:24:9f:c5:84:04:eb:55:7a:74:6b:1e:90:
dd:74:de:b0:50:01:02:40:bc:c6:2a:83:a0:b9:ff:6b:3e:28:
7f:60:59:c4:b5:26:93:07:06:7b:9e:e2:c3:9b:c2:56:ed:dc:
fe:29:67:e7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZdASt8LNyw3fGPCJQC6R0S1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwNjA1MTMzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ3OWUxMzFmZDQxZjA0YjNhMmRhMWY2OTAzYjljMzE2N2ZiYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjiIuGq+a7O+B0nzJprQDSSvd/Qz
o3e2oYkCYwzbWBMaRPxU+3kAKCaW6erJUkOsW+7EgEl1o/uceFSn4r0lzTq/Ymj5
FMn3RlTRBEqk2zQdkXqwmv0+G6ayxFaHWvPuAPGFVwi5g+vySRRv/bUTRnRSr0p0
xSQuRJlV6eiIGXZSodt7Fz2fFBLE6XrPrxUlsbYKN2MBq5Z2Pw7I+V8AffRjSxO+
QpD59yI1zEuqn2xmNwRNP79sRSzGTUCDH1QbN/XfQhN6gSWEoxu4hpdt8Hq/Q/Js
KhoMBDc3YTSyXRO1ksztSVIhPckxNdnQHpdtQoCCxIx4ct6iYpK778haSQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLbXnhMf1B8Es6LaH2kDucMWf7oAMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvdHRlZUV4X1VId1N6b3RvZmFRTzV3eFpfdWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQBk6HSMAwD
BACkibkDBACkicAwDwQCAAIwCQMHACoD7sAyETANBgkqhkiG9w0BAQsFAAOCAQEA
SavjtFfpzXR0wY+uMVdtk+PMU8VigKNYT759C+vXfwYMppUh/dAFF5FHXEWwPNNQ
ADzdWPZFhRNnLYwbxGWdEwiUKUDYqHqi0T8BW7qKJBAhfRMFmsZt7u89doBmcBkC
d+1lmFFvpvt3idw/Qekr62RngvRxsfA8CAWXEcP6/vLPXatlzWRZEpAvA/juu4+h
w7PvRVHhgz5ZDSf+de+ija8p1BU+BffefkRnqjocyf79t5xP+7JDV0r3y2Mzujug
WQ0N8i0HS9nPTdKhJJ/FhATrVXp0ax6Q3XTesFABAkC8xiqDoLn/az4of2BZxLUm
kwcGe57iw5vCVu3c/iln5w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:58:49 2025 by rpki-client