Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/iyS2JnXtsNdJf5e1S9ojUsd5BNY.roa
File: iyS2JnXtsNdJf5e1S9ojUsd5BNY.roa (raw, json)
Hash identifier: aFnwamQ2oQPi/IvrrPt/RGBWO8+ZWgyDLcYhIaUPHek=
Subject key identifier: 8B:24:B6:26:75:ED:B0:D7:49:7F:97:B5:4B:DA:23:52:C7:79:04:D6
Certificate issuer: /CN=375a064f301026bc3cf87666d6a820128212a811
Certificate serial: 019783FCE2B892F9B1CFBDC0D4B3A6D1B294
Authority key identifier: 37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/iyS2JnXtsNdJf5e1S9ojUsd5BNY.roa
Signing time: Wed 18 Jun 2025 17:01:17 +0000
ROA not before: Wed 18 Jun 2025 17:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63293
IP address blocks: 2a03:2887:ff00::/48 maxlen: 48
2a03:2887:ff02::/48 maxlen: 48
2a03:2887:ff03::/48 maxlen: 48
2a03:2887:ff04::/48 maxlen: 48
2a03:2887:ff05::/48 maxlen: 48
2a03:2887:ff06::/48 maxlen: 48
2a03:2887:ff07::/48 maxlen: 48
2a03:2887:ff08::/48 maxlen: 48
2a03:2887:ff09::/48 maxlen: 48
2a03:2887:ff0a::/48 maxlen: 48
2a03:2887:ff18::/48 maxlen: 48
2a03:2887:ff19::/48 maxlen: 48
2a03:2887:ff1b::/48 maxlen: 48
2a03:2887:ff1c::/48 maxlen: 48
2a03:2887:ff1d::/48 maxlen: 48
2a03:2887:ff1e::/48 maxlen: 48
2a03:2887:ff1f::/48 maxlen: 48
2a03:2887:ff20::/48 maxlen: 48
2a03:2887:ff21::/48 maxlen: 48
2a03:2887:ff23::/48 maxlen: 48
2a03:2887:ff24::/48 maxlen: 48
2a03:2887:ff25::/48 maxlen: 48
2a03:2887:ff27::/48 maxlen: 48
2a03:2887:ff28::/48 maxlen: 48
2a03:2887:ff29::/48 maxlen: 48
2a03:2887:ff2a::/48 maxlen: 48
2a03:2887:ff2b::/48 maxlen: 48
2a03:2887:ff2e::/48 maxlen: 48
2a03:2887:ff2f::/48 maxlen: 48
2a03:2887:ff30::/48 maxlen: 48
2a03:2887:ff33::/48 maxlen: 48
2a03:2887:ff35::/48 maxlen: 48
2a03:2887:ff36::/48 maxlen: 48
2a03:2887:ff37::/48 maxlen: 48
2a03:2887:ff38::/48 maxlen: 48
2a03:2887:ff39::/48 maxlen: 48
2a03:2887:ff3a::/48 maxlen: 48
2a03:2887:ff3b::/48 maxlen: 48
2a03:2887:ff3f::/48 maxlen: 48
2a03:2887:ff40::/48 maxlen: 48
2a03:2887:ff41::/48 maxlen: 48
2a03:2887:ff42::/48 maxlen: 48
2a03:2887:ff43::/48 maxlen: 48
2a03:2887:ff44::/48 maxlen: 48
2a03:2887:ff45::/48 maxlen: 48
2a03:2887:ff48::/48 maxlen: 48
2a03:2887:ff49::/48 maxlen: 48
2a03:2887:ff4a::/48 maxlen: 48
2a03:2887:ff4b::/48 maxlen: 48
2a03:2887:ff4d::/48 maxlen: 48
2a03:2887:ff4e::/48 maxlen: 48
2a03:2887:ff4f::/48 maxlen: 48
2a03:2887:ff51::/48 maxlen: 48
2a03:2887:ff52::/48 maxlen: 48
2a03:2887:ff53::/48 maxlen: 48
2a03:2887:ff54::/48 maxlen: 48
2a03:2887:ff55::/48 maxlen: 48
2a03:2887:ff56::/48 maxlen: 48
2a03:2887:ff57::/48 maxlen: 48
2a03:2887:ff58::/48 maxlen: 48
2a03:2887:ff59::/48 maxlen: 48
2a03:2887:ff5a::/48 maxlen: 48
2a03:2887:ff60::/48 maxlen: 48
2a03:2887:ff61::/48 maxlen: 48
2a03:2887:ff62::/48 maxlen: 48
