Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Op5x1MRHygAiLIPB-82_5e1L43E.roa
File: Op5x1MRHygAiLIPB-82_5e1L43E.roa (raw, json)
Hash identifier: wrHS+59ZyJCTUgORpBO0WpU7UC3bKk7DjnosdPCUSqc=
Subject key identifier: 3A:9E:71:D4:C4:47:CA:00:22:2C:83:C1:FB:CD:BF:E5:ED:4B:E3:71
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019763EB5AF5886DD48A81D220028CFA123F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Op5x1MRHygAiLIPB-82_5e1L43E.roa
Signing time: Thu 12 Jun 2025 11:34:18 +0000
ROA not before: Thu 12 Jun 2025 11:34:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57433
IP address blocks: 2a02:2fc0:1::/48 maxlen: 48
2a02:2fc0:3::/48 maxlen: 48
2a02:2fc0:a::/48 maxlen: 48
2a02:2fc0:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 21:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:eb:5a:f5:88:6d:d4:8a:81:d2:20:02:8c:fa:12:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 12 11:34:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a9e71d4c447ca00222c83c1fbcdbfe5ed4be371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:9a:09:f9:fb:ad:22:c8:45:6d:94:da:36:
d3:20:06:9e:5e:5f:fa:83:79:50:9d:0d:f2:55:9e:
f7:2c:8e:e7:e6:95:74:1d:43:ff:7c:7c:f1:8b:8e:
86:e8:56:9e:19:a8:ee:98:52:cc:8d:5f:c5:c0:18:
3a:01:a2:7b:b6:9c:65:76:71:c6:e1:5b:67:64:63:
c5:75:59:e3:58:28:54:8f:a8:70:91:41:0c:05:fd:
7f:66:3c:6c:3f:12:77:5a:6f:d6:66:44:92:0a:f5:
fc:b6:1f:52:c5:86:83:96:4b:f4:78:f8:ce:a7:8e:
f6:e3:8d:86:7e:0d:ae:3e:ca:c1:bd:6e:ff:b0:2d:
e3:14:7d:66:a3:3e:aa:40:3a:9a:d0:fe:73:09:e3:
ad:f6:46:0c:ed:5f:03:9c:73:5a:06:c1:2a:1d:d4:
44:ea:a3:d5:ce:12:a6:05:cf:19:a2:73:1e:43:78:
d7:d9:95:49:5b:73:38:25:f0:9b:2a:62:21:01:21:
95:21:74:ec:ec:9c:6c:43:55:b1:64:e1:b3:e5:da:
2c:83:32:36:35:bc:a5:c5:e5:66:13:34:9a:f0:5e:
32:f3:54:51:be:3f:54:65:10:30:a4:6f:1a:c3:5c:
df:fc:5b:50:ad:1b:a6:cc:bd:80:0a:57:2a:46:66:
aa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9E:71:D4:C4:47:CA:00:22:2C:83:C1:FB:CD:BF:E5:ED:4B:E3:71
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Op5x1MRHygAiLIPB-82_5e1L43E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2fc0:1::/48
2a02:2fc0:3::/48
2a02:2fc0:a::/47
Signature Algorithm: sha256WithRSAEncryption
52:21:f3:e3:0e:10:01:b8:e2:b5:26:4c:ba:f5:37:bd:20:f9:
a3:1d:66:d6:b0:8d:fa:67:40:4e:d6:ec:26:af:f9:18:70:50:
2b:3c:9b:34:a6:ec:dd:6f:9d:f1:3d:0b:30:08:14:22:a7:c2:
3a:c1:7c:97:59:7c:b6:45:9c:10:4e:dd:7b:ee:db:1d:ba:b6:
29:72:18:8b:8e:61:e4:d1:83:50:e5:c6:4d:f6:58:33:8a:5f:
76:79:eb:a4:ea:7d:bd:99:a8:ff:09:6f:c9:4a:d9:99:29:05:
c6:32:f5:39:0e:8a:bd:b6:da:45:ad:bd:fe:d5:1d:76:1e:83:
c5:17:ad:98:09:44:81:62:9e:b4:94:c1:15:cc:3a:d2:ea:82:
99:d7:8f:c1:aa:78:03:8e:f7:5a:02:e8:35:b5:11:7b:37:90:
d4:2e:60:aa:9b:7f:4b:5e:8c:2d:14:0e:aa:88:29:7a:73:89:
5f:0d:8c:1a:83:d9:57:a8:d0:bf:72:76:39:af:f7:db:58:f0:
2e:7e:2f:86:2c:3d:a2:3b:18:d3:ad:da:3d:ce:13:b8:3a:d9:
64:4d:0c:ec:c6:af:76:7f:3c:87:b6:1c:f1:da:06:8d:df:2c:
48:89:df:20:09:1c:fe:66:d7:bb:b4:d9:69:e1:4b:48:ee:93:
c6:c4:e3:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZdj61r1iG3UioHSIAKM+hI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjEyMTEzNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTllNzFkNGM0NDdjYTAwMjIyYzgzYzFmYmNkYmZlNWVkNGJlMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdKaCfn7rSLIRW2U2jbTIAaeXl/6
g3lQnQ3yVZ73LI7n5pV0HUP/fHzxi46G6FaeGajumFLMjV/FwBg6AaJ7tpxldnHG
4VtnZGPFdVnjWChUj6hwkUEMBf1/ZjxsPxJ3Wm/WZkSSCvX8th9SxYaDlkv0ePjO
p472442Gfg2uPsrBvW7/sC3jFH1moz6qQDqa0P5zCeOt9kYM7V8DnHNaBsEqHdRE
6qPVzhKmBc8ZonMeQ3jX2ZVJW3M4JfCbKmIhASGVIXTs7JxsQ1WxZOGz5dosgzI2
NbylxeVmEzSa8F4y81RRvj9UZRAwpG8aw1zf/FtQrRumzL2AClcqRmaqgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDqecdTER8oAIiyDwfvNv+XtS+NxMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvT3A1eDFNUkh5Z0FpTElQQi04Ml81ZTFMNDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgIvwAAB
AwcAKgIvwAADAwcBKgIvwAAKMA0GCSqGSIb3DQEBCwUAA4IBAQBSIfPjDhABuOK1
Jky69Te9IPmjHWbWsI36Z0BO1uwmr/kYcFArPJs0puzdb53xPQswCBQip8I6wXyX
WXy2RZwQTt177tsdurYpchiLjmHk0YNQ5cZN9lgzil92eeuk6n29maj/CW/JStmZ
KQXGMvU5Doq9ttpFrb3+1R12HoPFF62YCUSBYp60lMEVzDrS6oKZ14/BqngDjvda
Aug1tRF7N5DULmCqm39LXowtFA6qiCl6c4lfDYwag9lXqNC/cnY5r/fbWPAufi+G
LD2iOxjTrdo9zhO4OtlkTQzsxq92fzyHthzx2gaN3yxIid8gCRz+Zte7tNlp4UtI
7pPGxOP4
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:01:52 2025 by rpki-client