Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/XD5kSDYeMfY8LIHhbfnJvruSBPc.roa
File: XD5kSDYeMfY8LIHhbfnJvruSBPc.roa (raw, json)
Hash identifier: 7oUWV+LyugwjeCoSmfoHPMTejsb+0njHiDkg9kgwwIQ=
Subject key identifier: 5C:3E:64:48:36:1E:31:F6:3C:2C:81:E1:6D:F9:C9:BE:BB:92:04:F7
Certificate issuer: /CN=1a6a1467223bd31510c14f21bd33d7d769829d28
Certificate serial: 019855740BD901E66D8A2A5686133981CC16
Authority key identifier: 1A:6A:14:67:22:3B:D3:15:10:C1:4F:21:BD:33:D7:D7:69:82:9D:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/XD5kSDYeMfY8LIHhbfnJvruSBPc.roa
Signing time: Tue 29 Jul 2025 09:12:05 +0000
ROA not before: Tue 29 Jul 2025 09:12:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31317
IP address blocks: 2001:678:42c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:74:0b:d9:01:e6:6d:8a:2a:56:86:13:39:81:cc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a6a1467223bd31510c14f21bd33d7d769829d28
Validity
Not Before: Jul 29 09:12:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c3e6448361e31f63c2c81e16df9c9bebb9204f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:10:f9:5b:f9:51:ab:6a:7f:fd:b2:17:58:c0:
4f:19:9d:ef:76:ae:90:fc:a9:b3:86:1c:91:aa:64:
76:5d:b7:6a:7b:c8:b1:bc:7b:f0:44:fd:71:b5:98:
4d:96:85:89:50:c7:2d:28:2a:ed:a9:7a:06:b0:c2:
e9:b9:a6:f2:7f:0b:eb:35:f2:3b:f0:85:70:0f:6a:
8f:4a:9d:f9:40:89:fe:1a:c3:52:1b:7e:3b:b5:89:
b1:7a:c5:db:7e:18:2e:e1:04:a1:13:df:bb:27:68:
61:0a:bb:18:07:07:e4:70:67:57:b2:91:85:96:71:
7d:8d:84:51:bf:44:91:fa:f9:88:60:2a:e2:fb:b0:
bc:72:b3:bb:da:df:db:0a:60:45:a2:9b:a7:29:8e:
4f:c2:c5:97:89:1d:fe:31:f6:7b:f7:ea:82:10:31:
c3:d5:18:06:17:41:8a:62:b1:8a:26:f2:8c:4c:07:
08:32:41:37:ab:38:5e:28:af:eb:ef:65:e9:f1:7d:
03:1a:23:40:a8:9e:13:43:11:01:f8:6b:db:12:52:
35:df:75:99:0d:87:a2:99:be:ba:bc:cd:21:9b:75:
9c:4f:3d:27:14:f6:51:48:df:a2:00:cf:fd:23:31:
5c:bf:eb:7a:1e:e5:9d:02:9c:a0:ca:9b:ef:4a:8a:
49:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:64:48:36:1E:31:F6:3C:2C:81:E1:6D:F9:C9:BE:BB:92:04:F7
X509v3 Authority Key Identifier:
keyid:1A:6A:14:67:22:3B:D3:15:10:C1:4F:21:BD:33:D7:D7:69:82:9D:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/XD5kSDYeMfY8LIHhbfnJvruSBPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:42c::/48
Signature Algorithm: sha256WithRSAEncryption
7c:53:22:2f:be:2e:cd:3c:cf:b0:e3:ed:60:d7:5c:d8:57:55:
58:7a:ea:0d:01:f2:98:12:7c:66:8f:9a:92:bd:95:8c:16:9f:
