Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/ekhJmeQnAobhvtQLQDb4UB8M1mE.roa
File: ekhJmeQnAobhvtQLQDb4UB8M1mE.roa (raw, json)
Hash identifier: 6CiHXbuoqrzSCFBPUfq3RLFxMNDauAW0jWPQmmN8RFM=
Subject key identifier: 7A:48:49:99:E4:27:02:86:E1:BE:D4:0B:40:36:F8:50:1F:0C:D6:61
Certificate issuer: /CN=9c83133a7e0593bb398eadb92758cbc92c9d65a5
Certificate serial: 0194266AB234A956E63C1F9CD3CA944BE56E
Authority key identifier: 9C:83:13:3A:7E:05:93:BB:39:8E:AD:B9:27:58:CB:C9:2C:9D:65:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nIMTOn4Fk7s5jq25J1jLySydZaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/ekhJmeQnAobhvtQLQDb4UB8M1mE.roa
Signing time: Thu 02 Jan 2025 09:48:34 +0000
ROA not before: Thu 02 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51262
IP address blocks: 193.17.24.0/24 maxlen: 24
193.17.26.0/24 maxlen: 24
193.17.55.0/24 maxlen: 24
2a0f:7940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/nIMTOn4Fk7s5jq25J1jLySydZaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/nIMTOn4Fk7s5jq25J1jLySydZaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/nIMTOn4Fk7s5jq25J1jLySydZaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:b2:34:a9:56:e6:3c:1f:9c:d3:ca:94:4b:e5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c83133a7e0593bb398eadb92758cbc92c9d65a5
Validity
Not Before: Jan 2 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a484999e4270286e1bed40b4036f8501f0cd661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:da:3a:56:35:ee:95:0e:92:68:93:18:88:78:
c2:08:44:a8:9d:af:34:af:0e:24:f7:a7:60:e9:cd:
c7:b2:2c:4d:8b:12:0e:35:d7:f6:ce:f9:0c:53:49:
ce:7a:f9:d2:c1:e5:8c:ad:d7:b1:f3:c0:fd:69:d3:
d3:95:35:46:03:28:19:eb:ff:e7:8e:0a:d1:22:8e:
e7:3b:f1:a1:ac:f9:3e:d2:b4:f1:f7:09:47:99:e3:
0f:8b:24:1e:ee:19:8a:a2:60:fa:87:5e:6a:80:8a:
eb:91:02:7c:76:e3:62:12:4a:de:c7:ab:59:e0:42:
89:80:98:28:28:84:5c:ba:76:45:84:7f:5f:0c:3c:
9e:70:bb:88:9e:b4:db:02:f7:ea:2b:77:bb:a7:0e:
2f:8d:22:c9:8b:27:1d:78:fe:34:2c:9c:d7:af:b3:
f3:8b:95:6d:db:15:e8:15:4e:7d:94:a2:42:df:cf:
b5:1a:a3:18:99:2d:9b:33:b0:af:98:be:99:60:71:
9d:b2:3a:73:b7:15:72:6e:86:f4:c2:50:6f:49:43:
fc:85:6e:78:e9:1c:98:61:94:55:e2:48:09:42:ac:
00:17:21:bf:54:5c:41:a2:f4:b1:d3:8c:31:d6:fc:
2d:64:df:24:5c:6f:5a:96:f2:02:eb:7f:0a:93:46:
2d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:48:49:99:E4:27:02:86:E1:BE:D4:0B:40:36:F8:50:1F:0C:D6:61
X509v3 Authority Key Identifier:
keyid:9C:83:13:3A:7E:05:93:BB:39:8E:AD:B9:27:58:CB:C9:2C:9D:65:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nIMTOn4Fk7s5jq25J1jLySydZaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/ekhJmeQnAobhvtQLQDb4UB8M1mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/eda15a-0423-46bd-b32a-52147aae0eb4/1/nIMTOn4Fk7s5jq25J1jLySydZaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.24.0/24
