Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bhmEePiuNnHqxZ4JP2YCdaJdaWQ.roa
File: bhmEePiuNnHqxZ4JP2YCdaJdaWQ.roa (raw, json)
Hash identifier: IOKrM6wqs64CxWRz/e5SJHOEHzYs4P5681kMIabdRJo=
Subject key identifier: 6E:19:84:78:F8:AE:36:71:EA:C5:9E:09:3F:66:02:75:A2:5D:69:64
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01975DBA92DB92E9B83758FDB4DB2DC75B6B
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bhmEePiuNnHqxZ4JP2YCdaJdaWQ.roa
Signing time: Wed 11 Jun 2025 06:43:17 +0000
ROA not before: Wed 11 Jun 2025 06:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:8841::/32 maxlen: 32
2a0e:8844::/32 maxlen: 32
2a0f:c03::/32 maxlen: 32
2a0f:c04::/32 maxlen: 32
2a0f:72c4::/32 maxlen: 32
2a0f:72c6::/32 maxlen: 32
2a0f:da86::/32 maxlen: 32
2a11:1844::/32 maxlen: 32
2a11:2d82::/32 maxlen: 32
2a11:3f05::/32 maxlen: 32
2a11:41c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:ba:92:db:92:e9:b8:37:58:fd:b4:db:2d:c7:5b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 11 06:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e198478f8ae3671eac59e093f660275a25d6964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9f:d8:53:b3:90:b8:f3:fb:10:27:08:1b:c6:
77:4d:fb:b6:3d:00:ad:cf:76:70:93:b0:5b:1c:eb:
d4:35:fd:e9:8f:06:43:ee:8b:9a:27:25:fc:2c:9e:
5e:2a:5d:32:24:99:16:4d:c3:43:dd:44:f8:b9:24:
0e:0a:9b:38:3e:d7:5b:13:65:e6:7d:5d:4e:9b:c4:
a0:d2:f2:04:be:e7:ec:c3:ca:4e:bb:75:26:bf:f6:
76:9d:10:3e:38:d6:1b:7d:d2:bc:5a:48:f6:d1:84:
f4:e5:7d:04:32:c7:6a:9f:6c:56:d2:24:6c:14:89:
5c:39:8f:1e:c4:9c:18:90:a5:39:28:71:0c:c4:28:
7e:31:77:13:16:8e:3f:0c:14:1b:56:05:69:83:a9:
c6:44:63:aa:24:82:59:66:36:75:f5:03:74:7d:39:
9b:a5:9f:6d:3c:07:82:c1:67:8e:da:f8:57:94:ce:
15:2a:7a:a9:bf:dd:ff:91:46:19:86:35:f2:0a:70:
c8:d9:94:dc:94:87:8c:b7:4e:1f:17:21:0a:90:a4:
a8:f4:20:32:48:49:9a:f8:58:8e:6d:73:a4:d0:c0:
13:d3:57:1d:ad:55:13:b0:b6:1d:7d:b3:97:d7:23:
16:90:e6:90:47:95:3f:97:39:40:84:e0:44:f5:09:
bb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:19:84:78:F8:AE:36:71:EA:C5:9E:09:3F:66:02:75:A2:5D:69:64
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bhmEePiuNnHqxZ4JP2YCdaJdaWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8841::/32
2a0e:8844::/32
2a0f:c03::-2a0f:c04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:72c4::/32
2a0f:72c6::/32
2a0f:da86::/32
2a11:1844::/32
2a11:2d82::/32
2a11:3f05::/32
2a11:41c1::/32
Signature Algorithm: sha256WithRSAEncryption
97:d4:ae:fe:aa:d6:68:ed:14:33:d2:d1:d3:7a:fc:35:96:02:
66:cf:4b:06:26:43:3a:26:1a:6e:34:d7:47:ef:72:64:05:5a:
50:f3:e0:49:ac:ae:41:a3:11:39:df:5b:b3:06:28:62:99:32:
f8:0f:c2:2c:ae:17:f8:23:d2:ef:e9:f1:d7:fd:4b:94:a8:43:
0b:ec:76:fe:a5:a6:8a:3f:9b:cf:3b:9f:e9:17:9e:5e:63:ba:
76:d8:87:84:42:55:ff:9e:8a:e1:95:70:7c:b8:99:48:55:9a:
52:ce:9d:86:ed:18:79:78:9a:a4:2e:1e:b1:71:51:38:49:bc:
4f:1c:4e:6d:b5:f2:d5:aa:8b:c6:22:aa:36:7b:83:96:39:b2:
44:a0:51:35:fb:9b:40:12:c8:1e:3b:c2:d5:ef:1c:c3:8c:e8:
77:43:2f:7f:7b:22:fc:32:13:a5:03:b3:12:d0:63:b1:dd:f0:
7d:89:52:b3:10:d9:47:b4:bc:67:89:a9:28:88:de:d1:bc:7d:
cc:18:8b:d5:3d:46:5e:c4:53:36:ea:72:5d:4a:54:4c:1a:ae:
61:25:09:ff:92:29:34:de:18:a5:b5:82:ee:b5:0b:74:cb:50:
aa:6c:ce:90:cd:77:4a:c2:6d:07:9f:8f:b3:2d:66:48:ae:84:
c4:64:e5:e0
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZddupLbkum4N1j9tNstx1trMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjExMDY0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE5ODQ3OGY4YWUzNjcxZWFjNTllMDkzZjY2MDI3NWEyNWQ2OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5/YU7OQuPP7ECcIG8Z3Tfu2PQCt
z3Zwk7BbHOvUNf3pjwZD7ouaJyX8LJ5eKl0yJJkWTcND3UT4uSQOCps4PtdbE2Xm
fV1Om8Sg0vIEvufsw8pOu3Umv/Z2nRA+ONYbfdK8Wkj20YT05X0EMsdqn2xW0iRs
FIlcOY8exJwYkKU5KHEMxCh+MXcTFo4/DBQbVgVpg6nGRGOqJIJZZjZ19QN0fTmb
pZ9tPAeCwWeO2vhXlM4VKnqpv93/kUYZhjXyCnDI2ZTclIeMt04fFyEKkKSo9CAy
SEma+FiObXOk0MAT01cdrVUTsLYdfbOX1yMWkOaQR5U/lzlAhOBE9Qm78wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFG4ZhHj4rjZx6sWeCT9mAnWiXWlkMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvYmhtRWVQaXVObkhxeFo0SlAyWUNkYUpkYVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAAjBPAwUAKg6IQQMF
ACoOiEQwDgMFACoPDAMDBQAqDwwEAwUAKg9yxAMFACoPcsYDBQAqD9qGAwUAKhEY
RAMFACoRLYIDBQAqET8FAwUAKhFBwTANBgkqhkiG9w0BAQsFAAOCAQEAl9Su/qrW
aO0UM9LR03r8NZYCZs9LBiZDOiYabjTXR+9yZAVaUPPgSayuQaMROd9bswYoYpky
+A/CLK4X+CPS7+nx1/1LlKhDC+x2/qWmij+bzzuf6ReeXmO6dtiHhEJV/56K4ZVw
fLiZSFWaUs6dhu0YeXiapC4esXFROEm8TxxObbXy1aqLxiKqNnuDljmyRKBRNfub
QBLIHjvC1e8cw4zod0Mvf3si/DITpQOzEtBjsd3wfYlSsxDZR7S8Z4mpKIje0bx9
zBiL1T1GXsRTNupyXUpUTBquYSUJ/5IpNN4YpbWC7rULdMtQqmzOkM13SsJtB5+P
sy1mSK6ExGTl4A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:59:09 2025 by rpki-client