2b:32:0d:a9:77:98:ae:b9:8a:4d:2b:d2:7e:5e:e0:c5:e6:52:
98:fa:6a:2c:4a:c8:ca:20:5a:b3:a5:0a:d1:23:cf:a0:a9:43:
33:20:c8:1a:3b:5e:5c:31:61:32:e7:c0:06:d6:fb:61:ca:2e:
41:81:b7:6b:4c:c2:ce:a7:f8:d6:a4:f2:7c:e6:af:13:17:01:
d6:48:d5:19:d0:15:e5:25:b0:b5:49:59:9e:e8:10:1a:5f:27:
f9:fc:2b:ec:6b:4b:9a:10:17:5f:72:cd:a6:3a:46:96:c7:f9:
2f:29:6c:d0:ec:9b:81:3f:7b:bd:04:b5:87:1e:f0:bf:da:b0:
4c:7d:dc:36:bb:0f:73:e1:b1:c7:a0:0b:75:8b:fc:f9:e6:92:
f5:fb:d7:bf:b9:ce:05:30:e7:20:25:75:93:9e:e3:22:da:d2:
e3:1f:46:d3:ff:3a:03:76:b4:96:01:d1:79:97:21:c4:ae:48:
ca:9a:50:ba:b8:87:56:e3:79:36:b0:90:dd:8e:24:6e:bf:6f:
cf:d9:54:83:84:95:2c:e4:56:17:29:14:6e:4f:28:ac:27:a0:
79:e8:93:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZhVdAvZAeZtiipWhhM5gcwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNmExNDY3MjIzYmQzMTUxMGMxNGYyMWJkMzNkN2Q3Njk4
MjlkMjgwHhcNMjUwNzI5MDkxMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNlNjQ0ODM2MWUzMWY2M2MyYzgxZTE2ZGY5YzliZWJiOTIwNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RD5W/lRq2p//bIXWMBPGZ3vdq6Q
/KmzhhyRqmR2Xbdqe8ixvHvwRP1xtZhNloWJUMctKCrtqXoGsMLpuabyfwvrNfI7
8IVwD2qPSp35QIn+GsNSG347tYmxesXbfhgu4QShE9+7J2hhCrsYBwfkcGdXspGF
lnF9jYRRv0SR+vmIYCri+7C8crO72t/bCmBFopunKY5PwsWXiR3+MfZ79+qCEDHD
1RgGF0GKYrGKJvKMTAcIMkE3qzheKK/r72Xp8X0DGiNAqJ4TQxEB+GvbElI133WZ
DYeimb66vM0hm3WcTz0nFPZRSN+iAM/9IzFcv+t6HuWdApygypvvSopJlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFw+ZEg2HjH2PCyB4W35yb67kgT3MB8GA1UdIwQY
MBaAFBpqFGciO9MVEMFPIb0z19dpgp0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21vVVp5STcweFVRd1U4aHZUUFgxMm1DblNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84N2VhZmMtMTdhNi00OTAzLWI5NTEt
NGQyMGRhMGM1MzBlLzEvWEQ1a1NEWWVNZlk4TElIaGJmbkp2cnVTQlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84N2VhZmMtMTdhNi00OTAzLWI5NTEtNGQyMGRhMGM1MzBl
LzEvR21vVVp5STcweFVRd1U4aHZUUFgxMm1DblNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAQs
MA0GCSqGSIb3DQEBCwUAA4IBAQB8UyIvvi7NPM+w4+1g11zYV1VYeuoNAfKYEnxm
j5qSvZWMFp8rMg2pd5iuuYpNK9J+XuDF5lKY+mosSsjKIFqzpQrRI8+gqUMzIMga
O15cMWEy58AG1vthyi5BgbdrTMLOp/jWpPJ85q8TFwHWSNUZ0BXlJbC1SVme6BAa
Xyf5/Cvsa0uaEBdfcs2mOkaWx/kvKWzQ7JuBP3u9BLWHHvC/2rBMfdw2uw9z4bHH
oAt1i/z55pL1+9e/uc4FMOcgJXWTnuMi2tLjH0bT/zoDdrSWAdF5lyHErkjKmlC6
uIdW43k2sJDdjiRuv2/P2VSDhJUs5FYXKRRuTyisJ6B56JNa
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:11:44 2025 by rpki-client