Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qYtaBV1QHFqIX4Zzb9pAgcJ7FlM.roa
File: qYtaBV1QHFqIX4Zzb9pAgcJ7FlM.roa (raw, json)
Hash identifier: lX56tQdRTgCel8q/Xo9AvRt49Mx4NjdnE/8coAHzSjc=
Subject key identifier: A9:8B:5A:05:5D:50:1C:5A:88:5F:86:73:6F:DA:40:81:C2:7B:16:53
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019850A59308ADBB98266DAFDD9060FC3707
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qYtaBV1QHFqIX4Zzb9pAgcJ7FlM.roa
Signing time: Mon 28 Jul 2025 10:48:05 +0000
ROA not before: Mon 28 Jul 2025 10:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199152
IP address blocks: 2a0e:7f07::/32 maxlen: 32
2a0f:9d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:a5:93:08:ad:bb:98:26:6d:af:dd:90:60:fc:37:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Jul 28 10:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a98b5a055d501c5a885f86736fda4081c27b1653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:76:23:bd:8b:79:3d:3f:93:40:01:c6:a7:83:
ad:05:36:f5:8d:d2:5c:99:20:d6:5b:32:39:c1:86:
41:66:ac:39:ee:fc:05:df:f1:2c:05:62:bf:db:b4:
b8:51:99:17:e4:89:1e:69:21:6f:e7:e8:cc:30:b9:
fa:b2:b3:a5:9c:74:9b:a3:58:69:2b:e5:ae:7a:09:
b8:c2:1d:09:13:bd:7d:cd:98:77:6f:81:8f:e1:25:
6d:f9:f5:da:79:58:1d:c7:7f:22:e5:40:b2:c0:92:
93:bd:93:5f:2e:9b:52:f1:9f:72:fd:7a:34:c3:8b:
c2:25:4f:cc:4a:5b:46:47:34:43:d9:5d:15:7d:22:
dc:07:e7:58:fc:0d:b1:8d:76:57:a0:58:2a:58:e1:
e5:8a:6a:9b:9c:c1:d9:10:95:26:f0:cd:1f:57:9d:
81:9c:2b:4d:3c:74:8a:6f:a2:c1:7e:d8:61:8f:30:
ab:dd:1a:29:0e:2a:78:a6:5c:0d:fe:7a:c9:29:b2:
1c:85:3b:4f:6b:dd:96:3b:e7:12:15:6a:72:c1:5a:
36:14:7c:a5:e5:c5:67:99:07:c3:f3:ea:fe:05:7a:
1b:8a:13:85:ce:9b:3d:95:6b:cf:f4:fe:cf:6d:87:
3c:66:3a:92:27:f4:69:1a:8a:81:9f:53:00:30:84:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8B:5A:05:5D:50:1C:5A:88:5F:86:73:6F:DA:40:81:C2:7B:16:53
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qYtaBV1QHFqIX4Zzb9pAgcJ7FlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f07::/32
2a0f:9d00::/32
Signature Algorithm: sha256WithRSAEncryption
7f:ac:f3:33:f6:c2:77:65:2c:79:69:e4:64:7e:e5:6b:2f:6a:
fd:74:f1:a1:9b:9c:11:8a:92:ca:39:d2:48:3a:a0:09:4b:38:
14:a3:ee:fb:1d:61:c1:6d:4e:93:37:e2:0a:18:80:97:1e:14:
74:27:26:da:a6:01:11:24:62:3e:43:06:3a:75:b4:56:22:d2:
d0:63:52:82:32:1d:c3:fc:78:8c:c5:06:82:97:b4:96:1d:88:
af:48:ce:3b:cb:c5:25:72:04:82:a1:ad:a1:62:20:52:3e:f0:
2b:41:1e:71:04:27:59:ff:34:58:9a:17:30:03:2c:44:d6:75:
fe:00:26:fa:84:f4:f7:bf:b5:87:18:59:bf:2c:cf:77:78:a4:
82:fd:de:ea:ac:ef:2c:3b:7c:b6:f2:c7:df:8a:93:af:ce:07:
5a:9f:df:3e:5a:b4:7b:7b:aa:01:72:51:f5:f2:3a:92:7e:9f:
6c:12:f7:c2:09:42:ff:63:ae:c4:d4:25:5e:87:05:5a:7f:7b:
34:3e:87:da:f2:26:58:2b:48:37:13:57:64:8a:d8:49:9f:ca:
1e:63:9c:bd:da:01:be:e0:a4:60:34:84:51:15:16:ce:ae:d9:
f3:a9:32:aa:26:c8:db:74:e9:3b:48:63:0e:ee:8d:24:28:1e:
5e:f4:44:dd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZhQpZMIrbuYJm2v3ZBg/DcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwNzI4MTA0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThiNWEwNTVkNTAxYzVhODg1Zjg2NzM2ZmRhNDA4MWMyN2IxNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3YjvYt5PT+TQAHGp4OtBTb1jdJc
mSDWWzI5wYZBZqw57vwF3/EsBWK/27S4UZkX5IkeaSFv5+jMMLn6srOlnHSbo1hp
K+Wuegm4wh0JE719zZh3b4GP4SVt+fXaeVgdx38i5UCywJKTvZNfLptS8Z9y/Xo0
w4vCJU/MSltGRzRD2V0VfSLcB+dY/A2xjXZXoFgqWOHlimqbnMHZEJUm8M0fV52B
nCtNPHSKb6LBfthhjzCr3RopDip4plwN/nrJKbIchTtPa92WO+cSFWpywVo2FHyl
5cVnmQfD8+r+BXobihOFzps9lWvP9P7PbYc8ZjqSJ/RpGoqBn1MAMIRgKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKmLWgVdUBxaiF+Gc2/aQIHCexZTMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvcVl0YUJWMVFIRnFJWDRaemI5cEFnY0o3RmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/BwMF
ACoPnQAwDQYJKoZIhvcNAQELBQADggEBAH+s8zP2wndlLHlp5GR+5Wsvav108aGb
nBGKkso50kg6oAlLOBSj7vsdYcFtTpM34goYgJceFHQnJtqmAREkYj5DBjp1tFYi
0tBjUoIyHcP8eIzFBoKXtJYdiK9IzjvLxSVyBIKhraFiIFI+8CtBHnEEJ1n/NFia
FzADLETWdf4AJvqE9Pe/tYcYWb8sz3d4pIL93uqs7yw7fLbyx9+Kk6/OB1qf3z5a
tHt7qgFyUfXyOpJ+n2wS98IJQv9jrsTUJV6HBVp/ezQ+h9ryJlgrSDcTV2SK2Emf
yh5jnL3aAb7gpGA0hFEVFs6u2fOpMqomyNt06TtIYw7ujSQoHl70RN0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:00:34 2025 by rpki-client