Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/du9Q9bL5BOWedJK9qhvdrfuTC6E.roa
File: du9Q9bL5BOWedJK9qhvdrfuTC6E.roa (raw, json)
Hash identifier: yMHVcCfWCQ3tfd7XRi0bmpwcyLFeWTkztgI3BA0HK6Y=
Subject key identifier: 76:EF:50:F5:B2:F9:04:E5:9E:74:92:BD:AA:1B:DD:AD:FB:93:0B:A1
Certificate issuer: /CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07
Certificate serial: 019760F71FF194F8B5FD41B6DB0978937037
Authority key identifier: AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/du9Q9bL5BOWedJK9qhvdrfuTC6E.roa
Signing time: Wed 11 Jun 2025 21:48:17 +0000
ROA not before: Wed 11 Jun 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399486
IP address blocks: 2001:67c:26c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.mft
rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:f7:1f:f1:94:f8:b5:fd:41:b6:db:09:78:93:70:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07
Validity
Not Before: Jun 11 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76ef50f5b2f904e59e7492bdaa1bddadfb930ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b3:a5:b7:72:ab:1c:a4:39:84:a9:fd:09:40:
7b:37:9c:5f:ed:b7:f2:41:01:23:3d:81:c9:19:7d:
6b:38:b6:d5:46:72:9a:0e:9c:31:3c:9b:dd:9b:20:
57:1b:a4:e3:14:0c:74:57:a7:be:56:bb:17:0e:da:
3e:87:12:ba:a9:93:29:75:25:01:8c:bc:6d:18:29:
ab:54:49:74:a4:84:a7:c2:c5:55:bb:81:f3:1d:fd:
53:3f:fc:cf:dc:c1:f8:bb:0b:81:19:d7:ce:35:08:
8a:8a:ef:44:31:b3:cb:a9:a9:e8:1e:8f:6f:ac:8d:
bf:ae:cf:ef:8e:ac:92:d5:97:09:ac:11:48:a5:d8:
03:69:92:e6:e3:9e:19:b0:5c:bb:eb:82:b8:cf:04:
62:ec:00:31:7d:d5:8b:11:d7:94:a7:8a:e8:99:02:
82:23:0c:28:77:ee:3f:31:c9:28:f3:f4:39:a3:9d:
9d:1f:fb:c3:26:92:33:5e:02:c6:78:cb:32:09:6a:
10:b3:62:21:fa:89:82:39:2d:6f:2b:f4:b2:de:2f:
c2:a7:36:d2:1a:1c:8d:82:ed:1b:a3:d7:cc:9d:d9:
67:c5:a4:7b:f2:42:e9:e9:50:84:c7:32:c4:32:05:
72:d0:c2:c9:f0:e8:ef:b1:a1:31:31:67:41:76:f5:
31:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:50:F5:B2:F9:04:E5:9E:74:92:BD:AA:1B:DD:AD:FB:93:0B:A1
X509v3 Authority Key Identifier:
keyid:AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/du9Q9bL5BOWedJK9qhvdrfuTC6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:26c0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:5a:6f:07:53:01:fb:e9:3d:f8:83:75:5e:74:8c:b7:20:41:
4f:31:fd:ca:27:ce:db:53:d3:87:c0:19:cb:35:7f:45:13:b3:
75:cb:a4:dc:71:78:cf:cb:42:54:97:92:21:6e:54:82:0b:24:
49:eb:1e:2e:df:e3:f5:90:f6:7c:bc:17:83:91:9e:2d:0c:bd:
cf:67:7d:fb:5d:3e:e1:28:02:eb:63:61:33:f8:39:0b:9d:4d:
65:24:a6:83:a4:88:22:67:94:d7:42:c6:83:7e:1c:70:d2:5d:
2b:04:56:e5:d0:6b:6a:5d:c4:1b:ff:f1:48:59:4e:6f:e1:68:
29:ca:82:85:1f:6f:89:41:22:19:54:61:02:01:ca:23:fa:ce:
ca:5a:05:8b:68:6c:4b:a2:24:95:4f:81:ff:9a:4d:e5:5f:b6:
4e:d1:cb:ac:5c:d8:d3:3d:51:ad:33:05:04:83:c4:b6:75:1e:
6c:d2:a7:25:27:1d:4c:5d:9e:1d:e2:5c:a6:14:14:32:39:a8:
8f:57:31:0a:ce:bd:b9:7d:0e:a9:32:ac:d0:04:ce:ba:54:32:
d6:e1:67:f6:79:6e:3c:15:89:14:9e:1f:0f:6e:7a:c1:a5:47:
2d:86:11:a4:97:2e:ad:4b:f5:9e:b9:9d:81:a9:0f:16:e3:59:
79:64:c5:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZdg9x/xlPi1/UG22wl4k3A3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2JmZDQyMGRiNWNhZWJhZGExYTIwNTVkODdiYzdkYTJi
MDljMDcwHhcNMjUwNjExMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVmNTBmNWIyZjkwNGU1OWU3NDkyYmRhYTFiZGRhZGZiOTMwYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrOlt3KrHKQ5hKn9CUB7N5xf7bfy
QQEjPYHJGX1rOLbVRnKaDpwxPJvdmyBXG6TjFAx0V6e+VrsXDto+hxK6qZMpdSUB
jLxtGCmrVEl0pISnwsVVu4HzHf1TP/zP3MH4uwuBGdfONQiKiu9EMbPLqanoHo9v
rI2/rs/vjqyS1ZcJrBFIpdgDaZLm454ZsFy764K4zwRi7AAxfdWLEdeUp4romQKC
Iwwod+4/Mcko8/Q5o52dH/vDJpIzXgLGeMsyCWoQs2Ih+omCOS1vK/Sy3i/CpzbS
GhyNgu0bo9fMndlnxaR78kLp6VCExzLEMgVy0MLJ8OjvsaExMWdBdvUxywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHbvUPWy+QTlnnSSvaob3a37kwuhMB8GA1UdIwQY
MBaAFKp7/UINtcrrraGiBV2HvH2isJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2Mt
NzliNDA5YzFiZDM4LzEvZHU5UTliTDVCT1dlZEpLOXFodmRyZnVUQzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2MtNzliNDA5YzFiZDM4
LzEvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCbA
MA0GCSqGSIb3DQEBCwUAA4IBAQANWm8HUwH76T34g3VedIy3IEFPMf3KJ87bU9OH
wBnLNX9FE7N1y6TccXjPy0JUl5IhblSCCyRJ6x4u3+P1kPZ8vBeDkZ4tDL3PZ337
XT7hKALrY2Ez+DkLnU1lJKaDpIgiZ5TXQsaDfhxw0l0rBFbl0GtqXcQb//FIWU5v
4WgpyoKFH2+JQSIZVGECAcoj+s7KWgWLaGxLoiSVT4H/mk3lX7ZO0cusXNjTPVGt
MwUEg8S2dR5s0qclJx1MXZ4d4lymFBQyOaiPVzEKzr25fQ6pMqzQBM66VDLW4Wf2
eW48FYkUnh8PbnrBpUcthhGkly6tS/WeuZ2BqQ8W41l5ZMVY
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:09:18 2025 by rpki-client