2a03:2887:ff63::/48 maxlen: 48
2a03:2887:ff64::/48 maxlen: 48
2a03:2887:ff65::/48 maxlen: 48
2a03:2887:ff66::/48 maxlen: 48
2a03:2887:ff67::/48 maxlen: 48
2a03:2887:ff68::/48 maxlen: 48
2a03:2887:ff69::/48 maxlen: 48
2a03:2887:ff70::/48 maxlen: 48
2a03:2887:ff71::/48 maxlen: 48
2a03:2887:ff72::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Jun 2025 04:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:fc:e2:b8:92:f9:b1:cf:bd:c0:d4:b3:a6:d1:b2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375a064f301026bc3cf87666d6a820128212a811
Validity
Not Before: Jun 18 17:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b24b62675edb0d7497f97b54bda2352c77904d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:1c:e7:88:3b:d2:dd:38:af:87:eb:4f:ae:
78:09:2d:7c:34:b2:c7:ca:2f:fc:cd:8e:7e:70:18:
37:8c:14:cb:7e:cf:d3:4b:35:7d:e9:58:6e:ba:a5:
c3:88:82:ff:82:a0:bb:cb:42:cb:62:9d:74:23:4b:
15:2a:92:51:43:55:52:e8:37:14:80:00:68:38:ad:
f9:44:7d:71:bc:d2:b4:ba:64:b5:77:e9:20:53:32:
06:85:c5:8e:52:d9:8a:07:c4:c0:13:81:36:e6:4f:
18:d0:99:ae:c2:9e:35:ee:8b:dd:79:d5:c0:50:28:
e6:c1:a5:ac:c2:18:c2:5a:35:b9:99:a0:3a:c3:ca:
57:26:c2:a6:c1:48:d9:44:9b:43:fc:1e:6f:39:f0:
3a:ab:c2:5e:66:7e:b8:7b:19:d7:1f:85:65:96:b8:
7b:52:a9:29:cc:b3:d0:76:7e:44:ca:56:22:27:b3:
2b:b7:15:71:74:27:83:10:fd:4a:06:78:31:6f:78:
79:22:83:ac:6c:e7:64:49:68:94:34:2a:cb:dd:31:
31:35:20:69:56:10:03:b2:1c:7a:16:9d:a2:53:32:
d1:06:1c:bf:b2:90:b6:16:58:16:cc:cd:20:50:4a:
1b:47:4a:db:2f:a7:9a:31:18:ac:36:4a:69:c2:11:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:24:B6:26:75:ED:B0:D7:49:7F:97:B5:4B:DA:23:52:C7:79:04:D6
X509v3 Authority Key Identifier:
keyid:37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/iyS2JnXtsNdJf5e1S9ojUsd5BNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2887:ff00::/48
2a03:2887:ff02::-2a03:2887:ff0a:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff18::/47
2a03:2887:ff1b::-2a03:2887:ff21:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff23::-2a03:2887:ff25:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff27::-2a03:2887:ff2b:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff2e::-2a03:2887:ff30:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff33::/48
2a03:2887:ff35::-2a03:2887:ff3b:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff3f::-2a03:2887:ff45:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff48::/46
2a03:2887:ff4d::-2a03:2887:ff4f:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff51::-2a03:2887:ff5a:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff60::-2a03:2887:ff69:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff70::-2a03:2887:ff72:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
