
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Khdam5ye6nHBc4YW_yrjL25Chls.roa
File: Khdam5ye6nHBc4YW_yrjL25Chls.roa (raw, json)
Hash identifier: zu0nJg15zErx3dxZklgiK5ZzU5CwLzliF0MMLUaHiLs=
Subject key identifier: 2A:17:5A:9B:9C:9E:EA:71:C1:73:86:16:FF:2A:E3:2F:6E:42:86:5B
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01985A6DE86E9DE8CDD2E5F8EA682F2EAA92
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Khdam5ye6nHBc4YW_yrjL25Chls.roa
Signing time: Wed 30 Jul 2025 08:23:29 +0000
ROA not before: Wed 30 Jul 2025 08:23:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207808
IP address blocks: 2a00:7180:8008::/46 maxlen: 46
2a04:800:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:6d:e8:6e:9d:e8:cd:d2:e5:f8:ea:68:2f:2e:aa:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 30 08:23:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a175a9b9c9eea71c1738616ff2ae32f6e42865b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:70:96:b9:83:a3:ab:64:b7:de:ac:17:85:ec:
7f:e4:3b:71:41:10:f1:f9:cb:2a:ed:5f:dc:27:b1:
ff:9f:58:94:35:90:3c:e8:8e:27:93:da:1e:b6:ca:
68:26:22:ca:07:f3:04:06:72:31:a5:43:52:9c:f3:
42:0a:db:37:6a:6c:a9:41:58:59:17:25:74:8a:de:
3f:ee:9b:1d:8b:79:2e:70:a0:67:64:28:f7:4d:5d:
b6:cd:80:06:f3:3a:14:b8:18:fc:e6:ff:8e:4d:21:
7e:a8:29:90:73:be:97:e5:b6:fa:9c:77:5a:18:2c:
b1:84:5a:6b:de:c8:3f:3a:b3:a1:e3:f3:1d:14:1c:
59:1b:67:8e:fb:11:2f:99:66:91:54:f7:f9:41:43:
dd:51:81:d7:57:03:42:96:0f:f3:f7:d1:18:66:64:
d7:fb:25:05:da:2e:9f:98:56:9e:75:f4:eb:eb:57:
3d:22:88:bf:3f:a4:a8:eb:c9:ea:d1:91:fa:94:c1:
9b:f5:26:30:ed:4a:c5:f0:8a:cb:49:33:29:b0:4b:
0e:e5:ac:0b:c4:81:75:38:6e:ae:b8:9d:5c:d5:a2:
21:ad:fc:27:dd:43:7d:bb:f3:49:44:a0:9a:18:af:
5a:06:11:bb:7c:68:0a:98:20:5d:b6:72:61:c0:d7:
ad:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:17:5A:9B:9C:9E:EA:71:C1:73:86:16:FF:2A:E3:2F:6E:42:86:5B
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Khdam5ye6nHBc4YW_yrjL25Chls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:7180:8008::/46
2a04:800:2000::/36
Signature Algorithm: sha256WithRSAEncryption
46:ce:b1:fb:91:8a:8f:63:74:cf:f6:33:76:0b:3e:2b:30:78:
47:d9:7d:9e:f9:5d:e7:e6:f7:95:cb:2d:3c:82:d2:cc:77:2c:
43:ab:a9:5d:73:9a:c6:85:27:4d:94:44:b6:23:7e:ea:ab:09:
d0:30:4e:c6:b7:91:d3:8a:d3:b3:40:e7:b0:87:2b:cc:cd:da:
53:89:bd:09:d5:5f:2b:11:74:01:15:ae:c4:05:82:45:87:fb:
a3:85:da:a4:0c:5c:6e:6e:a2:3e:c7:7b:34:4a:7e:e7:64:1e:
23:b6:8c:0c:9e:97:7b:5c:ac:75:8e:02:40:73:cc:36:7b:ea:
bd:8a:6d:fb:e9:21:51:7c:65:39:89:ae:e5:be:5d:40:90:5f:
ea:9c:00:8f:ef:82:84:b7:cb:a4:76:71:7c:f0:75:51:40:da:
12:a3:61:87:44:77:b2:aa:57:26:27:58:76:12:40:de:b4:ab:
d3:76:54:ac:f8:14:3d:e6:d1:7f:57:56:24:5d:83:6a:e8:a6:
7e:a2:57:55:16:25:e9:03:38:95:18:9e:44:45:7d:45:bf:30:
d2:6e:83:32:f8:b1:50:16:c8:30:c6:d3:f6:6d:e1:29:56:36:
2e:6d:d1:a4:44:50:b6:1c:69:5e:85:07:ce:81:78:a7:5f:52:
00:9a:56:83
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZhabehunejN0uX46mgvLqqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwNzMwMDgyMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE3NWE5YjljOWVlYTcxYzE3Mzg2MTZmZjJhZTMyZjZlNDI4NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHCWuYOjq2S33qwXhex/5DtxQRDx
+csq7V/cJ7H/n1iUNZA86I4nk9oetspoJiLKB/MEBnIxpUNSnPNCCts3amypQVhZ
FyV0it4/7psdi3kucKBnZCj3TV22zYAG8zoUuBj85v+OTSF+qCmQc76X5bb6nHda
GCyxhFpr3sg/OrOh4/MdFBxZG2eO+xEvmWaRVPf5QUPdUYHXVwNClg/z99EYZmTX
+yUF2i6fmFaedfTr61c9Ioi/P6So68nq0ZH6lMGb9SYw7UrF8IrLSTMpsEsO5awL
xIF1OG6uuJ1c1aIhrfwn3UN9u/NJRKCaGK9aBhG7fGgKmCBdtnJhwNetYQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFCoXWpucnupxwXOGFv8q4y9uQoZbMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvS2hkYW01eWU2bkhCYzRZV195cmpMMjVDaGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcCKgBxgIAI
AwYEKgQIACAwDQYJKoZIhvcNAQELBQADggEBAEbOsfuRio9jdM/2M3YLPisweEfZ
fZ75Xefm95XLLTyC0sx3LEOrqV1zmsaFJ02URLYjfuqrCdAwTsa3kdOK07NA57CH
K8zN2lOJvQnVXysRdAEVrsQFgkWH+6OF2qQMXG5uoj7HezRKfudkHiO2jAyel3tc
rHWOAkBzzDZ76r2KbfvpIVF8ZTmJruW+XUCQX+qcAI/vgoS3y6R2cXzwdVFA2hKj
YYdEd7KqVyYnWHYSQN60q9N2VKz4FD3m0X9XViRdg2ropn6iV1UWJekDOJUYnkRF
fUW/MNJugzL4sVAWyDDG0/Zt4SlWNi5t0aREULYcaV6FB86BeKdfUgCaVoM=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:49:14 2025 by rpki-client