Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PYxlhL1mzCOeny3Sr7DlDiqOM_A.roa
File: PYxlhL1mzCOeny3Sr7DlDiqOM_A.roa (raw, json)
Hash identifier: prRx5sxdvZ0wwVCCYlXXgpMVhLifwyUWKjK1FfXKb8g=
Subject key identifier: 3D:8C:65:84:BD:66:CC:23:9E:9F:2D:D2:AF:B0:E5:0E:2A:8E:33:F0
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01971127E13D2DC837BB2D05AF6C7E83E70F
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PYxlhL1mzCOeny3Sr7DlDiqOM_A.roa
Signing time: Tue 27 May 2025 09:51:55 +0000
ROA not before: Tue 27 May 2025 09:51:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206744
IP address blocks: 2a06:5fc5::/32 maxlen: 32
2a13:bb45::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:27:e1:3d:2d:c8:37:bb:2d:05:af:6c:7e:83:e7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 27 09:51:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8c6584bd66cc239e9f2dd2afb0e50e2a8e33f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:56:8a:0c:a7:44:5a:53:e2:db:f9:60:7a:
c9:d7:8f:05:3d:53:e3:f3:e4:58:72:0c:fe:0f:e6:
2f:c8:91:7d:b1:a7:d6:a6:28:02:1a:07:cf:23:f9:
d0:c9:1a:78:c1:fb:f6:0a:22:8d:24:60:87:af:e1:
cd:b7:03:9e:42:f6:09:af:02:87:46:8b:f7:f0:e7:
fa:ab:69:bc:33:e7:40:40:be:6b:23:25:35:00:38:
0e:62:80:76:5a:a3:2a:35:07:fd:bb:a3:90:70:de:
d6:e3:69:d5:df:48:44:ff:26:ac:8d:c7:ba:53:8f:
87:ae:2a:76:56:b3:0d:3c:33:65:76:95:b2:74:d7:
42:db:e8:14:66:4d:0d:13:97:f2:2b:18:3d:89:49:
fe:f1:58:60:29:08:9f:08:bb:a9:ed:37:17:eb:04:
1c:2f:a4:c5:7e:65:a3:b8:d7:d0:2c:3a:57:29:68:
c0:77:cc:55:31:e3:56:74:ce:4d:68:7e:c2:19:30:
95:e0:e9:be:04:92:c8:81:44:dd:33:b1:36:d7:70:
02:64:df:5d:70:ff:ba:69:30:a8:6f:79:f5:86:8c:
4a:93:a6:60:93:11:cf:a0:d7:d9:1b:59:46:da:38:
37:7e:e2:9e:db:21:48:dd:c3:ce:9c:af:6f:9c:e4:
74:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8C:65:84:BD:66:CC:23:9E:9F:2D:D2:AF:B0:E5:0E:2A:8E:33:F0
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PYxlhL1mzCOeny3Sr7DlDiqOM_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5fc5::/32
2a13:bb45::/32
Signature Algorithm: sha256WithRSAEncryption
94:ad:20:00:fc:67:59:7e:f3:01:bc:f6:ca:92:5d:b5:01:da:
a4:a6:56:f4:1d:3a:ee:b4:c3:4c:75:de:b8:5a:97:b9:92:75:
81:ce:6c:5b:92:00:9c:be:7e:73:a2:79:9c:eb:99:ba:ca:e9:
ea:48:bb:ee:47:d2:8e:35:d8:71:53:b4:3c:7a:81:1c:85:3a:
46:3c:2e:ab:c6:e9:47:d6:50:23:8a:b8:3c:b1:07:de:52:b0:
37:cb:ba:e3:ea:f8:7e:61:67:d4:5d:b3:b8:ba:67:a8:f5:23:
30:da:31:3d:4b:47:cc:d0:cf:b8:3a:8c:64:e0:b9:ac:73:f3:
a3:c3:9f:2b:9d:a0:2e:d6:2a:c4:ba:e0:d0:d4:59:56:10:0a:
15:c8:e7:32:e9:5a:c4:68:b6:ed:0f:73:e5:ac:b8:9d:5e:2f:
6b:6f:35:45:83:bd:07:d9:83:7d:6a:89:a0:ec:a5:93:95:75:
01:d2:76:39:1a:74:57:e9:12:c3:20:7a:88:43:cc:80:38:73:
c5:97:e2:f1:fa:55:94:a7:89:aa:0e:ca:6e:c7:a0:c0:04:bb:
1f:07:8d:8a:3c:06:84:a3:29:c5:df:c2:0c:4f:04:78:f2:c4:
22:da:5d:9f:a9:14:a9:87:9c:43:c0:29:ac:64:3b:52:d5:23:
2b:f4:cf:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZcRJ+E9Lcg3uy0Fr2x+g+cPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI3MDk1MTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhjNjU4NGJkNjZjYzIzOWU5ZjJkZDJhZmIwZTUwZTJhOGUzM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo35WigynRFpT4tv5YHrJ148FPVPj
8+RYcgz+D+YvyJF9safWpigCGgfPI/nQyRp4wfv2CiKNJGCHr+HNtwOeQvYJrwKH
Rov38Of6q2m8M+dAQL5rIyU1ADgOYoB2WqMqNQf9u6OQcN7W42nV30hE/yasjce6
U4+Hrip2VrMNPDNldpWydNdC2+gUZk0NE5fyKxg9iUn+8VhgKQifCLup7TcX6wQc
L6TFfmWjuNfQLDpXKWjAd8xVMeNWdM5NaH7CGTCV4Om+BJLIgUTdM7E213ACZN9d
cP+6aTCob3n1hoxKk6ZgkxHPoNfZG1lG2jg3fuKe2yFI3cPOnK9vnOR0PQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD2MZYS9Zswjnp8t0q+w5Q4qjjPwMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUFl4bGhMMW16Q09lbnkzU3I3RGxEaXFPTV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgZfxQMF
ACoTu0UwDQYJKoZIhvcNAQELBQADggEBAJStIAD8Z1l+8wG89sqSXbUB2qSmVvQd
Ou60w0x13rhal7mSdYHObFuSAJy+fnOieZzrmbrK6epIu+5H0o412HFTtDx6gRyF
OkY8LqvG6UfWUCOKuDyxB95SsDfLuuPq+H5hZ9Rds7i6Z6j1IzDaMT1LR8zQz7g6
jGTguaxz86PDnyudoC7WKsS64NDUWVYQChXI5zLpWsRotu0Pc+WsuJ1eL2tvNUWD
vQfZg31qiaDspZOVdQHSdjkadFfpEsMgeohDzIA4c8WX4vH6VZSniaoOym7HoMAE
ux8HjYo8BoSjKcXfwgxPBHjyxCLaXZ+pFKmHnEPAKaxkO1LVIyv0z+M=
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:04:26 2025 by rpki-client