df:21:8e:8b:54:da:80:19:57:bd:a6:83:8e:d0:7f:f5:36:c7:
5f:45:d0:0d:d5:17:f8:f3:65:2e:14:9a:f4:6b:9a:ab:ad:be:
b1:80:67:01:63:83:7d:b1:2f:44:af:72:51:37:1b:ab:c2:9b:
fd:e6:11:c1:62:a8:76:b5:ea:34:0d:a0:bd:55:f8:b4:1b:e4:
29:f0:e0:55:03:64:40:60:49:14:57:a0:01:d3:3d:9c:2d:cc:
ed:0b:07:bd:7a:52:9c:0b:0c:f0:9f:32:18:df:4d:64:71:11:
21:6e:d0:d7:f2:29:61:a5:c9:ce:93:5d:68:eb:37:71:b6:ad:
be:ee:c0:00:a6:e8:f5:6b:4f:1d:7e:ff:29:b4:0f:ae:99:1a:
00:50:e2:27:82:26:70:b8:bb:3b:d6:02:35:77:c5:99:51:a1:
cb:57:f4:d8:40:89:f6:4a:08:f7:62:b5:3a:67:0d:0b:ae:7c:
89:f0:19:38:3f:f2:05:af:6f:40:2a:cb:b2:a0:19:80:4a:5d:
31:ac:a2:1d:f4:a9:ac:d4:a2:fa:01:64:1c:47:87:19:26:a0:
c2:3b:37:5f:3e:72:1b:04:22:81:d7:1f:53:5d:13:7b:5f:12:
22:49:ec:71:4c:43:ed:48:61:b9:b0:d9:ab:1d:13:e3:f2:58:
48:6a:3b:19
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZeD/OK4kvmxz73A1LOm0bKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWEwNjRmMzAxMDI2YmMzY2Y4NzY2NmQ2YTgyMDEyODIx
MmE4MTEwHhcNMjUwNjE4MTcwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjI0YjYyNjc1ZWRiMGQ3NDk3Zjk3YjU0YmRhMjM1MmM3NzkwNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Ec54g70t04r4frT654CS18NLLH
yi/8zY5+cBg3jBTLfs/TSzV96VhuuqXDiIL/gqC7y0LLYp10I0sVKpJRQ1VS6DcU
gABoOK35RH1xvNK0umS1d+kgUzIGhcWOUtmKB8TAE4E25k8Y0Jmuwp417ovdedXA
UCjmwaWswhjCWjW5maA6w8pXJsKmwUjZRJtD/B5vOfA6q8JeZn64exnXH4Vllrh7
UqkpzLPQdn5EylYiJ7MrtxVxdCeDEP1KBngxb3h5IoOsbOdkSWiUNCrL3TExNSBp
VhADshx6Fp2iUzLRBhy/spC2FlgWzM0gUEobR0rbL6eaMRisNkppwhEYBwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFIsktiZ17bDXSX+XtUvaI1LHeQTWMB8GA1UdIwQY
MBaAFDdaBk8wECa8PPh2ZtaoIBKCEqgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTkt
ZjQ0YTU3Y2VkNzNkLzEvaXlTMkpuWHRzTmRKZjVlMVM5b2pVc2Q1Qk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTktZjQ0YTU3Y2VkNzNk
LzEvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgACMIIB
AAMHACoDKIf/ADASAwcBKgMoh/8CAwcAKgMoh/8KAwcBKgMoh/8YMBIDBwAqAyiH
/xsDBwEqAyiH/yAwEgMHACoDKIf/IwMHASoDKIf/JDASAwcAKgMoh/8nAwcCKgMo
h/8oMBIDBwEqAyiH/y4DBwAqAyiH/zADBwAqAyiH/zMwEgMHACoDKIf/NQMHAioD
KIf/ODASAwcAKgMoh/8/AwcBKgMoh/9EAwcCKgMoh/9IMBIDBwAqAyiH/00DBwQq
AyiH/0AwEgMHACoDKIf/UQMHACoDKIf/WjASAwcFKgMoh/9gAwcBKgMoh/9oMBID
BwQqAyiH/3ADBwAqAyiH/3IwDQYJKoZIhvcNAQELBQADggEBAN8hjotU2oAZV72m
g47Qf/U2x19F0A3VF/jzZS4UmvRrmqutvrGAZwFjg32xL0SvclE3G6vCm/3mEcFi
qHa16jQNoL1V+LQb5Cnw4FUDZEBgSRRXoAHTPZwtzO0LB716UpwLDPCfMhjfTWRx
ESFu0NfyKWGlyc6TXWjrN3G2rb7uwACm6PVrTx1+/ym0D66ZGgBQ4ieCJnC4uzvW
AjV3xZlRoctX9NhAifZKCPditTpnDQuufInwGTg/8gWvb0Aqy7KgGYBKXTGsoh30
qazUovoBZBxHhxkmoMI7N18+chsEIoHXH1NdE3tfEiJJ7HFMQ+1IYbmw2asdE+Py
WEhqOxk=
-----END CERTIFICATE-----
Generated at Fri Jun 20 13:49:44 2025 by rpki-client