Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/j8bp3Qz9ZSdaxoEjcKIre3-vkhw.roa
File: j8bp3Qz9ZSdaxoEjcKIre3-vkhw.roa (raw, json)
Hash identifier: PnqCN7xUMHC/KLA/N/99pHhBaBX1+FNaWNSjOdJTMTE=
Subject key identifier: 8F:C6:E9:DD:0C:FD:65:27:5A:C6:81:23:70:A2:2B:7B:7F:AF:92:1C
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0198806D8D049EC3CDCA6C7EB2F7304735DB
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/j8bp3Qz9ZSdaxoEjcKIre3-vkhw.roa
Signing time: Wed 06 Aug 2025 17:28:39 +0000
ROA not before: Wed 06 Aug 2025 17:28:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:a800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:6d:8d:04:9e:c3:cd:ca:6c:7e:b2:f7:30:47:35:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 6 17:28:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fc6e9dd0cfd65275ac6812370a22b7b7faf921c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d0:e8:2d:57:ab:0b:43:58:c7:bf:8a:b8:ed:
0e:b9:40:78:48:21:c5:6a:a5:b7:29:9f:ea:0f:7c:
48:19:34:72:0e:78:07:e5:d9:c9:9e:d6:26:38:a5:
33:ff:f8:d6:43:15:26:42:55:50:b0:58:9b:0f:00:
b0:80:e4:90:6f:f4:69:a7:96:b7:ec:c2:a5:0f:cb:
0e:70:32:39:6f:6b:37:09:7c:cd:2d:79:ec:d4:0c:
11:74:3f:34:41:80:04:e2:25:7b:d0:3e:77:8c:14:
6e:6e:aa:53:c4:05:d3:41:51:2c:5a:40:aa:14:01:
1f:fe:9d:14:ca:8a:a2:9e:28:8f:45:41:02:64:3b:
7a:7a:f5:55:ba:c3:2a:80:83:d2:d5:d5:9c:aa:0b:
07:55:0b:3f:6a:44:47:c3:2a:60:01:6f:c0:14:3c:
eb:91:13:35:37:2d:db:d1:f7:71:6b:52:cf:3c:0f:
e5:4d:f4:26:75:71:2b:86:4a:04:99:61:85:b3:5b:
a2:71:26:f4:b0:9d:52:79:88:d5:06:d1:cd:55:7d:
10:32:e6:72:82:8b:ed:82:2a:a4:0d:5d:16:83:dd:
1f:75:67:c1:e4:f1:3a:bc:fa:42:95:c2:06:19:bb:
f9:0e:71:d7:1f:f3:29:a3:83:9e:1a:90:ac:db:40:
e2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C6:E9:DD:0C:FD:65:27:5A:C6:81:23:70:A2:2B:7B:7F:AF:92:1C
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/j8bp3Qz9ZSdaxoEjcKIre3-vkhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a800::/32
Signature Algorithm: sha256WithRSAEncryption
66:fe:93:25:88:c6:a3:c4:f5:2d:16:85:69:76:f9:d9:1e:df:
82:a3:76:80:b8:c6:1a:e7:61:34:70:0e:9b:80:5c:c7:ac:ca:
a4:93:89:3d:76:56:ab:c4:d7:28:d7:a5:74:de:63:e2:b2:5c:
e9:83:47:65:89:c8:fd:ca:30:d0:0a:e0:32:b1:8e:96:44:a6:
48:e2:6e:b7:2b:d7:18:59:a3:b7:48:73:61:f9:fc:4c:49:05:
ad:0c:8a:f4:b4:f9:ef:5d:01:ca:ef:77:80:b0:32:59:f5:dc:
bb:e4:5b:25:5d:94:9d:97:a7:a1:22:aa:9a:a9:c4:82:40:9f:
84:b9:e3:4c:50:15:f8:b0:13:2a:36:15:c5:9a:42:69:3b:c8:
60:54:c5:25:50:dc:06:e4:10:b5:3f:90:a9:30:5c:aa:f1:18:
9d:5e:ca:5d:a7:0d:d8:3d:5d:40:aa:a2:b6:8f:2a:27:af:25:
7c:67:ca:2c:ed:30:9b:45:9c:d5:c5:d2:51:fa:7e:b0:12:f9:
76:cf:10:0d:41:72:ee:d0:07:82:f1:48:76:b5:16:b3:14:2d:
f8:fa:24:78:7b:50:c2:a4:13:11:44:29:4f:15:89:7c:8a:69:
cc:6a:0a:30:98:df:05:26:51:ac:85:7e:11:42:3d:ce:cb:f6:
2a:30:d7:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZiAbY0EnsPNymx+svcwRzXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA2MTcyODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM2ZTlkZDBjZmQ2NTI3NWFjNjgxMjM3MGEyMmI3YjdmYWY5MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dDoLVerC0NYx7+KuO0OuUB4SCHF
aqW3KZ/qD3xIGTRyDngH5dnJntYmOKUz//jWQxUmQlVQsFibDwCwgOSQb/Rpp5a3
7MKlD8sOcDI5b2s3CXzNLXns1AwRdD80QYAE4iV70D53jBRubqpTxAXTQVEsWkCq
FAEf/p0UyoqiniiPRUECZDt6evVVusMqgIPS1dWcqgsHVQs/akRHwypgAW/AFDzr
kRM1Ny3b0fdxa1LPPA/lTfQmdXErhkoEmWGFs1uicSb0sJ1SeYjVBtHNVX0QMuZy
govtgiqkDV0Wg90fdWfB5PE6vPpClcIGGbv5DnHXH/Mpo4OeGpCs20Di/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI/G6d0M/WUnWsaBI3CiK3t/r5IcMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvajhicDNRejlaU2RheG9FamNLSXJlMy12a2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmoADAN
BgkqhkiG9w0BAQsFAAOCAQEAZv6TJYjGo8T1LRaFaXb52R7fgqN2gLjGGudhNHAO
m4Bcx6zKpJOJPXZWq8TXKNeldN5j4rJc6YNHZYnI/cow0ArgMrGOlkSmSOJutyvX
GFmjt0hzYfn8TEkFrQyK9LT5710Byu93gLAyWfXcu+RbJV2UnZenoSKqmqnEgkCf
hLnjTFAV+LATKjYVxZpCaTvIYFTFJVDcBuQQtT+QqTBcqvEYnV7KXacN2D1dQKqi
to8qJ68lfGfKLO0wm0Wc1cXSUfp+sBL5ds8QDUFy7tAHgvFIdrUWsxQt+PokeHtQ
wqQTEUQpTxWJfIppzGoKMJjfBSZRrIV+EUI9zsv2KjDXig==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:42:57 2025 by rpki-client