Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/zEjaNBQI4k6YoVMcAWG4aZw2i8I.roa
File: zEjaNBQI4k6YoVMcAWG4aZw2i8I.roa (raw, json)
Hash identifier: SAGcvlJkIuY5apIUsDex2pUGAYdLriBQVThdf59HtA4=
Subject key identifier: CC:48:DA:34:14:08:E2:4E:98:A1:53:1C:01:61:B8:69:9C:36:8B:C2
Certificate issuer: /CN=79cb91394b790781d3a8773a855e5a9a3af20810
Certificate serial: 01966E14F990895D550417ED5F0009191970
Authority key identifier: 79:CB:91:39:4B:79:07:81:D3:A8:77:3A:85:5E:5A:9A:3A:F2:08:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ecuROUt5B4HTqHc6hV5amjryCBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/zEjaNBQI4k6YoVMcAWG4aZw2i8I.roa
Signing time: Fri 25 Apr 2025 17:53:10 +0000
ROA not before: Fri 25 Apr 2025 17:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62513
IP address blocks: 2a14:d281::/32 maxlen: 48
2a14:d282::/32 maxlen: 48
2a14:d283::/32 maxlen: 48
2a14:d284::/32 maxlen: 48
2a14:d286::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/ecuROUt5B4HTqHc6hV5amjryCBA.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/ecuROUt5B4HTqHc6hV5amjryCBA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ecuROUt5B4HTqHc6hV5amjryCBA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6e:14:f9:90:89:5d:55:04:17:ed:5f:00:09:19:19:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79cb91394b790781d3a8773a855e5a9a3af20810
Validity
Not Before: Apr 25 17:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc48da341408e24e98a1531c0161b8699c368bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5f:1f:52:62:d8:31:58:2c:9c:d7:e3:55:85:
73:9f:d6:0e:cd:20:bd:cd:ca:97:04:51:89:c1:97:
45:05:01:28:e2:3d:c4:a6:44:33:b8:03:5f:ce:20:
65:15:01:f0:76:c9:8f:df:b7:41:f7:76:4f:d0:d4:
db:fc:40:10:05:9b:66:f9:fe:76:2c:b2:4d:67:ce:
44:80:e9:d5:ca:e9:7a:4c:e1:97:fa:ab:2d:63:6a:
3f:b9:66:4f:4b:a6:10:c0:7b:b5:00:09:84:ac:e0:
c9:fa:45:c3:e5:e5:28:fd:d4:af:79:51:99:e9:30:
bf:ab:f2:ab:00:52:e1:1a:93:9c:3f:8e:9e:81:9d:
95:b6:0c:c9:84:ca:04:0c:3d:75:d6:ba:f1:68:e5:
05:aa:27:09:ad:4c:69:37:c2:51:f4:06:f7:51:85:
5b:63:53:c1:39:52:34:88:ca:fb:c2:71:cf:69:5d:
f4:ff:5c:ec:ea:b8:5e:3f:a4:bd:2a:db:b2:18:55:
c1:e2:04:cd:d1:79:af:35:4b:82:04:cc:c8:ca:0b:
bb:07:60:96:88:50:6d:c2:32:f6:3d:e4:54:fe:21:
0a:55:23:79:46:72:fa:0a:8d:38:eb:d4:03:51:c2:
6f:16:4f:da:c7:87:8b:cd:e7:7c:c1:25:50:be:70:
35:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:48:DA:34:14:08:E2:4E:98:A1:53:1C:01:61:B8:69:9C:36:8B:C2
X509v3 Authority Key Identifier:
keyid:79:CB:91:39:4B:79:07:81:D3:A8:77:3A:85:5E:5A:9A:3A:F2:08:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ecuROUt5B4HTqHc6hV5amjryCBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/zEjaNBQI4k6YoVMcAWG4aZw2i8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/e4637f-2de1-4815-bb6b-f11712149966/1/ecuROUt5B4HTqHc6hV5amjryCBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:d281::-2a14:d284:ffff:ffff:ffff:ffff:ffff:ffff
