Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/izylkdHb8K1XiexJr07bxHzS70o.roa
File: izylkdHb8K1XiexJr07bxHzS70o.roa (raw, json)
Hash identifier: +WAoXiTTcbRjvuFJ+mdToEXjYNYtqJBIbb39TwPcmHE=
Subject key identifier: 8B:3C:A5:91:D1:DB:F0:AD:57:89:EC:49:AF:4E:DB:C4:7C:D2:EF:4A
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019840CCDF8840CC5B486871A8705ACA5CFF
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/izylkdHb8K1XiexJr07bxHzS70o.roa
Signing time: Fri 25 Jul 2025 08:57:05 +0000
ROA not before: Fri 25 Jul 2025 08:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214477
IP address blocks: 2a12:6f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:cc:df:88:40:cc:5b:48:68:71:a8:70:5a:ca:5c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 25 08:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b3ca591d1dbf0ad5789ec49af4edbc47cd2ef4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fe:a8:98:64:ea:2f:a2:1f:28:63:71:09:31:
bf:ec:e3:2a:40:c2:d4:b8:bb:1f:e7:c2:fd:94:d5:
fb:09:a5:8b:ef:d9:6f:07:7b:95:91:08:21:b3:dd:
da:63:41:3c:54:a8:30:6e:1e:b7:65:e9:d5:e3:6d:
8d:ec:4d:49:90:5f:38:f0:d2:d8:7d:8c:b9:8f:cd:
40:f2:06:55:e7:a0:0b:a5:55:8a:0f:f3:ee:da:39:
5f:f2:11:15:c9:50:ab:00:50:4e:c9:e8:bd:ab:c2:
54:66:3c:6e:bc:f0:a7:ee:ee:de:ff:0d:3b:7d:2f:
ea:fe:92:4a:3c:5e:e9:83:2b:7b:85:82:7d:91:39:
d8:9b:1e:c1:a3:a7:22:b1:9e:0a:36:04:fe:80:20:
a7:f0:43:4c:bd:10:74:04:7c:57:ca:06:fe:d4:0c:
ad:7c:81:72:ad:35:e0:70:ab:68:74:ed:0b:67:30:
75:d1:e0:6f:cc:f8:20:fd:69:dc:76:fc:8f:14:1b:
e1:54:68:23:e8:75:27:4c:a5:60:5c:60:25:f7:b5:
5c:db:3c:04:f9:99:9f:cf:d8:2c:ec:4a:e6:cc:a1:
d8:59:09:de:bd:50:8f:3b:6d:31:5f:1e:51:b8:62:
41:a8:31:2c:86:3e:04:0a:7e:73:f5:a1:0d:7b:26:
bc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3C:A5:91:D1:DB:F0:AD:57:89:EC:49:AF:4E:DB:C4:7C:D2:EF:4A
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/izylkdHb8K1XiexJr07bxHzS70o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6f40::/29
Signature Algorithm: sha256WithRSAEncryption
6e:f5:53:73:b2:14:5d:87:c0:cd:aa:ff:96:54:a9:f5:16:ca:
1d:55:30:c3:31:77:46:1d:d2:85:05:6e:49:30:c3:9d:66:bb:
e6:fd:40:d4:c0:47:d4:6f:e5:b0:8a:3e:fa:41:a4:6a:fe:93:
a4:d2:0d:d1:92:25:ae:7d:ad:bd:36:ab:18:8d:5b:16:4d:f0:
8b:43:e7:0c:65:57:15:ec:d2:ff:e8:55:ba:02:ed:a7:1b:41:
60:1c:f8:0c:ff:27:4d:8f:30:43:05:37:4c:9e:f7:b4:03:7e:
51:8a:5e:b0:c9:d8:a9:b1:d9:9e:b5:6d:e2:2b:8a:1c:73:c7:
1f:13:2b:90:40:12:6a:dd:51:67:92:e9:08:36:49:a3:f4:d8:
d2:e1:0a:1a:77:2d:6e:f0:b6:06:ad:81:f0:d7:10:83:0f:db:
60:cd:3b:8a:0c:5b:d1:c2:d0:ff:2f:e8:98:bd:c1:7d:e4:93:
5b:86:4d:cc:9f:3d:88:88:bf:af:62:5c:5f:93:fb:3a:9e:c7:
05:2f:41:f1:f3:f3:fc:8f:53:5e:2b:21:9e:82:a1:c8:92:73:
34:a3:9a:79:4c:d0:3c:dc:8b:72:db:1c:ea:54:d4:02:dc:03:
37:86:95:52:04:3a:96:2a:2c:56:89:2c:f4:f1:0d:8d:b2:7a:
1d:66:af:ef
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZhAzN+IQMxbSGhxqHBaylz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNzI1MDg1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNjYTU5MWQxZGJmMGFkNTc4OWVjNDlhZjRlZGJjNDdjZDJlZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf6omGTqL6IfKGNxCTG/7OMqQMLU
uLsf58L9lNX7CaWL79lvB3uVkQghs93aY0E8VKgwbh63ZenV422N7E1JkF848NLY
fYy5j81A8gZV56ALpVWKD/Pu2jlf8hEVyVCrAFBOyei9q8JUZjxuvPCn7u7e/w07
fS/q/pJKPF7pgyt7hYJ9kTnYmx7Bo6cisZ4KNgT+gCCn8ENMvRB0BHxXygb+1Ayt
fIFyrTXgcKtodO0LZzB10eBvzPgg/WncdvyPFBvhVGgj6HUnTKVgXGAl97Vc2zwE
+Zmfz9gs7ErmzKHYWQnevVCPO20xXx5RuGJBqDEshj4ECn5z9aENeya8zQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIs8pZHR2/CtV4nsSa9O28R80u9KMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvaXp5bGtkSGI4SzFYaWV4SnIwN2J4SHpTNzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbvVTc7IUXYfAzar/llSp9RbKHVUwwzF3Rh3ShQVu
STDDnWa75v1A1MBH1G/lsIo++kGkav6TpNIN0ZIlrn2tvTarGI1bFk3wi0PnDGVX
FezS/+hVugLtpxtBYBz4DP8nTY8wQwU3TJ73tAN+UYpesMnYqbHZnrVt4iuKHHPH
HxMrkEASat1RZ5LpCDZJo/TY0uEKGnctbvC2Bq2B8NcQgw/bYM07igxb0cLQ/y/o
mL3BfeSTW4ZNzJ89iIi/r2JcX5P7Op7HBS9B8fPz/I9TXishnoKhyJJzNKOaeUzQ
PNyLctsc6lTUAtwDN4aVUgQ6liosVoks9PENjbJ6HWav7w==
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:53:42 2025 by rpki-client