193.17.26.0/24
193.17.55.0/24
IPv6:
2a0f:7940::/29
Signature Algorithm: sha256WithRSAEncryption
6d:98:35:cd:40:c0:b3:35:3d:e1:df:31:82:44:72:7d:3f:db:
4a:96:40:90:ac:c2:82:31:4f:64:8d:f2:b9:5b:f6:da:ed:a2:
0d:8c:9b:af:12:43:18:f2:fa:14:23:99:45:14:65:94:bf:b9:
3c:5a:d3:7f:45:51:08:d2:ab:65:bc:be:c9:86:a8:f8:51:e7:
98:86:d2:08:c4:85:ad:9c:1b:e5:b4:14:a7:58:67:8a:0c:3d:
87:c5:42:81:e4:7e:6a:fa:45:61:bd:64:cc:55:80:93:ab:09:
86:02:ec:14:15:d4:36:5a:f3:e1:3d:78:19:d3:4a:cf:1c:ff:
97:17:4e:3f:32:73:83:af:1f:08:e0:11:d3:68:bc:53:1d:90:
31:bc:1f:18:5c:63:89:32:88:53:78:ef:b2:01:83:86:fa:fa:
c0:ce:bb:cf:71:e1:9a:b6:10:f3:0f:9f:cd:51:12:b7:75:08:
ed:67:fb:70:aa:ce:cc:3a:66:dd:9a:d9:5b:14:7e:a3:fd:37:
91:9a:51:34:d9:66:80:55:19:57:b0:f4:42:8f:74:ab:80:bc:
e5:2c:94:1c:3a:58:ef:c7:1d:e4:43:d1:f3:08:69:6e:41:58:
d6:92:db:30:96:da:bf:dd:a6:38:25:cf:fa:2b:08:03:76:d1:
82:df:cd:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQmarI0qVbmPB+c08qUS+VuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljODMxMzNhN2UwNTkzYmIzOThlYWRiOTI3NThjYmM5MmM5
ZDY1YTUwHhcNMjUwMTAyMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ4NDk5OWU0MjcwMjg2ZTFiZWQ0MGI0MDM2Zjg1MDFmMGNkNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1do6VjXulQ6SaJMYiHjCCESona80
rw4k96dg6c3HsixNixIONdf2zvkMU0nOevnSweWMrdex88D9adPTlTVGAygZ6//n
jgrRIo7nO/GhrPk+0rTx9wlHmeMPiyQe7hmKomD6h15qgIrrkQJ8duNiEkrex6tZ
4EKJgJgoKIRcunZFhH9fDDyecLuInrTbAvfqK3e7pw4vjSLJiycdeP40LJzXr7Pz
i5Vt2xXoFU59lKJC38+1GqMYmS2bM7CvmL6ZYHGdsjpztxVybob0wlBvSUP8hW54
6RyYYZRV4kgJQqwAFyG/VFxBovSx04wx1vwtZN8kXG9alvIC638Kk0YtnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHpISZnkJwKG4b7UC0A2+FAfDNZhMB8GA1UdIwQY
MBaAFJyDEzp+BZO7OY6tuSdYy8ksnWWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbklNVE9uNEZrN3M1anEyNUoxakx5U3lkWmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZGExNWEtMDQyMy00NmJkLWIzMmEt
NTIxNDdhYWUwZWI0LzEvZWtoSm1lUW5Bb2JodnRRTFFEYjRVQjhNMW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZGExNWEtMDQyMy00NmJkLWIzMmEtNTIxNDdhYWUwZWI0
LzEvbklNVE9uNEZrN3M1anEyNUoxakx5U3lkWmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwREYAwQA
wREaAwQAwRE3MA0EAgACMAcDBQMqD3lAMA0GCSqGSIb3DQEBCwUAA4IBAQBtmDXN
QMCzNT3h3zGCRHJ9P9tKlkCQrMKCMU9kjfK5W/ba7aINjJuvEkMY8voUI5lFFGWU
v7k8WtN/RVEI0qtlvL7Jhqj4UeeYhtIIxIWtnBvltBSnWGeKDD2HxUKB5H5q+kVh
vWTMVYCTqwmGAuwUFdQ2WvPhPXgZ00rPHP+XF04/MnODrx8I4BHTaLxTHZAxvB8Y
XGOJMohTeO+yAYOG+vrAzrvPceGathDzD5/NURK3dQjtZ/twqs7MOmbdmtlbFH6j
/TeRmlE02WaAVRlXsPRCj3SrgLzlLJQcOljvxx3kQ9HzCGluQVjWktswltq/3aY4
Jc/6KwgDdtGC383W
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:49:46 2025 by rpki-client