Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/W66TeYTw-t7EMoHzkCaUwVfLkDI.roa
File: W66TeYTw-t7EMoHzkCaUwVfLkDI.roa (raw, json)
Hash identifier: Ox2U/eJQb+R2Hy97s4rI93U5aSqmhZSgt5Xa460suhw=
Subject key identifier: 5B:AE:93:79:84:F0:FA:DE:C4:32:81:F3:90:26:94:C1:57:CB:90:32
Certificate issuer: /CN=ebbc91cccab016d3b9128761a9c4e553976121c8
Certificate serial: 0196C993D2FBB35B6AFA5D3F60C2C0A18EEF
Authority key identifier: EB:BC:91:CC:CA:B0:16:D3:B9:12:87:61:A9:C4:E5:53:97:61:21:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67yRzMqwFtO5EodhqcTlU5dhIcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/W66TeYTw-t7EMoHzkCaUwVfLkDI.roa
Signing time: Tue 13 May 2025 12:17:10 +0000
ROA not before: Tue 13 May 2025 12:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212166
IP address blocks: 89.39.245.0/24 maxlen: 24
2a04:7080::/64 maxlen: 64
2a04:7080:0:1::/64 maxlen: 64
2a04:7080:0:200::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/67yRzMqwFtO5EodhqcTlU5dhIcg.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/67yRzMqwFtO5EodhqcTlU5dhIcg.mft
rsync://rpki.ripe.net/repository/DEFAULT/67yRzMqwFtO5EodhqcTlU5dhIcg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:93:d2:fb:b3:5b:6a:fa:5d:3f:60:c2:c0:a1:8e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbc91cccab016d3b9128761a9c4e553976121c8
Validity
Not Before: May 13 12:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bae937984f0fadec43281f3902694c157cb9032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:86:6b:6c:0d:f9:e9:a7:47:49:22:69:aa:07:
38:4a:d0:25:74:ec:16:cb:3d:2a:2d:3d:5c:15:42:
c8:78:81:d8:c5:c5:cf:72:c0:88:27:db:27:8a:77:
b5:05:ac:d5:f0:8c:eb:1a:ec:eb:67:fd:ea:91:84:
c5:2e:06:c3:a6:56:ce:ef:75:ef:ff:67:99:5c:56:
d8:9a:d2:b0:ab:c7:2d:d9:9e:a8:9c:09:b2:ce:f2:
44:f3:6c:99:2b:66:a0:32:0d:9b:42:83:bc:6f:3e:
f1:e2:c4:bd:11:a3:6f:54:ef:5f:78:26:29:9f:ae:
eb:f8:49:d9:7c:77:b8:d1:9e:c2:dd:e1:33:87:24:
2b:58:12:4c:46:a2:b7:c4:c4:5e:00:ab:f6:30:b6:
51:b5:1d:12:5b:d9:fd:a2:51:75:27:96:10:18:bf:
9b:d5:17:24:01:98:f4:9f:24:bd:e6:87:6e:0b:83:
03:7e:0d:f4:e9:23:71:d0:41:b4:27:84:d9:7f:b5:
ac:a3:52:04:bf:e1:6a:cf:3e:4a:97:7c:0f:04:52:
5c:f9:91:de:bf:8a:a0:4f:5f:49:04:fe:e1:29:df:
70:2b:27:16:85:91:29:64:36:e4:9e:ea:1c:a0:96:
43:cd:a1:74:45:51:72:41:db:b1:46:71:d3:c9:4e:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AE:93:79:84:F0:FA:DE:C4:32:81:F3:90:26:94:C1:57:CB:90:32
X509v3 Authority Key Identifier:
keyid:EB:BC:91:CC:CA:B0:16:D3:B9:12:87:61:A9:C4:E5:53:97:61:21:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67yRzMqwFtO5EodhqcTlU5dhIcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/W66TeYTw-t7EMoHzkCaUwVfLkDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/eaddae-3783-4fdb-a301-a001a29c23f0/1/67yRzMqwFtO5EodhqcTlU5dhIcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.245.0/24
