Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/i0Y7Jd1XHD4WbDOCEjAbNBZiNJA.roa
File: i0Y7Jd1XHD4WbDOCEjAbNBZiNJA.roa (raw, json)
Hash identifier: JiZWIX+zRyhsCN3+W5qtZ3b0XeeFpEo858zeNZhCumA=
Subject key identifier: 8B:46:3B:25:DD:57:1C:3E:16:6C:33:82:12:30:1B:34:16:62:34:90
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01976D8F9CE211946866637CBC0B800F5052
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/i0Y7Jd1XHD4WbDOCEjAbNBZiNJA.roa
Signing time: Sat 14 Jun 2025 08:30:17 +0000
ROA not before: Sat 14 Jun 2025 08:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1a::/48 maxlen: 48
2a0d:d940:1b::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
2a0d:d940:9008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:8f:9c:e2:11:94:68:66:63:7c:bc:0b:80:0f:50:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jun 14 08:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b463b25dd571c3e166c338212301b3416623490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3a:2d:ee:b9:54:79:9a:67:a2:90:25:6a:ec:
24:ce:f5:c6:a5:eb:0f:7c:62:09:34:be:da:85:42:
aa:40:ee:25:21:23:c2:03:a4:ac:dd:8c:1d:d6:65:
f3:86:e3:fc:6d:b4:38:34:18:8f:b8:aa:0b:3d:19:
0b:47:1e:9e:cd:21:a5:87:c5:23:29:33:e6:d6:ef:
42:4a:6e:3b:e6:8c:80:65:ae:aa:e6:1d:1b:89:61:
b6:24:95:c5:5b:5b:cc:69:de:0f:13:4d:b6:d0:37:
99:39:78:7e:92:ba:d0:1c:d0:e7:6f:ec:3b:78:0f:
6b:e0:b9:ba:10:66:5f:6b:87:d5:83:fe:23:26:2b:
a1:e6:d6:89:8d:4f:39:95:28:87:5d:98:45:67:c7:
7b:f7:ed:45:4b:37:52:27:76:88:5f:f1:0f:2c:f4:
61:55:4a:e9:5e:c9:0e:50:71:0a:6b:e5:73:0f:bf:
f8:a8:4a:af:95:11:3a:50:20:38:5c:85:4e:dc:9a:
e8:20:1e:84:15:02:ff:3e:f0:62:d5:5f:e3:9b:83:
8d:f9:ef:28:7c:ad:22:ae:93:f6:45:70:55:49:a2:
a3:88:0a:48:3d:bd:d8:f2:32:1e:e4:e2:e2:10:7d:
34:13:b1:cf:68:ac:14:d0:2a:4b:67:f2:f4:ea:aa:
8e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:46:3B:25:DD:57:1C:3E:16:6C:33:82:12:30:1B:34:16:62:34:90
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/i0Y7Jd1XHD4WbDOCEjAbNBZiNJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::/46
2a0d:d940:1f00::/40
2a0d:d940:9008::/48
Signature Algorithm: sha256WithRSAEncryption
d8:07:2a:cd:fd:42:df:41:ca:c3:72:1b:f9:3e:ad:d3:82:a9:
c4:96:8e:f7:32:95:b1:b1:94:47:21:99:b4:8f:a8:20:19:c8:
94:dd:df:5c:5d:14:ac:e9:ba:50:04:3c:25:2e:ca:3e:5e:57:
1f:2e:bc:ad:69:a2:13:8d:9b:b8:74:ea:a9:52:1f:b8:af:d8:
4a:df:ef:0b:d2:45:6c:2f:be:bd:76:c9:b1:7b:0f:f4:2f:ee:
59:e7:ac:89:b3:bf:ed:6c:8b:3f:80:8c:27:98:46:3d:8e:9b:
d1:a9:ce:68:52:b4:71:f7:79:1c:48:6b:1e:86:e7:ec:43:68:
7a:cc:90:c0:67:26:c8:84:51:62:61:a6:c7:fa:09:4f:1d:e2:
c8:2d:86:e9:cf:9c:f6:d6:3f:75:b7:4d:a0:e1:8e:ca:4c:06:
b9:f3:14:77:4a:b9:99:6c:44:10:f4:94:b0:64:d9:fb:46:f4:
f9:c9:a0:63:61:de:41:6a:73:04:38:3e:7f:4a:34:e2:1e:69:
92:6c:28:b5:19:85:83:f9:9c:d7:78:10:23:84:79:a4:7e:23:
e3:e5:02:28:56:31:10:e4:67:ce:b7:dc:99:01:3b:70:9d:73:
18:63:63:ab:9c:23:c7:5a:92:c5:b5:7d:cb:3a:79:67:02:55:
9c:00:fe:88
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZdtj5ziEZRoZmN8vAuAD1BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNjE0MDgzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ2M2IyNWRkNTcxYzNlMTY2YzMzODIxMjMwMWIzNDE2NjIzNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzot7rlUeZpnopAlauwkzvXGpesP
fGIJNL7ahUKqQO4lISPCA6Ss3Ywd1mXzhuP8bbQ4NBiPuKoLPRkLRx6ezSGlh8Uj
KTPm1u9CSm475oyAZa6q5h0biWG2JJXFW1vMad4PE0220DeZOXh+krrQHNDnb+w7
eA9r4Lm6EGZfa4fVg/4jJiuh5taJjU85lSiHXZhFZ8d79+1FSzdSJ3aIX/EPLPRh
VUrpXskOUHEKa+VzD7/4qEqvlRE6UCA4XIVO3JroIB6EFQL/PvBi1V/jm4ON+e8o
fK0irpP2RXBVSaKjiApIPb3Y8jIe5OLiEH00E7HPaKwU0CpLZ/L06qqOkQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFItGOyXdVxw+FmwzghIwGzQWYjSQMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvaTBZN0pkMVhIRDRXYkRPQ0VqQWJOQlppTkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAAjA3AwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBwIqDdlAABgDBgAqDdlAHwMHACoN2UCQCDAN
BgkqhkiG9w0BAQsFAAOCAQEA2Acqzf1C30HKw3Ib+T6t04KpxJaO9zKVsbGURyGZ
tI+oIBnIlN3fXF0UrOm6UAQ8JS7KPl5XHy68rWmiE42buHTqqVIfuK/YSt/vC9JF
bC++vXbJsXsP9C/uWeesibO/7WyLP4CMJ5hGPY6b0anOaFK0cfd5HEhrHobn7ENo
esyQwGcmyIRRYmGmx/oJTx3iyC2G6c+c9tY/dbdNoOGOykwGufMUd0q5mWxEEPSU
sGTZ+0b0+cmgY2HeQWpzBDg+f0o04h5pkmwotRmFg/mc13gQI4R5pH4j4+UCKFYx
EORnzrfcmQE7cJ1zGGNjq5wjx1qSxbV9yzp5ZwJVnAD+iA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:33:14 2025 by rpki-client