Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/XBBsm39ksxX-l5FRhEL1oUvoFKQ.roa
File: XBBsm39ksxX-l5FRhEL1oUvoFKQ.roa (raw, json)
Hash identifier: u+LuoKr/6m9D0pQVXC90zrBBdKewZ/7ecI3OhXOdlF8=
Subject key identifier: 5C:10:6C:9B:7F:64:B3:15:FE:97:91:51:84:42:F5:A1:4B:E8:14:A4
Certificate issuer: /CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Certificate serial: 0197267B28E675A48081F943A33116AF911A
Authority key identifier: 6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/XBBsm39ksxX-l5FRhEL1oUvoFKQ.roa
Signing time: Sat 31 May 2025 13:14:54 +0000
ROA not before: Sat 31 May 2025 13:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214466
IP address blocks: 2a14:9400::/29 maxlen: 29
2a14:9400:230::/48 maxlen: 48
2a14:9400:1337::/48 maxlen: 48
2a14:9400:2000::/36 maxlen: 36
2a14:9400:3000::/36 maxlen: 36
2a14:9400:4000::/36 maxlen: 36
2a14:9400:5000::/36 maxlen: 36
2a14:9400:6000::/36 maxlen: 36
2a14:9400:7000::/36 maxlen: 36
2a14:9400:8000::/36 maxlen: 36
2a14:9400:9000::/36 maxlen: 36
2a14:9400:a000::/36 maxlen: 36
2a14:9400:b000::/36 maxlen: 36
2a14:9400:c000::/36 maxlen: 36
2a14:9400:d000::/36 maxlen: 36
2a14:9400:e000::/36 maxlen: 36
2a14:9400:f000::/36 maxlen: 36
2a14:9401::/36 maxlen: 36
2a14:9401:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 16:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:26:7b:28:e6:75:a4:80:81:f9:43:a3:31:16:af:91:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Validity
Not Before: May 31 13:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c106c9b7f64b315fe9791518442f5a14be814a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ad:ca:41:dd:50:7a:7f:94:65:66:d1:f6:7a:
d1:8f:ea:52:25:3a:9e:af:a0:1a:16:c3:5e:61:fd:
2e:a7:67:07:c2:3f:e5:57:68:60:70:22:42:83:5c:
b8:19:bc:bf:05:77:78:b8:9e:7f:06:cf:90:b6:3a:
7c:7e:86:4d:11:58:b5:7f:03:61:51:d0:f5:e0:e9:
ff:e9:f8:bc:2c:00:5f:39:11:f3:91:b9:d3:af:d9:
53:7f:39:94:8b:97:0a:8b:bc:3b:fc:b5:d8:1c:3d:
38:ed:cf:c7:13:5c:01:59:99:e7:41:c9:25:f2:17:
be:74:97:02:c2:0c:b3:8f:e4:3e:c1:a3:6c:84:f2:
71:61:98:10:7e:57:95:ae:78:d4:11:86:46:97:6c:
ac:b1:c6:01:bd:fd:60:85:aa:46:59:80:c1:e8:f0:
11:a9:69:99:9d:ea:b8:12:b6:1a:b6:33:e5:69:5b:
fa:38:7a:98:98:b1:03:1d:b8:23:cd:ef:f1:b2:5c:
f9:f8:90:6f:ac:f6:b9:b1:4c:31:da:ab:71:b7:f4:
b6:93:5f:3d:a2:28:9e:67:30:7f:09:46:e7:9f:f2:
42:e7:a1:be:fd:d8:91:08:e3:cc:80:b0:bb:ac:7d:
0f:2e:58:04:71:8c:1b:bb:1d:9b:c7:a2:9b:3a:2e:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:10:6C:9B:7F:64:B3:15:FE:97:91:51:84:42:F5:A1:4B:E8:14:A4