IPv6:
2a04:7080::/63
2a04:7080:0:200::/64
Signature Algorithm: sha256WithRSAEncryption
16:96:f9:a9:e2:aa:a1:17:af:28:c7:bf:6b:16:52:51:36:e8:
8b:2f:55:bb:41:77:0f:55:c1:7d:eb:1f:84:cd:56:68:c5:8b:
fe:5e:d6:e2:9a:b4:8d:ca:f1:2d:8c:85:19:a6:69:5d:e8:c3:
7e:c2:68:bc:bf:41:4c:d0:5b:ba:cc:8d:f7:3c:1c:77:a3:2f:
2c:a7:9f:d1:3d:10:02:b5:19:07:06:2f:b4:6b:ba:ac:90:65:
78:87:f2:79:b4:af:92:aa:9f:1a:7c:94:33:ec:6f:88:b1:3e:
01:a5:5c:a1:03:6f:c9:5f:16:2c:83:d0:42:ba:51:23:de:e3:
6c:61:c1:31:f1:6d:71:0c:7f:09:5e:48:ce:33:78:a5:66:f3:
37:9a:c4:8d:aa:89:d1:6e:dc:1a:59:c3:df:a1:7b:d5:d1:17:
fb:bc:42:4b:16:fe:6a:6e:59:58:db:97:c6:3c:3a:d3:15:e0:
24:44:0d:12:41:67:53:a4:25:0d:08:93:ee:b9:b4:84:f3:f3:
33:7c:2a:80:5f:c1:aa:75:e9:e1:77:f4:c7:0e:40:2a:af:3b:
5a:35:f8:87:14:0d:e6:0d:11:69:dd:a2:de:ef:32:38:cc:ba:
d6:98:1d:df:78:8e:f8:76:26:48:7b:93:e6:7a:55:15:3a:4d:
9b:53:ee:ef
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbJk9L7s1tq+l0/YMLAoY7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmM5MWNjY2FiMDE2ZDNiOTEyODc2MWE5YzRlNTUzOTc2
MTIxYzgwHhcNMjUwNTEzMTIxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmFlOTM3OTg0ZjBmYWRlYzQzMjgxZjM5MDI2OTRjMTU3Y2I5MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYZrbA356adHSSJpqgc4StAldOwW
yz0qLT1cFULIeIHYxcXPcsCIJ9snine1BazV8IzrGuzrZ/3qkYTFLgbDplbO73Xv
/2eZXFbYmtKwq8ct2Z6onAmyzvJE82yZK2agMg2bQoO8bz7x4sS9EaNvVO9feCYp
n67r+EnZfHe40Z7C3eEzhyQrWBJMRqK3xMReAKv2MLZRtR0SW9n9olF1J5YQGL+b
1RckAZj0nyS95oduC4MDfg306SNx0EG0J4TZf7Wso1IEv+Fqzz5Kl3wPBFJc+ZHe
v4qgT19JBP7hKd9wKycWhZEpZDbknuocoJZDzaF0RVFyQduxRnHTyU5hawIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFuuk3mE8PrexDKB85AmlMFXy5AyMB8GA1UdIwQY
MBaAFOu8kczKsBbTuRKHYanE5VOXYSHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjd5UnpNcXdGdE81RW9kaHFjVGxVNWRoSWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lYWRkYWUtMzc4My00ZmRiLWEzMDEt
YTAwMWEyOWMyM2YwLzEvVzY2VGVZVHctdDdFTW9IemtDYVV3VmZMa0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lYWRkYWUtMzc4My00ZmRiLWEzMDEtYTAwMWEyOWMyM2Yw
LzEvNjd5UnpNcXdGdE81RW9kaHFjVGxVNWRoSWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAMBAIAATAGAwQAWSf1MBwE
AgACMBYDCQEqBHCAAAAAAAMJACoEcIAAAAIAMA0GCSqGSIb3DQEBCwUAA4IBAQAW
lvmp4qqhF68ox79rFlJRNuiLL1W7QXcPVcF96x+EzVZoxYv+XtbimrSNyvEtjIUZ
pmld6MN+wmi8v0FM0Fu6zI33PBx3oy8sp5/RPRACtRkHBi+0a7qskGV4h/J5tK+S
qp8afJQz7G+IsT4BpVyhA2/JXxYsg9BCulEj3uNsYcEx8W1xDH8JXkjOM3ilZvM3
msSNqonRbtwaWcPfoXvV0Rf7vEJLFv5qbllY25fGPDrTFeAkRA0SQWdTpCUNCJPu
ubSE8/MzfCqAX8Gqdenhd/THDkAqrztaNfiHFA3mDRFp3aLe7zI4zLrWmB3feI74
diZIe5PmelUVOk2bU+7v
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:41:08 2025 by rpki-client