Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/N9fOGveXKnDBnMyZelua1okh-lk.roa
File: N9fOGveXKnDBnMyZelua1okh-lk.roa (raw, json)
Hash identifier: /CS+ErzjXmiDIQCbsNiLlCoDuDUD+atwXZvVIWH1usE=
Subject key identifier: 37:D7:CE:1A:F7:97:2A:70:C1:9C:CC:99:7A:5B:9A:D6:89:21:FA:59
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01975DBD51CDA0C735B9DB0AD8B1F2FA5971
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/N9fOGveXKnDBnMyZelua1okh-lk.roa
Signing time: Wed 11 Jun 2025 06:46:17 +0000
ROA not before: Wed 11 Jun 2025 06:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:b9c3::/32 maxlen: 32
2a0e:8840::/32 maxlen: 32
2a0e:8846::/32 maxlen: 32
2a0f:c06::/32 maxlen: 32
2a0f:c07::/32 maxlen: 32
2a0f:72c2::/32 maxlen: 32
2a0f:72c5::/32 maxlen: 32
2a0f:da80::/32 maxlen: 32
2a0f:da87::/32 maxlen: 32
2a11:1840::/32 maxlen: 32
2a11:1841::/32 maxlen: 32
2a11:2d81::/32 maxlen: 32
2a11:2d87::/32 maxlen: 32
2a11:3f00::/32 maxlen: 32
2a11:3f01::/32 maxlen: 32
2a11:41c2::/32 maxlen: 32
2a11:41c4::/32 maxlen: 32
2a11:41c6::/32 maxlen: 32
2a12:cc00::/32 maxlen: 32
2a12:cc07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:bd:51:cd:a0:c7:35:b9:db:0a:d8:b1:f2:fa:59:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 11 06:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37d7ce1af7972a70c19ccc997a5b9ad68921fa59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:3c:0d:64:3a:35:b5:6c:14:7c:d5:ca:f3:
24:a0:63:73:99:5f:10:2a:b7:9b:0d:18:8a:9c:73:
5b:d7:f9:9d:eb:36:e1:ad:4b:c5:33:cd:75:bb:2a:
e2:ef:cd:7e:fb:b3:9d:f4:05:fa:ae:22:b0:0a:8c:
2e:a9:21:59:c3:66:63:02:6d:6f:36:b2:9c:71:5a:
46:57:df:31:cb:f1:bb:f4:c7:d6:3b:8e:d3:49:4b:
b1:c0:b3:74:f8:34:e6:e4:3a:48:8b:9f:05:ee:3f:
68:94:e8:34:ea:f3:4c:05:e5:25:6a:89:f4:54:c4:
3e:f1:9a:b8:e8:cf:a5:19:4f:da:26:26:3d:dd:0e:
1d:8d:2a:a6:e3:be:39:60:3e:3f:63:35:37:3f:ce:
86:69:16:a1:1c:1e:12:a7:da:f1:24:db:aa:a1:13:
1b:d3:28:9a:55:28:b3:ff:79:05:f1:aa:35:a6:3d:
84:f7:b3:83:c7:8e:d3:38:fc:8a:83:0b:68:4d:17:
b8:20:83:74:fa:91:d2:16:e4:55:fe:66:24:30:67:
53:a9:24:db:43:95:dc:26:3c:63:d3:44:cf:83:6e:
81:f2:c0:89:6e:c1:ba:c1:bb:e1:18:55:ef:45:5b:
d1:cd:63:5f:b6:82:43:39:27:5c:ff:b8:4f:95:de:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D7:CE:1A:F7:97:2A:70:C1:9C:CC:99:7A:5B:9A:D6:89:21:FA:59
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/N9fOGveXKnDBnMyZelua1okh-lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c3::/32
2a0e:8840::/32
2a0e:8846::/32
2a0f:c06::/31
2a0f:72c2::/32
2a0f:72c5::/32