X509v3 Authority Key Identifier:
keyid:6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/XBBsm39ksxX-l5FRhEL1oUvoFKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9400::/29
Signature Algorithm: sha256WithRSAEncryption
38:4d:da:e8:b3:d4:f7:4a:05:71:db:6c:ea:39:a1:2c:6f:1c:
3b:db:9d:c1:a1:77:55:f1:51:b9:a3:c2:e5:dd:ce:4b:85:1e:
25:32:ac:cc:01:14:ff:da:83:eb:26:20:56:d8:ea:7c:1c:10:
a8:85:7b:f1:0d:e4:57:b1:86:1f:09:9d:7e:b5:ec:22:62:3b:
2c:2d:2b:ee:9d:c8:fd:ab:14:e5:80:74:29:75:4f:c9:ea:56:
e7:26:60:08:ce:e8:40:ab:31:10:8a:00:97:e3:3c:a4:ec:50:
dd:69:d6:96:2e:23:eb:0b:93:84:36:e0:e6:f3:5f:94:da:56:
62:06:5a:53:a5:1e:f5:d1:a5:01:1e:45:a0:40:b4:73:5b:00:
98:c0:ce:8d:a0:96:34:bc:a0:c2:28:a5:41:b9:75:c8:2e:b8:
df:ad:0b:5e:43:93:e0:44:b5:e6:15:6c:08:5f:f7:72:eb:4c:
c8:a2:d0:85:39:d6:d1:01:f5:23:ab:b0:2b:51:52:94:92:7d:
2a:5d:0e:ee:46:2a:e2:4e:f0:0e:31:2a:0a:41:0e:d8:96:7e:
3d:2d:44:bb:03:be:66:24:72:2e:55:c0:b9:6b:cd:71:c2:58:
73:d8:f4:47:2b:a5:0b:99:82:04:16:f4:14:01:50:97:14:1f:
2f:e4:be:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcmeyjmdaSAgflDozEWr5EaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTY0YTY0N2JkMmE1NTU3ZjcwZjY3NmFkY2M3NjkwNGZi
ODcyYWIwHhcNMjUwNTMxMTMxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEwNmM5YjdmNjRiMzE1ZmU5NzkxNTE4NDQyZjVhMTRiZTgxNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy63KQd1Qen+UZWbR9nrRj+pSJTqe
r6AaFsNeYf0up2cHwj/lV2hgcCJCg1y4Gby/BXd4uJ5/Bs+Qtjp8foZNEVi1fwNh
UdD14On/6fi8LABfORHzkbnTr9lTfzmUi5cKi7w7/LXYHD047c/HE1wBWZnnQckl
8he+dJcCwgyzj+Q+waNshPJxYZgQfleVrnjUEYZGl2ysscYBvf1ghapGWYDB6PAR
qWmZneq4ErYatjPlaVv6OHqYmLEDHbgjze/xslz5+JBvrPa5sUwx2qtxt/S2k189
oiieZzB/CUbnn/JC56G+/diRCOPMgLC7rH0PLlgEcYwbux2bx6KbOi4aQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFwQbJt/ZLMV/peRUYRC9aFL6BSkMB8GA1UdIwQY
MBaAFG+mSmR70qVVf3D2dq3MdpBPuHKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQt
ZTkxYjNhYmQxZmU4LzEvWEJCc20zOWtzeFgtbDVGUmhFTDFvVXZvRktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQtZTkxYjNhYmQxZmU4
LzEvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSUADAN
BgkqhkiG9w0BAQsFAAOCAQEAOE3a6LPU90oFcdts6jmhLG8cO9udwaF3VfFRuaPC
5d3OS4UeJTKszAEU/9qD6yYgVtjqfBwQqIV78Q3kV7GGHwmdfrXsImI7LC0r7p3I
/asU5YB0KXVPyepW5yZgCM7oQKsxEIoAl+M8pOxQ3WnWli4j6wuThDbg5vNflNpW
YgZaU6Ue9dGlAR5FoEC0c1sAmMDOjaCWNLygwiilQbl1yC64360LXkOT4ES15hVs
CF/3cutMyKLQhTnW0QH1I6uwK1FSlJJ9Kl0O7kYq4k7wDjEqCkEO2JZ+PS1EuwO+
ZiRyLlXAuWvNccJYc9j0RyulC5mCBBb0FAFQlxQfL+S+Bg==
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:31:27 2025 by rpki-client