Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TiK2reN3wYrWPNFksJXDXKnEE6w.roa
File: TiK2reN3wYrWPNFksJXDXKnEE6w.roa (raw, json)
Hash identifier: 7BbC3Cl1PCraVUL36uJLoyKVmcRHTcyEGjIeCZGKjZo=
Subject key identifier: 4E:22:B6:AD:E3:77:C1:8A:D6:3C:D1:64:B0:95:C3:5C:A9:C4:13:AC
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0196433ECA07C968FDE49FF8EEAD95357DC1
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TiK2reN3wYrWPNFksJXDXKnEE6w.roa
Signing time: Thu 17 Apr 2025 10:15:10 +0000
ROA not before: Thu 17 Apr 2025 10:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a06:d643::/32 maxlen: 32
2a09:e305::/32 maxlen: 32
2a09:ef03::/32 maxlen: 32
2a0d:95c4::/32 maxlen: 32
2a0f:3107::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:3e:ca:07:c9:68:fd:e4:9f:f8:ee:ad:95:35:7d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 17 10:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e22b6ade377c18ad63cd164b095c35ca9c413ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4f:e3:cd:b0:e3:56:44:01:64:44:da:b8:f8:
b6:74:4a:da:c7:05:39:a1:1c:3d:7c:5f:ef:a2:73:
8d:92:86:46:55:ca:4e:5b:91:83:c2:98:08:32:7d:
c6:e8:e5:f2:c0:97:53:cb:70:61:12:7e:52:ac:d1:
79:90:4d:0c:cc:8a:ca:95:f1:b1:94:e6:0b:ba:8a:
f2:64:69:bf:42:55:f2:43:16:c8:55:0c:d7:78:cf:
cf:8d:23:16:da:82:7e:2f:90:d7:c7:c4:e6:99:5a:
6a:4a:91:57:ff:09:d8:12:07:6f:f7:06:a4:2d:d6:
74:13:cf:04:d1:0d:91:1e:e9:28:2c:e9:30:83:dc:
be:a5:e4:e7:f4:9c:db:3e:4a:ee:33:ef:86:b1:88:
39:92:24:2e:f4:21:44:8e:7d:60:69:ad:b3:45:db:
e4:4b:20:d1:75:e4:f3:2a:20:de:53:2e:43:4d:f6:
f5:39:a7:50:f9:26:98:3e:9f:3a:e1:8b:06:0d:49:
d6:27:90:8d:e0:df:ee:b7:9f:a3:05:55:36:be:0b:
8d:f1:9e:1c:aa:ca:a9:4f:0d:c2:0e:04:bb:e1:a9:
e2:82:92:f4:e1:51:98:70:5d:10:20:7c:65:7b:6f:
0b:38:10:24:06:22:17:ea:e2:37:70:42:df:f8:14:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:22:B6:AD:E3:77:C1:8A:D6:3C:D1:64:B0:95:C3:5C:A9:C4:13:AC
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TiK2reN3wYrWPNFksJXDXKnEE6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d643::/32
2a09:e305::/32
2a09:ef03::/32
2a0d:95c4::/32
2a0f:3107::/32
Signature Algorithm: sha256WithRSAEncryption
6f:70:c0:ca:b6:83:b0:c3:6a:be:a0:f3:22:e0:77:8e:d1:27:
a6:22:dc:21:4b:03:0b:60:74:da:c3:e2:67:39:ea:6e:e3:69:
92:19:a8:53:90:80:20:0c:3c:72:9d:36:3e:1e:4a:dc:cc:6e:
81:78:96:97:b2:b3:ac:50:7f:9c:21:94:0c:1f:9f:af:c4:29:
0a:08:a9:b5:a3:d1:70:b8:d9:cb:79:f3:a0:b3:de:62:7c:06:
a9:f4:46:b9:c1:24:ca:71:d1:38:a5:30:8e:94:8a:65:31:41:
b8:25:40:02:3b:95:f4:fc:f5:a3:bb:33:26:6e:92:85:c9:61:
c3:59:41:6b:63:10:4f:69:e3:07:da:72:1d:cb:16:6f:a0:2e:
3a:89:aa:e0:86:32:b3:1c:2e:99:80:0c:0c:1f:72:5a:0a:3e:
d4:06:f8:d2:3d:e4:dc:9e:34:fd:a7:96:ac:e5:be:5b:b5:10:
fa:c2:19:bf:b8:fb:e7:d9:7c:11:c0:13:83:79:77:7f:ef:78:
3a:7e:cd:a3:81:b1:cc:eb:22:2d:34:5d:fa:5d:60:6a:b0:ff:
1d:6e:fb:80:74:a5:64:98:f4:f4:22:b9:ac:e9:98:95:7d:a3:
53:a7:b0:02:1d:5f:2d:03:84:39:9b:e5:f7:f6:47:ef:74:10:
0e:db:63:28
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZZDPsoHyWj95J/47q2VNX3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwNDE3MTAxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIyYjZhZGUzNzdjMThhZDYzY2QxNjRiMDk1YzM1Y2E5YzQxM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE/jzbDjVkQBZETauPi2dEraxwU5
oRw9fF/vonONkoZGVcpOW5GDwpgIMn3G6OXywJdTy3BhEn5SrNF5kE0MzIrKlfGx
lOYLuoryZGm/QlXyQxbIVQzXeM/PjSMW2oJ+L5DXx8TmmVpqSpFX/wnYEgdv9wak
LdZ0E88E0Q2RHukoLOkwg9y+peTn9JzbPkruM++GsYg5kiQu9CFEjn1gaa2zRdvk
SyDRdeTzKiDeUy5DTfb1OadQ+SaYPp864YsGDUnWJ5CN4N/ut5+jBVU2vguN8Z4c
qsqpTw3CDgS74anigpL04VGYcF0QIHxle28LOBAkBiIX6uI3cELf+BTdDwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE4itq3jd8GK1jzRZLCVw1ypxBOsMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVGlLMnJlTjN3WXJXUE5Ga3NKWERYS25FRTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgbWQwMF
ACoJ4wUDBQAqCe8DAwUAKg2VxAMFACoPMQcwDQYJKoZIhvcNAQELBQADggEBAG9w
wMq2g7DDar6g8yLgd47RJ6Yi3CFLAwtgdNrD4mc56m7jaZIZqFOQgCAMPHKdNj4e
StzMboF4lpeys6xQf5whlAwfn6/EKQoIqbWj0XC42ct586Cz3mJ8Bqn0RrnBJMpx
0TilMI6UimUxQbglQAI7lfT89aO7MyZukoXJYcNZQWtjEE9p4wfach3LFm+gLjqJ
quCGMrMcLpmADAwfcloKPtQG+NI95NyeNP2nlqzlvlu1EPrCGb+4++fZfBHAE4N5
d3/veDp+zaOBsczrIi00XfpdYGqw/x1u+4B0pWSY9PQiuazpmJV9o1OnsAIdXy0D
hDmb5ff2R+90EA7bYyg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:38:11 2025 by rpki-client