Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/c_ipsLRzEgE5DXpkiVFIk32gy4w.roa
File: c_ipsLRzEgE5DXpkiVFIk32gy4w.roa (raw, json)
Hash identifier: KkfKem9M1oAl2JCMI+RrdXiWdDVk/LRejyZbOohwDvU=
Subject key identifier: 73:F8:A9:B0:B4:73:12:01:39:0D:7A:64:89:51:48:93:7D:A0:CB:8C
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019840CCDEDFCE3B2E16796BAF20F823ACDE
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/c_ipsLRzEgE5DXpkiVFIk32gy4w.roa
Signing time: Fri 25 Jul 2025 08:57:04 +0000
ROA not before: Fri 25 Jul 2025 08:57:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204669
IP address blocks: 2a06:b441::/32 maxlen: 32
2a11:2f40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:f240::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:cc:de:df:ce:3b:2e:16:79:6b:af:20:f8:23:ac:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 25 08:57:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73f8a9b0b4731201390d7a64895148937da0cb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:c1:e5:d6:5e:05:52:8d:11:f1:3a:cd:ff:
78:8a:b0:02:52:08:6d:b9:89:47:19:34:8c:1e:78:
fa:10:10:19:ed:1a:98:d1:22:78:83:6e:c3:40:e7:
9d:4e:a9:11:72:b7:b0:77:6c:b0:65:fa:62:ea:a4:
ce:e1:a7:c4:28:a3:1f:3a:74:36:22:dd:19:b1:1b:
c7:ac:f6:21:e5:58:4c:2c:5e:0e:f0:66:cc:73:cd:
b5:e7:1c:94:bd:97:91:58:70:1b:ed:7c:17:a0:39:
15:0c:59:79:0e:94:d1:63:6c:98:eb:37:f0:29:c6:
5e:75:70:00:6a:18:83:94:8a:9f:90:b5:41:27:e5:
90:c0:cc:5f:f5:fa:d2:8d:44:ff:af:c0:f9:96:8d:
26:b6:a7:65:8e:9d:2d:e5:bb:23:fa:bf:36:70:fc:
6b:ad:38:b9:0c:83:30:a5:ec:2f:e7:b3:9e:e7:c7:
36:87:51:3c:3d:9d:1a:a3:ab:bf:f7:6a:5e:8c:d2:
7c:d5:44:86:17:66:0d:a3:2a:4c:61:42:99:c8:f4:
49:99:d6:07:97:cd:30:c5:be:d4:b1:70:1c:fc:fb:
2a:97:03:57:9c:aa:d7:eb:cf:6b:23:78:05:2f:40:
da:65:3d:21:89:a0:93:37:df:6d:da:a7:ed:b4:e9:
18:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F8:A9:B0:B4:73:12:01:39:0D:7A:64:89:51:48:93:7D:A0:CB:8C
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/c_ipsLRzEgE5DXpkiVFIk32gy4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b441::/32
2a11:2f40::/29
2a11:7240::/29
2a11:f240::/29
2a12:7740::/29
Signature Algorithm: sha256WithRSAEncryption
4d:72:46:83:83:80:37:69:9c:2b:bf:22:c8:86:be:b1:59:d9:
7c:96:6d:e1:d9:01:f8:61:fe:b7:d9:fb:91:80:e9:ed:c0:a4:
10:6a:7c:e5:0f:99:5b:4c:b5:39:6f:5a:0e:d2:f7:c1:97:ea:
e3:6f:21:fa:fc:e1:c5:86:14:f2:e0:a6:48:dd:58:e2:4f:16:
4c:83:01:ee:d5:ff:c6:ae:08:2a:dd:df:3c:a7:0a:b6:1a:8e:
5d:12:42:32:e5:01:e9:a4:58:d2:0c:2e:47:f3:38:ec:68:3c:
60:7f:28:35:77:fa:53:85:b8:45:02:6f:6b:74:b4:92:d7:fa:
fe:d5:e9:95:5d:9b:cd:e0:70:07:e2:e0:be:2f:b6:05:6d:54:
fd:96:f0:6d:84:61:1e:0f:5a:a9:5c:46:5d:10:58:de:f1:38:
e7:10:32:6f:44:9b:53:1f:db:f8:ea:2c:74:1b:67:91:3b:3c:
bb:82:02:e4:41:db:7b:c4:39:b0:48:6e:a0:13:a6:b7:18:09:
8c:18:af:70:e9:99:78:c8:3f:d3:0a:ec:b9:1b:91:dc:10:8f:
dd:1e:be:0f:8c:a7:4c:ee:4b:6c:1c:8f:2b:1a:82:8f:10:6e:
83:50:a0:de:67:af:ce:b9:a6:39:65:09:a0:07:c4:54:5d:b3:
9c:a1:e6:09
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZhAzN7fzjsuFnlrryD4I6zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNzI1MDg1NzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y4YTliMGI0NzMxMjAxMzkwZDdhNjQ4OTUxNDg5MzdkYTBjYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXbB5dZeBVKNEfE6zf94irACUght
uYlHGTSMHnj6EBAZ7RqY0SJ4g27DQOedTqkRcrewd2ywZfpi6qTO4afEKKMfOnQ2
It0ZsRvHrPYh5VhMLF4O8GbMc8215xyUvZeRWHAb7XwXoDkVDFl5DpTRY2yY6zfw
KcZedXAAahiDlIqfkLVBJ+WQwMxf9frSjUT/r8D5lo0mtqdljp0t5bsj+r82cPxr
rTi5DIMwpewv57Oe58c2h1E8PZ0ao6u/92pejNJ81USGF2YNoypMYUKZyPRJmdYH
l80wxb7UsXAc/PsqlwNXnKrX689rI3gFL0DaZT0hiaCTN99t2qfttOkYnwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHP4qbC0cxIBOQ16ZIlRSJN9oMuMMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvY19pcHNMUnpFZ0U1RFhwa2lWRklrMzJneTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKga0QQMF
AyoRL0ADBQMqEXJAAwUDKhHyQAMFAyoSd0AwDQYJKoZIhvcNAQELBQADggEBAE1y
RoODgDdpnCu/IsiGvrFZ2XyWbeHZAfhh/rfZ+5GA6e3ApBBqfOUPmVtMtTlvWg7S
98GX6uNvIfr84cWGFPLgpkjdWOJPFkyDAe7V/8auCCrd3zynCrYajl0SQjLlAemk
WNIMLkfzOOxoPGB/KDV3+lOFuEUCb2t0tJLX+v7V6ZVdm83gcAfi4L4vtgVtVP2W
8G2EYR4PWqlcRl0QWN7xOOcQMm9Em1Mf2/jqLHQbZ5E7PLuCAuRB23vEObBIbqAT
prcYCYwYr3DpmXjIP9MK7LkbkdwQj90evg+Mp0zuS2wcjysago8QboNQoN5nr865
pjllCaAHxFRds5yh5gk=
-----END CERTIFICATE-----
Generated at Thu Aug 7 13:10:24 2025 by rpki-client