2a0f:da80::/32
2a0f:da87::/32
2a11:1840::/31
2a11:2d81::/32
2a11:2d87::/32
2a11:3f00::/31
2a11:41c2::/32
2a11:41c4::/32
2a11:41c6::/32
2a12:cc00::/32
2a12:cc07::/32
Signature Algorithm: sha256WithRSAEncryption
04:8a:87:b1:4d:a4:58:a0:3c:6a:94:cc:e9:16:0f:31:97:d0:
4b:d6:b8:fa:0d:75:13:d4:16:d1:41:34:1e:1c:f0:3c:57:c5:
10:ce:7a:5f:e5:25:38:1b:5c:d1:fb:53:57:0c:80:44:c4:19:
51:da:70:f8:b6:bc:dc:db:33:0e:4a:ee:47:f3:ff:aa:10:97:
02:1b:60:1e:65:96:cc:e2:da:7c:ba:f1:5f:7c:1a:06:5b:22:
95:38:e3:93:41:5e:25:fd:36:be:64:af:d9:9c:e0:37:d1:80:
06:82:b6:af:9f:f0:2c:58:9e:67:ad:d4:ba:7f:5e:57:e6:90:
cf:70:85:b8:45:2b:0b:88:3c:38:a6:97:e9:f8:5b:7f:7c:81:
ac:29:4d:d0:73:86:ab:5d:d0:2d:68:94:12:96:96:9e:e0:8f:
2c:c4:7b:4b:21:1e:cb:00:09:3a:14:2a:d3:d3:af:41:f1:48:
cc:01:34:7f:ee:8b:4e:82:51:24:ee:39:0a:6c:ea:92:a4:a5:
9a:19:75:24:1d:6d:b1:2e:1f:28:ec:7c:d7:0a:57:a8:b5:d8:
67:74:b4:9d:a9:f8:c1:79:d1:fb:51:44:8e:d1:56:50:c1:57:
40:de:86:3c:e6:b6:b6:b9:6f:75:c3:21:08:57:e5:98:c4:8f:
30:19:8d:e7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZddvVHNoMc1udsK2LHy+llxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjExMDY0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q3Y2UxYWY3OTcyYTcwYzE5Y2NjOTk3YTViOWFkNjg5MjFmYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjc8DWQ6NbVsFHzVyvMkoGNzmV8Q
KrebDRiKnHNb1/md6zbhrUvFM811uyri781++7Od9AX6riKwCowuqSFZw2ZjAm1v
NrKccVpGV98xy/G79MfWO47TSUuxwLN0+DTm5DpIi58F7j9olOg06vNMBeUlaon0
VMQ+8Zq46M+lGU/aJiY93Q4djSqm4745YD4/YzU3P86GaRahHB4Sp9rxJNuqoRMb
0yiaVSiz/3kF8ao1pj2E97ODx47TOPyKgwtoTRe4IIN0+pHSFuRV/mYkMGdTqSTb
Q5XcJjxj00TPg26B8sCJbsG6wbvhGFXvRVvRzWNftoJDOSdc/7hPld6VbQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFDfXzhr3lypwwZzMmXpbmtaJIfpZMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvTjlmT0d2ZVhLbkRCbk15WmVsdWExb2toLWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MH0EAgACMHcDBQAqDbnD
AwUAKg6IQAMFACoOiEYDBQEqDwwGAwUAKg9ywgMFACoPcsUDBQAqD9qAAwUAKg/a
hwMFASoRGEADBQAqES2BAwUAKhEthwMFASoRPwADBQAqEUHCAwUAKhFBxAMFACoR
QcYDBQAqEswAAwUAKhLMBzANBgkqhkiG9w0BAQsFAAOCAQEABIqHsU2kWKA8apTM
6RYPMZfQS9a4+g11E9QW0UE0HhzwPFfFEM56X+UlOBtc0ftTVwyARMQZUdpw+La8
3NszDkruR/P/qhCXAhtgHmWWzOLafLrxX3waBlsilTjjk0FeJf02vmSv2ZzgN9GA
BoK2r5/wLFieZ63Uun9eV+aQz3CFuEUrC4g8OKaX6fhbf3yBrClN0HOGq13QLWiU
EpaWnuCPLMR7SyEeywAJOhQq09OvQfFIzAE0f+6LToJRJO45CmzqkqSlmhl1JB1t
sS4fKOx81wpXqLXYZ3S0nan4wXnR+1FEjtFWUMFXQN6GPOa2trlvdcMhCFflmMSP
MBmN5w==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:55:42 2025 by rpki-client