Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EHa5LRqYKQEP9dDWzSSuUw_ODMI.roa
File: EHa5LRqYKQEP9dDWzSSuUw_ODMI.roa (raw, json)
Hash identifier: X93kxWz8I79L/YC44aaFE4KBmj3MgYuQCQWdh5JJRlU=
Subject key identifier: 10:76:B9:2D:1A:98:29:01:0F:F5:D0:D6:CD:24:AE:53:0F:CE:0C:C2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0195AD59F9AE1A748B4C7D6CE4B2B095B9AE
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EHa5LRqYKQEP9dDWzSSuUw_ODMI.roa
Signing time: Wed 19 Mar 2025 07:41:49 +0000
ROA not before: Wed 19 Mar 2025 07:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a06:d644::/32 maxlen: 32
2a09:2984::/32 maxlen: 32
2a0d:afc5::/32 maxlen: 32
2a0d:afc7::/32 maxlen: 32
2a0d:c102::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:59:f9:ae:1a:74:8b:4c:7d:6c:e4:b2:b0:95:b9:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 19 07:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1076b92d1a9829010ff5d0d6cd24ae530fce0cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:15:f1:e8:9d:ae:fe:3d:eb:2a:a2:3c:e5:83:
0e:25:c0:a3:66:d0:c6:31:83:b1:6e:81:5a:70:b5:
bb:3f:9d:d6:b2:4d:cd:89:57:3b:9f:aa:f7:6c:5c:
6c:84:8a:eb:1e:3d:94:8a:cc:a1:93:fe:1d:79:a1:
7c:a1:e9:e2:fb:5e:06:38:f7:e3:51:ac:39:66:a5:
dc:fe:4a:dd:7c:fb:17:bb:fb:09:a1:77:83:9c:ca:
c7:6b:c6:f9:7e:8f:9b:4a:d9:6c:6f:62:8c:b6:c7:
ec:ac:62:f9:18:36:c9:8e:ce:49:6c:51:92:bc:c6:
95:58:56:67:86:52:5d:ec:68:dc:b2:07:30:98:3d:
84:3d:e1:2a:45:b5:ca:19:35:b0:25:10:82:96:d4:
9f:1d:06:08:fe:0e:77:a8:c1:f6:0a:99:78:2e:3d:
71:db:bc:b3:f6:30:10:df:f4:55:58:ee:91:a1:73:
95:5b:c6:1b:92:86:1e:33:66:75:82:95:f0:14:90:
95:f8:d8:03:d7:af:11:b1:7e:76:a9:e4:56:0a:48:
20:bc:d0:62:74:49:a5:00:96:20:1c:30:a2:da:d9:
c0:4f:9a:ad:1e:36:8a:bd:60:92:7e:3a:ba:43:2c:
a3:77:77:1a:de:8a:a3:9b:01:b6:10:33:8e:79:d0:
83:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:76:B9:2D:1A:98:29:01:0F:F5:D0:D6:CD:24:AE:53:0F:CE:0C:C2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EHa5LRqYKQEP9dDWzSSuUw_ODMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d644::/32
2a09:2984::/32
2a0d:afc5::/32
2a0d:afc7::/32
2a0d:c102::/32
Signature Algorithm: sha256WithRSAEncryption
39:91:a1:9f:8d:a9:86:99:4a:48:be:fb:d2:55:76:8c:be:81:
0d:f0:9c:3a:64:24:ba:92:83:84:dc:91:92:69:9b:dc:dc:35:
00:91:4e:df:5c:c0:9d:4d:ce:3b:2a:18:23:e9:dc:41:20:db:
8b:b8:ad:16:eb:38:a3:d6:be:39:4b:83:2d:6d:cf:53:27:b6:
d1:c2:5f:20:ed:c0:ab:ba:05:73:b5:87:18:ff:f2:a6:0b:b7:
85:ba:89:9f:b9:95:b2:90:ab:87:85:44:98:76:aa:21:4b:2b:
34:45:23:c4:a2:5c:8b:0d:af:14:2c:3a:10:47:28:57:63:57:
6e:aa:09:d9:49:65:3a:c9:43:91:6b:a7:09:ee:1c:2e:45:a3:
37:2d:47:c7:ed:4b:8e:5b:87:34:65:42:d3:67:2e:84:37:29:
aa:7e:04:94:b4:aa:a3:e0:0b:84:7d:5f:6f:8d:67:05:85:0a:
d5:8f:8c:d8:3c:62:49:e7:b8:d2:2b:c0:11:c4:2a:79:00:8e:
d3:53:5e:54:6f:06:c6:7e:ce:f8:b9:58:0a:f6:76:57:dd:52:
14:90:0b:fb:52:46:bb:16:74:e2:4c:ec:38:43:c3:ad:6e:fe:
c4:5c:fd:87:15:63:85:5a:2b:ab:fe:28:73:8d:c4:f0:25:21:
32:dc:8f:86
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZWtWfmuGnSLTH1s5LKwlbmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzE5MDc0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc2YjkyZDFhOTgyOTAxMGZmNWQwZDZjZDI0YWU1MzBmY2UwY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRXx6J2u/j3rKqI85YMOJcCjZtDG
MYOxboFacLW7P53Wsk3NiVc7n6r3bFxshIrrHj2Uisyhk/4deaF8oeni+14GOPfj
Uaw5ZqXc/krdfPsXu/sJoXeDnMrHa8b5fo+bStlsb2KMtsfsrGL5GDbJjs5JbFGS
vMaVWFZnhlJd7GjcsgcwmD2EPeEqRbXKGTWwJRCCltSfHQYI/g53qMH2Cpl4Lj1x
27yz9jAQ3/RVWO6RoXOVW8YbkoYeM2Z1gpXwFJCV+NgD168RsX52qeRWCkggvNBi
dEmlAJYgHDCi2tnAT5qtHjaKvWCSfjq6Qyyjd3ca3oqjmwG2EDOOedCDSwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBB2uS0amCkBD/XQ1s0krlMPzgzCMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvRUhhNUxScVlLUUVQOWREV3pTU3VVd19PRE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgbWRAMF
ACoJKYQDBQAqDa/FAwUAKg2vxwMFACoNwQIwDQYJKoZIhvcNAQELBQADggEBADmR
oZ+NqYaZSki++9JVdoy+gQ3wnDpkJLqSg4TckZJpm9zcNQCRTt9cwJ1NzjsqGCPp
3EEg24u4rRbrOKPWvjlLgy1tz1MnttHCXyDtwKu6BXO1hxj/8qYLt4W6iZ+5lbKQ
q4eFRJh2qiFLKzRFI8SiXIsNrxQsOhBHKFdjV26qCdlJZTrJQ5FrpwnuHC5Fozct
R8ftS45bhzRlQtNnLoQ3Kap+BJS0qqPgC4R9X2+NZwWFCtWPjNg8YknnuNIrwBHE
KnkAjtNTXlRvBsZ+zvi5WAr2dlfdUhSQC/tSRrsWdOJM7DhDw61u/sRc/YcVY4Va
K6v+KHONxPAlITLcj4Y=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:11 2025 by rpki-client