Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/0h2grdbQdf4vYHZWDkedoxq82j4.roa
File: 0h2grdbQdf4vYHZWDkedoxq82j4.roa (raw, json)
Hash identifier: D+Sm+7GDNJl3LW55KT6DhNCDqELpjmMWvTt+C/YfxSA=
Subject key identifier: D2:1D:A0:AD:D6:D0:75:FE:2F:60:76:56:0E:47:9D:A3:1A:BC:DA:3E
Certificate issuer: /CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Certificate serial: 019738438279ADC2C4A8C5B709F21C6DC904
Authority key identifier: 8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/0h2grdbQdf4vYHZWDkedoxq82j4.roa
Signing time: Wed 04 Jun 2025 00:07:17 +0000
ROA not before: Wed 04 Jun 2025 00:07:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a01:e300::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:38:43:82:79:ad:c2:c4:a8:c5:b7:09:f2:1c:6d:c9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Validity
Not Before: Jun 4 00:07:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d21da0add6d075fe2f6076560e479da31abcda3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:0d:03:96:b2:b0:2e:e2:13:0b:55:c4:a5:
9f:6a:87:f5:cb:75:33:5d:be:0d:04:d8:b7:a7:fd:
28:ab:8a:e6:71:24:95:9d:96:a3:9a:ff:b5:ce:47:
82:21:cb:57:a4:56:4f:52:b0:7b:64:1b:08:93:92:
63:9f:4d:cf:71:49:8e:26:ad:74:6c:47:cc:e6:de:
24:25:56:a1:9e:0f:ea:5e:54:f6:67:6f:c5:92:6c:
22:41:61:ef:f7:ca:61:d2:47:80:d0:77:a8:c6:69:
01:5f:69:64:cb:ad:e7:db:97:cd:9d:0c:71:a5:a8:
b8:9b:f1:50:79:fd:15:cc:6f:9e:ff:6e:f7:f6:3f:
44:e3:8a:51:20:74:41:4f:bc:3e:38:89:24:4d:b1:
4a:82:4c:0f:32:e8:ec:30:1b:41:a0:b7:13:1d:1f:
be:20:e0:08:d1:f9:eb:80:1c:da:db:31:e3:4a:96:
1c:f9:dc:cf:7c:fc:74:a5:7b:03:04:f8:d7:ba:3b:
2a:e8:ea:c5:71:67:5c:09:1f:07:73:fb:af:0f:4c:
d6:3d:ff:df:b2:72:58:76:13:1a:54:2a:55:e4:7f:
99:4e:0c:1f:98:29:6e:5e:7d:65:2b:a8:5e:91:7a:
17:11:87:a7:48:74:e2:59:50:42:d5:23:a1:39:cc:
05:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1D:A0:AD:D6:D0:75:FE:2F:60:76:56:0E:47:9D:A3:1A:BC:DA:3E
X509v3 Authority Key Identifier:
keyid:8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/0h2grdbQdf4vYHZWDkedoxq82j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e300::/29
Signature Algorithm: sha256WithRSAEncryption
76:50:fd:4b:09:40:5e:1f:a1:a3:4e:30:50:e0:24:0a:17:77:
4f:04:08:11:6f:69:d4:13:6d:20:59:d1:5d:5f:e0:d8:b0:03:
4f:04:bc:14:78:f0:07:36:86:9b:4c:7a:5a:6a:b6:17:f5:fa:
fb:5e:b8:a4:8a:ee:1a:96:61:21:3f:2a:8b:92:dc:36:9f:9e:
52:83:3d:5e:c0:51:92:56:4e:9e:4f:58:c9:1a:9f:8f:de:a4:
d2:82:06:8a:41:26:e7:0c:c6:54:8f:98:2f:b7:66:77:89:72:
ce:40:22:5d:9a:16:f9:0b:74:de:5d:cb:de:32:f1:5e:17:3c:
e1:0e:16:75:87:a1:0d:ca:78:3f:c1:7a:0a:83:d6:3b:ec:96:
21:56:9c:05:82:97:45:7d:91:df:ca:2c:45:6e:29:b2:73:3c:
e2:ec:e4:69:55:67:a9:f5:0a:6a:15:ff:6a:2b:78:1f:45:9d:
d2:cf:b0:ce:67:87:78:bd:73:bd:a5:29:9b:44:b2:52:30:04:
e8:90:19:21:32:48:ce:80:a3:1d:05:a1:d8:69:dc:93:09:4a:
5e:76:e1:b4:29:a1:e3:dc:ba:31:f6:dd:3b:0b:cc:c2:0a:57:
aa:29:81:0e:c1:2a:68:25:54:2c:53:6a:3b:9e:2d:08:41:b1:
48:ca:0d:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZc4Q4J5rcLEqMW3CfIcbckEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlM2YxNjYzOTk2YmUxNzA3NjExZmRjZTFkZGVhODkyMGRk
Mzk4YTMwHhcNMjUwNjA0MDAwNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFkYTBhZGQ2ZDA3NWZlMmY2MDc2NTYwZTQ3OWRhMzFhYmNkYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqsNA5aysC7iEwtVxKWfaof1y3Uz
Xb4NBNi3p/0oq4rmcSSVnZajmv+1zkeCIctXpFZPUrB7ZBsIk5Jjn03PcUmOJq10
bEfM5t4kJVahng/qXlT2Z2/FkmwiQWHv98ph0keA0HeoxmkBX2lky63n25fNnQxx
pai4m/FQef0VzG+e/2739j9E44pRIHRBT7w+OIkkTbFKgkwPMujsMBtBoLcTHR++
IOAI0fnrgBza2zHjSpYc+dzPfPx0pXsDBPjXujsq6OrFcWdcCR8Hc/uvD0zWPf/f
snJYdhMaVCpV5H+ZTgwfmCluXn1lK6hekXoXEYenSHTiWVBC1SOhOcwFcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNIdoK3W0HX+L2B2Vg5HnaMavNo+MB8GA1UdIwQY
MBaAFI4/FmOZa+FwdhH9zh3eqJIN05ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzkt
YzhmOWJlN2QxOWRmLzEvMGgyZ3JkYlFkZjR2WUhaV0RrZWRveHE4Mmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzktYzhmOWJlN2QxOWRm
LzEvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHjADAN
BgkqhkiG9w0BAQsFAAOCAQEAdlD9SwlAXh+ho04wUOAkChd3TwQIEW9p1BNtIFnR
XV/g2LADTwS8FHjwBzaGm0x6Wmq2F/X6+164pIruGpZhIT8qi5LcNp+eUoM9XsBR
klZOnk9YyRqfj96k0oIGikEm5wzGVI+YL7dmd4lyzkAiXZoW+Qt03l3L3jLxXhc8
4Q4WdYehDcp4P8F6CoPWO+yWIVacBYKXRX2R38osRW4psnM84uzkaVVnqfUKahX/
ait4H0Wd0s+wzmeHeL1zvaUpm0SyUjAE6JAZITJIzoCjHQWh2GnckwlKXnbhtCmh
49y6MfbdOwvMwgpXqimBDsEqaCVULFNqO54tCEGxSMoNIQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:47:52 2025 by rpki-client