Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/EdaEcdzfZKUU8pzTsayBRrh8XNY.roa
File: EdaEcdzfZKUU8pzTsayBRrh8XNY.roa (raw, json)
Hash identifier: O3+hPZUQsLmn/0ZqbZYW7yg/F0HNHy5aqWBZDmT4tfM=
Subject key identifier: 11:D6:84:71:DC:DF:64:A5:14:F2:9C:D3:B1:AC:81:46:B8:7C:5C:D6
Certificate issuer: /CN=507c770bb6b08dcb4d6ea9b0c96272af3a6f9c71
Certificate serial: 0196C950FD7D8AD7EB279C80571F1C597C34
Authority key identifier: 50:7C:77:0B:B6:B0:8D:CB:4D:6E:A9:B0:C9:62:72:AF:3A:6F:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHx3C7awjctNbqmwyWJyrzpvnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/EdaEcdzfZKUU8pzTsayBRrh8XNY.roa
Signing time: Tue 13 May 2025 11:04:10 +0000
ROA not before: Tue 13 May 2025 11:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215957
IP address blocks: 152.114.248.0/21 maxlen: 22
2a14:c680:10::/44 maxlen: 44
2a14:c680:100::/40 maxlen: 40
2a14:c680:200::/40 maxlen: 40
2a14:c680:300::/40 maxlen: 40
2a14:c681::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/UHx3C7awjctNbqmwyWJyrzpvnHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/UHx3C7awjctNbqmwyWJyrzpvnHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/UHx3C7awjctNbqmwyWJyrzpvnHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 20:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:50:fd:7d:8a:d7:eb:27:9c:80:57:1f:1c:59:7c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=507c770bb6b08dcb4d6ea9b0c96272af3a6f9c71
Validity
Not Before: May 13 11:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d68471dcdf64a514f29cd3b1ac8146b87c5cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b9:8a:37:24:b3:0c:d6:11:aa:38:08:0e:4c:
75:a4:cf:cc:2a:12:05:b6:6e:fe:d1:13:42:81:45:
dd:0c:4b:6d:39:ef:3e:48:b0:fc:ab:f7:a1:11:e6:
d6:86:e8:d3:3f:d1:98:ae:12:76:42:ca:db:2d:e9:
c6:cd:79:20:ad:20:63:20:ef:d4:5a:2b:e4:6a:3c:
4a:d8:e6:1d:92:09:31:83:03:f2:6d:78:d7:5b:c8:
67:fe:bf:4c:c6:d1:88:d5:29:0b:40:ec:d8:8c:a6:
dc:27:92:e9:a4:58:56:fb:a6:e9:c9:33:49:d2:03:
6e:55:fe:d0:e4:49:6e:ee:12:f1:d8:6b:0e:30:ed:
92:0b:64:30:5a:73:b1:f4:e2:8a:48:d8:c4:96:62:
53:9c:11:3a:4e:34:28:55:eb:f7:aa:16:a4:ce:c2:
b2:b4:f2:52:3a:5b:87:3d:37:ec:bf:36:61:0f:04:
39:90:4b:02:0d:3e:88:42:ba:05:4b:7a:78:65:7d:
12:12:a7:c8:a9:83:ee:bf:15:a4:40:90:e8:2c:71:
ab:24:fd:af:72:f9:6d:cc:40:40:98:88:49:33:93:
82:64:f8:1f:e2:ed:0e:88:15:bb:ab:15:6f:30:0f:
6f:b9:29:b9:f5:cf:0a:f0:bd:ea:c5:56:d0:2b:20:
46:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D6:84:71:DC:DF:64:A5:14:F2:9C:D3:B1:AC:81:46:B8:7C:5C:D6
X509v3 Authority Key Identifier:
keyid:50:7C:77:0B:B6:B0:8D:CB:4D:6E:A9:B0:C9:62:72:AF:3A:6F:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHx3C7awjctNbqmwyWJyrzpvnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/EdaEcdzfZKUU8pzTsayBRrh8XNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5f1511-10fc-43e7-a8e0-58b79bc9bcc7/1/UHx3C7awjctNbqmwyWJyrzpvnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.114.248.0/21
