Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/4FFFuK1vxnuv7Op8bzoPTU3k-1A.roa
File: 4FFFuK1vxnuv7Op8bzoPTU3k-1A.roa (raw, json)
Hash identifier: STFNZsV6pUOT+BxcjZe8jeTbdMkK2ach6CnLHR/a/DQ=
Subject key identifier: E0:51:45:B8:AD:6F:C6:7B:AF:EC:EA:7C:6F:3A:0F:4D:4D:E4:FB:50
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01975DB9A9560DA998335C45D3F60F5A8D1F
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/4FFFuK1vxnuv7Op8bzoPTU3k-1A.roa
Signing time: Wed 11 Jun 2025 06:42:18 +0000
ROA not before: Wed 11 Jun 2025 06:42:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:b9c0::/32 maxlen: 32
2a0e:8843::/32 maxlen: 32
2a0f:c02::/32 maxlen: 32
2a0f:72c1::/32 maxlen: 32
2a0f:da85::/32 maxlen: 32
2a11:1846::/32 maxlen: 32
2a11:2d85::/32 maxlen: 32
2a11:2d86::/32 maxlen: 32
2a11:3f03::/32 maxlen: 32
2a11:3f04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:b9:a9:56:0d:a9:98:33:5c:45:d3:f6:0f:5a:8d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 11 06:42:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e05145b8ad6fc67bafecea7c6f3a0f4d4de4fb50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:50:c7:e6:b5:1f:9b:91:74:1d:be:45:9a:
68:50:49:e0:1e:3f:f5:1c:35:f7:b8:a1:82:76:06:
68:03:e5:8f:a4:e7:b4:0a:f9:d8:3f:79:59:e1:51:
04:a5:aa:ce:bb:76:29:15:e1:5f:60:d1:69:51:05:
81:a6:15:21:84:9e:80:af:5f:de:44:5f:5b:b1:84:
44:10:6c:df:59:b1:6b:bc:f5:d2:e9:86:6e:cc:9d:
57:82:2a:48:1d:c5:34:34:a4:f9:a7:d2:ba:8d:8d:
dd:39:cd:51:e4:a7:70:34:85:18:e6:f8:63:9e:09:
d0:55:ad:41:24:79:fc:71:ed:e9:7a:f7:56:24:f9:
a0:a1:86:29:b0:01:9c:9d:d1:b6:d1:a1:62:aa:00:
02:70:36:f8:93:f4:77:9f:77:77:ad:5f:76:31:f2:
e1:85:f4:91:f1:16:02:80:d3:8f:64:2d:70:f8:6f:
dd:01:d8:c6:8a:e4:c5:60:1c:63:14:9c:34:44:9c:
4d:08:b2:78:68:d2:67:57:ae:cf:45:92:08:d5:9b:
be:8e:99:a2:7a:7c:ab:7f:6d:11:0b:8b:81:ae:ab:
75:04:5d:a2:5c:e9:2a:de:33:d0:99:6c:b0:62:7c:
2b:c1:2d:e4:cf:f0:9d:84:1c:a0:49:89:bb:87:6b:
2a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:51:45:B8:AD:6F:C6:7B:AF:EC:EA:7C:6F:3A:0F:4D:4D:E4:FB:50
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/4FFFuK1vxnuv7Op8bzoPTU3k-1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c0::/32
2a0e:8843::/32
2a0f:c02::/32
2a0f:72c1::/32
2a0f:da85::/32
2a11:1846::/32
2a11:2d85::-2a11:2d86:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3f03::-2a11:3f04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:4a:c3:23:f4:96:32:59:eb:52:6f:06:de:e6:55:b4:cc:d3:
7c:7c:8b:13:3e:6d:4b:4a:65:16:f9:af:9b:d9:55:fc:4c:94:
6d:33:c9:fc:36:19:b2:36:ba:f3:c2:50:bb:2a:5a:ea:14:0e:
58:1a:d7:0d:51:11:8a:57:70:20:ed:fc:4c:14:28:1f:12:3a:
34:e5:bb:d6:07:68:e3:33:9b:f3:eb:e4:0e:25:e4:e7:8e:04:
8e:a4:c0:1d:50:57:b6:4d:3c:fb:7d:97:ce:46:91:76:9c:ba:
60:b4:7e:ab:d0:5b:b7:1c:58:6f:ba:8a:95:69:82:ca:de:31:
ae:d8:25:86:bc:2a:2c:a7:1e:7a:f3:19:92:ad:6e:4f:0d:5f:
9c:61:2c:e8:4c:f4:7e:52:61:df:12:19:a7:1a:66:9b:7a:0b:
36:13:f2:07:39:0f:5f:a5:05:5f:44:b5:5e:b2:fe:d2:7e:1d:
2f:41:2a:5e:ab:31:e5:7e:f5:4f:4f:c0:dd:4d:27:00:6d:76:
41:e3:91:97:67:cf:23:ed:8b:b8:1a:d0:32:df:90:11:55:f5:
41:30:e0:81:44:56:6a:63:ed:e5:cf:a1:15:51:8e:44:57:95:
80:cc:1e:50:a6:4c:56:74:05:01:31:dc:e2:a7:5f:5c:1f:a3:
6c:9e:46:16
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZddualWDamYM1xF0/YPWo0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjExMDY0MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUxNDViOGFkNmZjNjdiYWZlY2VhN2M2ZjNhMGY0ZDRkZTRmYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPBQx+a1H5uRdB2+RZpoUEngHj/1
HDX3uKGCdgZoA+WPpOe0CvnYP3lZ4VEEparOu3YpFeFfYNFpUQWBphUhhJ6Ar1/e
RF9bsYREEGzfWbFrvPXS6YZuzJ1XgipIHcU0NKT5p9K6jY3dOc1R5KdwNIUY5vhj
ngnQVa1BJHn8ce3pevdWJPmgoYYpsAGcndG20aFiqgACcDb4k/R3n3d3rV92MfLh
hfSR8RYCgNOPZC1w+G/dAdjGiuTFYBxjFJw0RJxNCLJ4aNJnV67PRZII1Zu+jpmi
enyrf20RC4uBrqt1BF2iXOkq3jPQmWywYnwrwS3kz/CdhBygSYm7h2sq8QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFOBRRbitb8Z7r+zqfG86D01N5PtQMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvNEZGRnVLMXZ4bnV2N09wOGJ6b1BUVTNrLTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAAjBKAwUAKg25wAMF
ACoOiEMDBQAqDwwCAwUAKg9ywQMFACoP2oUDBQAqERhGMA4DBQAqES2FAwUAKhEt
hjAOAwUAKhE/AwMFACoRPwQwDQYJKoZIhvcNAQELBQADggEBABRKwyP0ljJZ61Jv
Bt7mVbTM03x8ixM+bUtKZRb5r5vZVfxMlG0zyfw2GbI2uvPCULsqWuoUDlga1w1R
EYpXcCDt/EwUKB8SOjTlu9YHaOMzm/Pr5A4l5OeOBI6kwB1QV7ZNPPt9l85GkXac
umC0fqvQW7ccWG+6ipVpgsreMa7YJYa8KiynHnrzGZKtbk8NX5xhLOhM9H5SYd8S
GacaZpt6CzYT8gc5D1+lBV9EtV6y/tJ+HS9BKl6rMeV+9U9PwN1NJwBtdkHjkZdn
zyPti7ga0DLfkBFV9UEw4IFEVmpj7eXPoRVRjkRXlYDMHlCmTFZ0BQEx3OKnX1wf
o2yeRhY=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:08:49 2025 by rpki-client