Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/t5B6L3SDpnNQxpYAOqxx1KDKYiM.roa
File: t5B6L3SDpnNQxpYAOqxx1KDKYiM.roa (raw, json)
Hash identifier: 2vbjQ+gKJBatZbu743TFnHPjWQew0j+rLlGQUa/1PSM=
Subject key identifier: B7:90:7A:2F:74:83:A6:73:50:C6:96:00:3A:AC:71:D4:A0:CA:62:23
Certificate issuer: /CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Certificate serial: 01985FFCA2D6EAC105452AECD3EF45B576A2
Authority key identifier: 3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/t5B6L3SDpnNQxpYAOqxx1KDKYiM.roa
Signing time: Thu 31 Jul 2025 10:17:28 +0000
ROA not before: Thu 31 Jul 2025 10:17:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199326
IP address blocks: 217.70.6.0/24 maxlen: 24
2a13:7700::/40 maxlen: 40
2a13:7700:1::/48 maxlen: 48
2a13:7700:2::/48 maxlen: 48
2a13:7700:100::/40 maxlen: 40
2a13:7705::/40 maxlen: 40
2a13:7705::/48 maxlen: 48
2a13:7705:a::/48 maxlen: 48
2a13:7705:10::/48 maxlen: 48
2a13:7705:80::/48 maxlen: 48
2a13:7705:90::/48 maxlen: 48
2a13:7705:ff00::/40 maxlen: 40
2a13:7705:ff00::/48 maxlen: 48
2a13:7705:ff01::/48 maxlen: 48
2a13:7705:ff04::/48 maxlen: 48
2a13:7705:ff08::/48 maxlen: 48
2a13:7705:ff10::/48 maxlen: 48
2a13:7705:ff14::/48 maxlen: 48
2a13:7705:ff18::/48 maxlen: 48
2a13:7705:ff1c::/48 maxlen: 48
2a13:7705:ff20::/48 maxlen: 48
2a13:7705:ff24::/48 maxlen: 48
2a13:7705:ff28::/48 maxlen: 48
2a13:7705:ff2c::/48 maxlen: 48
2a13:7705:ff30::/48 maxlen: 48
2a13:7705:ff34::/48 maxlen: 48
2a13:7705:ff38::/48 maxlen: 48
2a13:7705:ff3c::/48 maxlen: 48
2a13:7705:ff40::/48 maxlen: 48
2a13:7705:ff44::/48 maxlen: 48
2a13:7705:ff4c::/48 maxlen: 48
2a13:7705:ff50::/48 maxlen: 48
2a13:7705:ff54::/48 maxlen: 48
2a13:7705:ff58::/48 maxlen: 48
2a13:7705:ff5c::/48 maxlen: 48
2a13:7705:ff60::/48 maxlen: 48
2a13:7705:ff64::/48 maxlen: 48
2a13:7705:ff68::/48 maxlen: 48
2a13:7705:ff6c::/48 maxlen: 48
2a13:7705:ff70::/48 maxlen: 48
2a13:7705:ff74::/48 maxlen: 48
2a13:7705:ff78::/48 maxlen: 48
2a13:7705:ff7c::/48 maxlen: 48
2a13:7705:ff80::/48 maxlen: 48
2a13:7705:ff84::/48 maxlen: 48
2a13:7705:ff88::/48 maxlen: 48
2a13:7705:ff8c::/48 maxlen: 48
2a13:7705:ff90::/48 maxlen: 48
2a13:7705:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5f:fc:a2:d6:ea:c1:05:45:2a:ec:d3:ef:45:b5:76:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Validity
Not Before: Jul 31 10:17:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7907a2f7483a67350c696003aac71d4a0ca6223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:18:0c:3d:fb:38:c7:16:e8:22:df:73:11:3c:
30:ef:9c:f5:46:f4:e4:91:43:b3:d5:a1:7c:f0:11:
4d:8b:85:03:df:33:c4:e1:38:2b:41:be:3a:1b:43:
06:cd:16:72:ed:d4:ae:ad:41:af:e0:0f:ec:2a:3c:
bf:e7:65:b2:d7:16:ac:3c:03:58:6a:58:c0:56:31:
a2:d2:56:d9:7d:2b:6b:17:59:ed:69:9a:9d:43:9b:
95:c3:f4:74:37:6d:ec:3d:bf:a1:1c:52:4c:fd:80:
18:ae:9b:e8:0f:50:56:f2:c6:e9:13:c9:52:c9:db:
e1:50:10:66:da:0b:8c:52:6b:fd:64:30:47:d9:51:
40:30:8d:44:58:a5:e8:10:23:88:fd:6b:38:7f:dc:
4e:e5:99:59:1f:db:31:16:ba:7c:87:ee:36:3c:39:
