Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1do3gS9n4p_SDPueuQU-nCTtBuc.roa
File: 1do3gS9n4p_SDPueuQU-nCTtBuc.roa (raw, json)
Hash identifier: zIKu5F6wJQttCkESKsZ6uaAFzB/SlNvN0X+SzKZlPeQ=
Subject key identifier: D5:DA:37:81:2F:67:E2:9F:D2:0C:FB:9E:B9:05:3E:9C:24:ED:06:E7
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01976061E616487522FE9B6590C9D5A06237
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1do3gS9n4p_SDPueuQU-nCTtBuc.roa
Signing time: Wed 11 Jun 2025 19:05:17 +0000
ROA not before: Wed 11 Jun 2025 19:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207113
IP address blocks: 2a0c:9a40:8f70::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:61:e6:16:48:75:22:fe:9b:65:90:c9:d5:a0:62:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jun 11 19:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5da37812f67e29fd20cfb9eb9053e9c24ed06e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cf:6b:53:3e:91:46:83:64:85:00:67:ad:07:
8b:3a:9d:59:d0:cc:8f:e2:64:29:40:93:f6:24:2f:
50:30:30:4d:eb:13:89:4a:49:0e:dd:1a:ae:9d:f0:
78:ab:22:fa:2b:5d:3e:cd:77:3a:93:54:d5:a1:d9:
df:47:72:cc:bd:9b:8c:13:65:be:e3:5a:00:68:e6:
51:df:01:d1:80:02:9c:f0:0f:d4:65:8c:60:04:ae:
a4:bd:78:d5:64:0e:d2:e0:6b:dd:45:0c:cd:3b:50:
24:c7:a1:6f:1b:0e:c0:d5:67:64:3f:92:3e:2e:67:
7a:dc:50:10:55:02:3d:9b:6a:e4:1d:44:57:f1:6e:
ab:a8:d5:f6:9f:9c:bb:13:ea:1a:40:b0:fc:95:e2:
f3:b9:0f:d9:cb:fa:43:46:53:91:90:0b:2c:2a:dc:
e2:6c:bd:79:43:a7:4a:92:90:f7:9c:1c:09:68:67:
35:cc:ba:c0:70:da:3d:b9:2c:1a:d9:7a:2e:5f:e2:
ce:06:e6:aa:be:f1:46:b4:ec:94:3b:36:ea:bd:da:
57:f2:c1:76:61:19:48:d2:a0:96:68:c0:e2:a3:66:
f1:48:6f:ad:cd:e3:4c:81:69:f2:5b:d9:a6:d7:42:
86:fd:f3:47:c8:cc:f6:60:68:1b:5d:28:c9:62:3e:
07:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DA:37:81:2F:67:E2:9F:D2:0C:FB:9E:B9:05:3E:9C:24:ED:06:E7
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1do3gS9n4p_SDPueuQU-nCTtBuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8f70::/44
Signature Algorithm: sha256WithRSAEncryption
22:82:41:e4:e6:94:ba:8e:54:36:70:db:d1:7f:d1:21:ee:98:
9b:e3:08:4d:ab:9d:36:9b:63:30:88:50:48:5e:96:b6:56:66:
cf:d6:12:45:52:15:44:ca:b0:cd:24:3b:e6:c1:f4:93:54:0a:
65:51:93:8d:f1:d6:a9:65:ed:34:ec:ba:dd:1e:c2:5b:5f:13:
7e:d0:e9:a2:be:66:bb:d5:1c:98:45:8d:e2:f9:ed:87:1d:fb:
d5:72:15:14:e8:c7:f3:0f:de:3d:4b:18:8a:ab:a0:62:58:7e:
c1:26:09:a6:a3:d9:97:20:80:e9:2e:7c:e2:84:a4:42:9c:ce:
58:c5:2b:47:0c:a3:d9:f6:b1:97:11:86:9f:25:0e:71:2f:ca:
5f:f6:a3:fc:5f:dd:70:7b:a4:a2:c3:f3:04:1b:3e:11:11:d5:
f0:5d:b7:2b:f5:39:f8:ec:81:59:4c:d8:e0:83:7f:82:f2:86:
53:22:cd:c8:bb:63:f0:48:80:48:38:0d:d6:93:d1:94:ae:6e:
06:6f:32:6e:49:33:bd:be:53:fa:62:eb:2e:63:51:b4:c4:83:
4c:f7:06:44:53:be:05:4f:91:91:ae:59:00:6a:24:69:76:3f:
c6:ac:ab:7e:37:0c:5d:30:a1:0e:03:b4:02:b3:fc:d9:c3:69:
f9:86:df:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZdgYeYWSHUi/ptlkMnVoGI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwNjExMTkwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRhMzc4MTJmNjdlMjlmZDIwY2ZiOWViOTA1M2U5YzI0ZWQwNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws9rUz6RRoNkhQBnrQeLOp1Z0MyP
4mQpQJP2JC9QMDBN6xOJSkkO3RqunfB4qyL6K10+zXc6k1TVodnfR3LMvZuME2W+
41oAaOZR3wHRgAKc8A/UZYxgBK6kvXjVZA7S4GvdRQzNO1Akx6FvGw7A1WdkP5I+
Lmd63FAQVQI9m2rkHURX8W6rqNX2n5y7E+oaQLD8leLzuQ/Zy/pDRlORkAssKtzi
bL15Q6dKkpD3nBwJaGc1zLrAcNo9uSwa2XouX+LOBuaqvvFGtOyUOzbqvdpX8sF2
YRlI0qCWaMDio2bxSG+tzeNMgWnyW9mm10KG/fNHyMz2YGgbXSjJYj4HAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXaN4EvZ+Kf0gz7nrkFPpwk7QbnMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMWRvM2dTOW40cF9TRFB1ZXVRVS1uQ1R0QnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQI9w
MA0GCSqGSIb3DQEBCwUAA4IBAQAigkHk5pS6jlQ2cNvRf9Eh7pib4whNq502m2Mw
iFBIXpa2VmbP1hJFUhVEyrDNJDvmwfSTVAplUZON8dapZe007LrdHsJbXxN+0Omi
vma71RyYRY3i+e2HHfvVchUU6MfzD949SxiKq6BiWH7BJgmmo9mXIIDpLnzihKRC
nM5YxStHDKPZ9rGXEYafJQ5xL8pf9qP8X91we6Siw/MEGz4REdXwXbcr9Tn47IFZ
TNjgg3+C8oZTIs3Iu2PwSIBIOA3Wk9GUrm4GbzJuSTO9vlP6YusuY1G0xINM9wZE
U74FT5GRrlkAaiRpdj/GrKt+NwxdMKEOA7QCs/zZw2n5ht/z
-----END CERTIFICATE-----
Generated at Wed Jun 18 12:27:04 2025 by rpki-client