IPv6:
2a14:c680:10::/44
2a14:c680:100::-2a14:c680:3ff:ffff:ffff:ffff:ffff:ffff
2a14:c681::/32
Signature Algorithm: sha256WithRSAEncryption
2b:0e:b5:6b:b5:97:39:a1:fb:ac:3c:c2:fe:b5:d3:51:b1:8e:
9f:a8:02:c6:9f:a9:a1:9b:a2:de:af:aa:a6:c2:82:e2:6e:94:
9b:bf:03:4e:16:8f:7d:c9:13:3e:71:18:94:be:1f:b2:49:e1:
50:0b:fa:38:cf:db:5e:b0:2d:06:94:9e:f9:9e:2f:f0:bd:a5:
53:2e:15:9c:54:db:c0:9d:1a:b1:e6:2f:dd:86:e0:6f:f7:4a:
21:2c:ed:d4:c2:7d:c1:3d:f0:6a:c2:19:27:2a:aa:c1:4a:b9:
a3:0b:24:b1:79:6a:1e:9c:4e:f2:52:61:36:71:84:54:0c:ee:
50:4b:44:d2:ec:9e:19:ee:31:ec:9d:b0:ec:dd:f5:68:af:8a:
d3:23:8f:43:fa:5a:a5:eb:7c:0b:91:a0:4d:11:78:8c:f5:91:
2e:39:5f:6a:9f:31:36:47:76:ef:bd:c0:46:4d:6a:83:6c:79:
bc:ae:93:23:5e:b2:43:ef:20:82:70:23:61:c2:49:79:f0:81:
8f:15:6c:bf:4a:ea:20:93:ac:9a:bf:b6:31:5e:2d:65:54:ba:
7e:32:74:02:b2:3e:21:c4:9e:d6:23:46:5b:59:ed:9c:1e:43:
5b:7f:82:4c:2c:79:33:c6:a3:dc:4d:18:45:e8:b2:de:ba:cc:
a2:2a:fc:6a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbJUP19itfrJ5yAVx8cWXw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwN2M3NzBiYjZiMDhkY2I0ZDZlYTliMGM5NjI3MmFmM2E2
ZjljNzEwHhcNMjUwNTEzMTEwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ2ODQ3MWRjZGY2NGE1MTRmMjljZDNiMWFjODE0NmI4N2M1Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbmKNySzDNYRqjgIDkx1pM/MKhIF
tm7+0RNCgUXdDEttOe8+SLD8q/ehEebWhujTP9GYrhJ2QsrbLenGzXkgrSBjIO/U
WivkajxK2OYdkgkxgwPybXjXW8hn/r9MxtGI1SkLQOzYjKbcJ5LppFhW+6bpyTNJ
0gNuVf7Q5Elu7hLx2GsOMO2SC2QwWnOx9OKKSNjElmJTnBE6TjQoVev3qhakzsKy
tPJSOluHPTfsvzZhDwQ5kEsCDT6IQroFS3p4ZX0SEqfIqYPuvxWkQJDoLHGrJP2v
cvltzEBAmIhJM5OCZPgf4u0OiBW7qxVvMA9vuSm59c8K8L3qxVbQKyBGcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBHWhHHc32SlFPKc07GsgUa4fFzWMB8GA1UdIwQY
MBaAFFB8dwu2sI3LTW6psMlicq86b5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUh4M0M3YXdqY3ROYnFtd3lXSnlyenB2bkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81ZjE1MTEtMTBmYy00M2U3LWE4ZTAt
NThiNzliYzliY2M3LzEvRWRhRWNkemZaS1VVOHB6VHNheUJScmg4WE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81ZjE1MTEtMTBmYy00M2U3LWE4ZTAtNThiNzliYzliY2M3
LzEvVUh4M0M3YXdqY3ROYnFtd3lXSnlyenB2bkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQDmHL4MCgE
AgACMCIDBwQqFMaAABAwEAMGACoUxoABAwYCKhTGgAADBQAqFMaBMA0GCSqGSIb3
DQEBCwUAA4IBAQArDrVrtZc5ofusPML+tdNRsY6fqALGn6mhm6Ler6qmwoLibpSb
vwNOFo99yRM+cRiUvh+ySeFQC/o4z9tesC0GlJ75ni/wvaVTLhWcVNvAnRqx5i/d
huBv90ohLO3Uwn3BPfBqwhknKqrBSrmjCySxeWoenE7yUmE2cYRUDO5QS0TS7J4Z
7jHsnbDs3fVor4rTI49D+lql63wLkaBNEXiM9ZEuOV9qnzE2R3bvvcBGTWqDbHm8
rpMjXrJD7yCCcCNhwkl58IGPFWy/Suogk6yav7YxXi1lVLp+MnQCsj4hxJ7WI0Zb
We2cHkNbf4JMLHkzxqPcTRhF6LLeusyiKvxq
-----END CERTIFICATE-----
Generated at Wed May 14 05:39:07 2025 by rpki-client