10:1d:60:cf:18:c6:f7:0e:4c:c7:3a:67:0c:1c:b7:
5f:30:ee:96:84:2e:f3:a3:90:f9:fe:9d:6c:ab:3a:
9d:b3:09:1d:a7:8c:71:63:a7:23:ab:6e:63:72:6d:
f4:56:6c:9b:9f:15:a4:c4:c0:b5:8e:e4:d8:31:ce:
ff:75:9f:da:c1:b7:0a:fa:d1:ff:8a:89:d8:33:1d:
5e:1c:d4:92:01:f8:ac:bb:64:fa:1b:fb:aa:53:ea:
7e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:90:7A:2F:74:83:A6:73:50:C6:96:00:3A:AC:71:D4:A0:CA:62:23
X509v3 Authority Key Identifier:
keyid:3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/t5B6L3SDpnNQxpYAOqxx1KDKYiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.70.6.0/24
IPv6:
2a13:7700::/39
2a13:7705::/40
2a13:7705:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
34:f4:c8:fb:33:31:72:31:55:0a:40:1a:65:11:58:0e:f7:fb:
75:b4:85:de:c9:fb:8a:90:eb:dc:98:92:8e:02:d7:05:65:d9:
3e:cf:47:cc:fb:12:b7:28:05:b8:1b:ca:65:b7:d9:72:e8:25:
bf:ca:0f:e1:80:c9:2e:eb:10:b3:8c:40:2d:4a:51:df:22:96:
12:12:37:7b:33:0d:49:ef:2e:f4:b7:76:68:3e:98:f3:8e:ab:
b5:1f:f3:8f:a3:6f:a4:a1:c7:c4:e4:ab:df:4e:30:5d:af:35:
db:ad:d0:3d:f2:e8:24:a9:c8:f0:fc:e5:b4:c5:d8:51:64:47:
33:1c:4b:a2:41:1a:aa:de:60:6f:9f:0e:55:cf:5c:20:72:7f:
85:49:b5:34:ba:69:13:da:2d:c8:f9:ba:41:3d:19:42:2c:3d:
d5:67:27:12:3e:7a:6d:a6:d1:0f:e9:71:09:d1:23:0a:b0:33:
23:1e:9d:99:74:ba:f6:06:8f:cf:fe:53:db:1a:56:5a:5e:7d:
a3:ab:1d:73:56:e0:51:4c:04:26:c0:27:8b:44:d0:ac:38:b4:
1f:09:eb:62:89:c1:3d:1f:21:15:9d:70:84:eb:0e:52:73:cc:
6b:a0:fc:23:36:0c:a8:87:6b:44:34:a8:60:53:c6:88:3c:b3:
27:98:a9:55
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhf/KLW6sEFRSrs0+9FtXaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmMyOTU4MTQ1ZjQ1ZmFkNWRhZWViMzhiNzViNTJjMDk2
NjEwNDYwHhcNMjUwNzMxMTAxNzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzkwN2EyZjc0ODNhNjczNTBjNjk2MDAzYWFjNzFkNGEwY2E2MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBgMPfs4xxboIt9zETww75z1RvTk
kUOz1aF88BFNi4UD3zPE4TgrQb46G0MGzRZy7dSurUGv4A/sKjy/52Wy1xasPANY
aljAVjGi0lbZfStrF1ntaZqdQ5uVw/R0N23sPb+hHFJM/YAYrpvoD1BW8sbpE8lS
ydvhUBBm2guMUmv9ZDBH2VFAMI1EWKXoECOI/Ws4f9xO5ZlZH9sxFrp8h+42PDkQ
HWDPGMb3DkzHOmcMHLdfMO6WhC7zo5D5/p1sqzqdswkdp4xxY6cjq25jcm30Vmyb
nxWkxMC1juTYMc7/dZ/awbcK+tH/ionYMx1eHNSSAfisu2T6G/uqU+p+AwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLeQei90g6ZzUMaWADqscdSgymIjMB8GA1UdIwQY
MBaAFD1sKVgUX0X61drus4t1tSwJZhBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQt
NWUxYjA3ODg5MjNiLzEvdDVCNkwzU0Rwbk5ReHBZQU9xeHgxS0RLWWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQtNWUxYjA3ODg5MjNi
LzEvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQA2UYGMB4E
AgACMBgDBgEqE3cAAAMGACoTdwUAAwYAKhN3Bf8wDQYJKoZIhvcNAQELBQADggEB
ADT0yPszMXIxVQpAGmURWA73+3W0hd7J+4qQ69yYko4C1wVl2T7PR8z7ErcoBbgb
ymW32XLoJb/KD+GAyS7rELOMQC1KUd8ilhISN3szDUnvLvS3dmg+mPOOq7Uf84+j
b6Shx8Tkq99OMF2vNdut0D3y6CSpyPD85bTF2FFkRzMcS6JBGqreYG+fDlXPXCBy
f4VJtTS6aRPaLcj5ukE9GUIsPdVnJxI+em2m0Q/pcQnRIwqwMyMenZl0uvYGj8/+
U9saVlpefaOrHXNW4FFMBCbAJ4tE0Kw4tB8J62KJwT0fIRWdcITrDlJzzGug/CM2
DKiHa0Q0qGBTxog8syeYqVU=
-----END CERTIFICATE-----
Generated at Tue Aug 12 13:30:18 2025 by rpki-client