
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3UR8XHbsV8Pm03Lo4hB35khcmbM.roa
File: 3UR8XHbsV8Pm03Lo4hB35khcmbM.roa (raw, json)
Hash identifier: 7lUoNSn0J3BLmdcIy64MIpoDheo/ztHh9bQURUOLEJo=
Subject key identifier: DD:44:7C:5C:76:EC:57:C3:E6:D3:72:E8:E2:10:77:E6:48:5C:99:B3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0198656409404771DA432DE28D7E9C79B3BE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3UR8XHbsV8Pm03Lo4hB35khcmbM.roa
Signing time: Fri 01 Aug 2025 11:28:31 +0000
ROA not before: Fri 01 Aug 2025 11:28:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215738
IP address blocks: 2a06:de00:700::/44 maxlen: 48
2a06:de00:7f1::/48 maxlen: 48
2a0e:97c0:4c1::/48 maxlen: 48
2a0e:97c0:4c2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 17:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:64:09:40:47:71:da:43:2d:e2:8d:7e:9c:79:b3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 1 11:28:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd447c5c76ec57c3e6d372e8e21077e6485c99b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:88:80:5b:6e:ba:5f:28:76:f6:45:aa:fe:
f5:da:43:27:14:a3:04:7e:87:3c:37:d8:c4:66:bc:
37:48:14:ee:d6:e3:85:56:f1:45:f8:ac:7a:d5:65:
4a:99:be:5f:1d:72:c2:71:e8:c0:eb:e5:0c:aa:46:
67:1a:32:b7:36:28:bb:1f:ff:fe:01:21:18:a0:ac:
b9:f7:36:2a:08:63:76:7e:42:e9:8f:be:21:8d:e0:
4b:55:05:40:ac:b9:5a:c9:38:23:0c:20:19:b7:43:
36:00:d8:ed:94:a7:44:b2:f2:1b:3f:54:2a:6c:10:
4b:c8:f0:37:04:99:59:4c:80:41:d3:8b:cd:28:2e:
aa:46:94:4a:33:1a:a7:53:d1:0a:41:78:d8:9d:e1:
e4:64:ab:13:e0:ce:fe:2f:10:77:e7:08:2f:dc:74:
0b:69:99:ff:8d:c7:78:c4:d8:ac:7c:49:77:e3:bc:
d5:33:9d:c2:c9:aa:75:dd:00:c8:d2:80:1c:98:c1:
0d:c6:6e:dd:e0:cf:fe:71:5f:9c:ed:f2:fd:6f:54:
59:2b:05:6b:76:d8:a5:cb:c0:aa:74:9a:91:a6:ea:
22:86:70:62:7a:88:a1:91:55:51:4f:6c:74:ac:1a:
ef:83:47:4e:db:49:89:70:16:76:7e:bd:35:2c:0d:
52:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:44:7C:5C:76:EC:57:C3:E6:D3:72:E8:E2:10:77:E6:48:5C:99:B3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3UR8XHbsV8Pm03Lo4hB35khcmbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:700::/44
2a06:de00:7f1::/48
2a0e:97c0:4c1::-2a0e:97c0:4c2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:0d:14:67:bb:4e:0c:8d:51:f6:3d:5e:e1:f3:f2:f6:29:ee:
e4:e3:98:1e:2f:93:9a:f7:bb:34:af:8e:c4:77:92:cc:d9:c4:
1b:b4:45:2d:aa:9f:a4:c2:7c:0e:47:2f:5e:f8:5e:cd:9f:bc:
a7:1c:76:07:fd:66:78:94:18:38:e6:36:08:4f:37:62:d1:94:
40:02:8b:d0:c5:72:6d:a2:78:03:5b:53:a3:a2:20:da:45:85:
d0:bb:35:ba:a0:f2:32:3a:33:44:21:3e:41:3c:98:e2:0a:98:
00:fc:9a:45:92:6c:60:64:9e:55:7a:65:7c:a2:cb:c0:43:05:
93:94:8e:ff:e8:b6:fc:0f:36:a9:3f:62:3a:64:42:b9:2a:67:
c9:1b:62:47:8f:30:7b:c3:3d:a0:cb:82:aa:8b:65:c2:37:ec:
16:6e:61:58:29:ae:0d:bd:85:2b:c8:1f:b9:0d:fd:a8:6a:49:
c5:d0:b5:77:61:80:55:fb:4d:a2:f5:90:c6:38:ff:e9:87:03:
9b:bf:74:4e:ef:55:e1:a9:a7:dd:58:15:df:4b:96:7e:bc:b6:
af:3c:84:a1:fe:73:58:de:99:ae:f0:cb:49:8a:84:74:fa:b2:
1c:79:1e:a9:06:bd:6e:0d:99:48:6e:5b:94:15:9f:0a:d9:89:
ef:c3:c3:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhlZAlAR3HaQy3ijX6cebO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwODAxMTEyODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ0N2M1Yzc2ZWM1N2MzZTZkMzcyZThlMjEwNzdlNjQ4NWM5OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTuIgFtuul8odvZFqv712kMnFKME
foc8N9jEZrw3SBTu1uOFVvFF+Kx61WVKmb5fHXLCcejA6+UMqkZnGjK3Nii7H//+
ASEYoKy59zYqCGN2fkLpj74hjeBLVQVArLlayTgjDCAZt0M2ANjtlKdEsvIbP1Qq
bBBLyPA3BJlZTIBB04vNKC6qRpRKMxqnU9EKQXjYneHkZKsT4M7+LxB35wgv3HQL
aZn/jcd4xNisfEl347zVM53Cyap13QDI0oAcmMENxm7d4M/+cV+c7fL9b1RZKwVr
dtily8CqdJqRpuoihnBieoihkVVRT2x0rBrvg0dO20mJcBZ2fr01LA1SxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN1EfFx27FfD5tNy6OIQd+ZIXJmzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM1VSOFhIYnNWOFBtMDNMbzRoQjM1a2hjbWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcEKgbeAAcA
AwcAKgbeAAfxMBIDBwAqDpfABMEDBwAqDpfABMIwDQYJKoZIhvcNAQELBQADggEB
AJ4NFGe7TgyNUfY9XuHz8vYp7uTjmB4vk5r3uzSvjsR3kszZxBu0RS2qn6TCfA5H
L174Xs2fvKccdgf9ZniUGDjmNghPN2LRlEACi9DFcm2ieANbU6OiINpFhdC7Nbqg
8jI6M0QhPkE8mOIKmAD8mkWSbGBknlV6ZXyiy8BDBZOUjv/otvwPNqk/YjpkQrkq
Z8kbYkePMHvDPaDLgqqLZcI37BZuYVgprg29hSvIH7kN/ahqScXQtXdhgFX7TaL1
kMY4/+mHA5u/dE7vVeGpp91YFd9Lln68tq88hKH+c1jema7wy0mKhHT6shx5HqkG
vW4NmUhuW5QVnwrZie/Dwzw=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:43 2025 by rpki-client