2a14:d286::/32
Signature Algorithm: sha256WithRSAEncryption
33:97:b8:ad:0b:d5:ea:dd:35:d1:8a:b7:68:ea:d8:9e:4a:3b:
1a:f3:7f:62:2e:d0:b6:d0:28:09:7e:e4:9c:c0:41:a4:c5:3c:
5d:dc:4a:94:ab:83:2f:0b:d8:00:3e:4e:5a:0f:58:e0:ae:bf:
4c:5e:55:f2:60:33:47:38:fa:c1:88:95:30:09:2c:d8:36:c1:
59:41:2f:02:06:d6:3d:c0:03:34:d8:7a:92:6d:0e:64:b0:2c:
52:bc:8c:55:ae:e3:77:c1:b0:4a:a9:f7:2d:c0:24:c2:8d:a0:
f1:37:6e:26:f6:d6:98:3c:81:b9:d8:32:42:70:b3:00:32:78:
85:a1:f2:e5:bd:e1:36:4e:52:26:67:5a:70:d4:02:28:01:6e:
79:31:9e:64:60:f2:f1:8d:18:c2:4d:cb:bc:c9:db:59:0a:e6:
66:db:b3:6a:65:96:27:da:4c:50:d1:b2:ea:b8:87:08:70:8b:
1b:a6:43:19:e3:2e:c3:e5:57:70:8b:7a:f0:d7:14:46:36:47:
c9:9b:5f:2f:21:0f:05:57:61:8a:6b:77:d9:9b:c6:25:06:0d:
a5:dd:0b:64:b6:65:c8:0b:ee:6c:c9:1b:4a:fc:56:db:62:2b:
d3:8d:15:b2:1e:cc:4d:1d:25:45:2b:29:ac:f6:44:01:9c:a5:
b8:ec:71:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZuFPmQiV1VBBftXwAJGRlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2I5MTM5NGI3OTA3ODFkM2E4NzczYTg1NWU1YTlhM2Fm
MjA4MTAwHhcNMjUwNDI1MTc1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ4ZGEzNDE0MDhlMjRlOThhMTUzMWMwMTYxYjg2OTljMzY4YmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2F8fUmLYMVgsnNfjVYVzn9YOzSC9
zcqXBFGJwZdFBQEo4j3EpkQzuANfziBlFQHwdsmP37dB93ZP0NTb/EAQBZtm+f52
LLJNZ85EgOnVyul6TOGX+qstY2o/uWZPS6YQwHu1AAmErODJ+kXD5eUo/dSveVGZ
6TC/q/KrAFLhGpOcP46egZ2VtgzJhMoEDD111rrxaOUFqicJrUxpN8JR9Ab3UYVb
Y1PBOVI0iMr7wnHPaV30/1zs6rheP6S9KtuyGFXB4gTN0XmvNUuCBMzIygu7B2CW
iFBtwjL2PeRU/iEKVSN5RnL6Co0469QDUcJvFk/ax4eLzed8wSVQvnA1awIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxI2jQUCOJOmKFTHAFhuGmcNovCMB8GA1UdIwQY
MBaAFHnLkTlLeQeB06h3OoVeWpo68ggQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWN1Uk9VdDVCNEhUcUhjNmhWNWFtanJ5Q0JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9lNDYzN2YtMmRlMS00ODE1LWJiNmIt
ZjExNzEyMTQ5OTY2LzEvekVqYU5CUUk0azZZb1ZNY0FXRzRhWncyaThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9lNDYzN2YtMmRlMS00ODE1LWJiNmItZjExNzEyMTQ5OTY2
LzEvZWN1Uk9VdDVCNEhUcUhjNmhWNWFtanJ5Q0JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqFNKB
AwUAKhTShAMFACoU0oYwDQYJKoZIhvcNAQELBQADggEBADOXuK0L1erdNdGKt2jq
2J5KOxrzf2Iu0LbQKAl+5JzAQaTFPF3cSpSrgy8L2AA+TloPWOCuv0xeVfJgM0c4
+sGIlTAJLNg2wVlBLwIG1j3AAzTYepJtDmSwLFK8jFWu43fBsEqp9y3AJMKNoPE3
bib21pg8gbnYMkJwswAyeIWh8uW94TZOUiZnWnDUAigBbnkxnmRg8vGNGMJNy7zJ
21kK5mbbs2pllifaTFDRsuq4hwhwixumQxnjLsPlV3CLevDXFEY2R8mbXy8hDwVX
YYprd9mbxiUGDaXdC2S2ZcgL7mzJG0r8VttiK9ONFbIezE0dJUUrKaz2RAGcpbjs
cbA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:20:49 2025 by rpki-client