Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/WYDhKvX3XAA22u3zmx5t7_eZGTE.roa
File: WYDhKvX3XAA22u3zmx5t7_eZGTE.roa (raw, json)
Hash identifier: pU6LgSkwwG4ehzshKxsB7E/uLzJdORsNAagXHUzBDD4=
Subject key identifier: 59:80:E1:2A:F5:F7:5C:00:36:DA:ED:F3:9B:1E:6D:EF:F7:99:19:31
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01986571BB7BBA0B426C8288E5533A6C8348
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/WYDhKvX3XAA22u3zmx5t7_eZGTE.roa
Signing time: Fri 01 Aug 2025 11:43:29 +0000
ROA not before: Fri 01 Aug 2025 11:43:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205901
IP address blocks: 2a0d:d940:9002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:71:bb:7b:ba:0b:42:6c:82:88:e5:53:3a:6c:83:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Aug 1 11:43:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5980e12af5f75c0036daedf39b1e6deff7991931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:37:44:67:74:00:be:d3:88:e9:cd:fe:c5:
cb:66:85:f6:6b:9c:82:f4:91:64:46:b0:93:b9:db:
e5:f5:96:ba:e2:a0:d9:71:a7:4c:47:80:1f:ee:3e:
37:7b:63:45:1b:74:fb:69:19:33:44:8a:29:e9:02:
a0:ad:c1:76:55:4c:41:82:ea:b0:5a:e1:52:89:93:
81:30:9e:a8:10:b8:93:e3:8c:98:8b:90:e1:aa:04:
36:fd:a9:bd:cc:4e:a1:e8:25:42:ad:1b:da:88:1e:
eb:21:94:97:f6:06:f9:b1:43:9e:d6:06:fd:ba:d6:
e9:a4:2d:ba:31:e0:e3:24:6e:51:16:33:54:98:52:
e1:bc:93:3a:90:ee:6b:39:c8:77:ac:4d:14:45:e8:
c3:e7:70:52:e9:8b:16:aa:70:5d:da:80:71:e2:96:
38:cf:da:84:9b:0f:a7:a8:f7:22:1f:96:0f:ee:dd:
e4:99:c8:4c:fc:72:87:61:7f:9d:32:4b:e5:3b:b3:
25:b6:e6:41:f0:62:f1:41:cf:90:3a:f8:9f:1b:68:
60:1b:4f:92:f2:4c:c4:0f:78:4f:4c:45:06:f1:31:
59:30:da:25:83:9e:62:88:3b:1e:d7:e2:c0:bf:d2:
ee:4a:6a:d4:e7:6d:52:5e:8f:02:5f:10:b9:61:d2:
43:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:80:E1:2A:F5:F7:5C:00:36:DA:ED:F3:9B:1E:6D:EF:F7:99:19:31
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/WYDhKvX3XAA22u3zmx5t7_eZGTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:9002::/48
Signature Algorithm: sha256WithRSAEncryption
0d:54:d4:b5:a0:fd:47:f4:f4:d6:c2:9f:51:40:c1:13:f5:f5:
6c:04:81:0b:e4:84:23:cc:0b:61:57:5f:23:14:7c:31:07:d6:
13:38:e0:e5:9e:c6:9d:f7:4b:f2:8b:8f:6e:d2:ab:83:86:a5:
c8:63:7f:c7:96:6e:f9:78:39:2f:71:05:10:b7:de:51:7c:53:
cd:d2:04:e6:75:e3:b4:94:a1:c7:53:3d:86:a6:63:cc:50:8b:
32:b1:28:6b:05:e0:ab:59:fd:ff:4f:2e:b2:1c:83:52:cf:78:
33:cf:f1:60:91:4b:33:4c:bb:da:13:fe:a6:f3:15:e4:93:3e:
e3:03:3e:3e:2d:59:9a:61:6c:d1:a9:3c:0d:30:ee:6b:58:0f:
16:0e:6c:23:94:73:bc:8c:cd:72:7a:e0:2a:1b:44:19:82:29:
89:a6:33:80:4f:5e:15:6e:78:98:7c:61:53:3d:62:97:2d:a5:
01:74:84:ee:40:4b:58:89:1e:da:ac:67:2d:fe:b2:51:0d:8f:
75:5d:37:94:b1:51:29:53:a6:e0:92:bd:ee:c1:0f:3e:86:66:
7f:6c:55:5e:2d:45:70:35:fe:c9:94:89:32:92:73:ba:8f:c9:
bc:ea:04:ca:66:93:2e:79:c7:be:1c:d7:fa:77:4f:e6:92:44:
aa:c1:76:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZhlcbt7ugtCbIKI5VM6bINIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwODAxMTE0MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTgwZTEyYWY1Zjc1YzAwMzZkYWVkZjM5YjFlNmRlZmY3OTkxOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBo3RGd0AL7TiOnN/sXLZoX2a5yC
9JFkRrCTudvl9Za64qDZcadMR4Af7j43e2NFG3T7aRkzRIop6QKgrcF2VUxBguqw
WuFSiZOBMJ6oELiT44yYi5DhqgQ2/am9zE6h6CVCrRvaiB7rIZSX9gb5sUOe1gb9
utbppC26MeDjJG5RFjNUmFLhvJM6kO5rOch3rE0URejD53BS6YsWqnBd2oBx4pY4
z9qEmw+nqPciH5YP7t3kmchM/HKHYX+dMkvlO7MltuZB8GLxQc+QOvifG2hgG0+S
8kzED3hPTEUG8TFZMNolg55iiDse1+LAv9LuSmrU521SXo8CXxC5YdJDZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFmA4Sr191wANtrt85sebe/3mRkxMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvV1lEaEt2WDNYQUEyMnUzem14NXQ3X2VaR1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQJAC
MA0GCSqGSIb3DQEBCwUAA4IBAQANVNS1oP1H9PTWwp9RQMET9fVsBIEL5IQjzAth
V18jFHwxB9YTOODlnsad90vyi49u0quDhqXIY3/Hlm75eDkvcQUQt95RfFPN0gTm
deO0lKHHUz2GpmPMUIsysShrBeCrWf3/Ty6yHINSz3gzz/FgkUszTLvaE/6m8xXk
kz7jAz4+LVmaYWzRqTwNMO5rWA8WDmwjlHO8jM1yeuAqG0QZgimJpjOAT14VbniY
fGFTPWKXLaUBdITuQEtYiR7arGct/rJRDY91XTeUsVEpU6bgkr3uwQ8+hmZ/bFVe
LUVwNf7JlIkyknO6j8m86gTKZpMuece+HNf6d0/mkkSqwXY5
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:22:39 2025 by rpki-client