Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4Lb0e1ykjVbPF3TRFBfCy5NXBs8.roa
File: 4Lb0e1ykjVbPF3TRFBfCy5NXBs8.roa (raw, json)
Hash identifier: GK2lw+w9RAZ8U/n2HtSWHhfI/WFan24rTpmfoSr2/5s=
Subject key identifier: E0:B6:F4:7B:5C:A4:8D:56:CF:17:74:D1:14:17:C2:CB:93:57:06:CF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01975DB514FA4909AC96E858E9228BA7D2AE
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4Lb0e1ykjVbPF3TRFBfCy5NXBs8.roa
Signing time: Wed 11 Jun 2025 06:37:17 +0000
ROA not before: Wed 11 Jun 2025 06:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a09:f9c5::/32 maxlen: 32
2a0e:4783::/32 maxlen: 32
2a0e:ffc6::/32 maxlen: 32
2a0f:4341::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:b5:14:fa:49:09:ac:96:e8:58:e9:22:8b:a7:d2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jun 11 06:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0b6f47b5ca48d56cf1774d11417c2cb935706cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:7c:e3:76:a4:fe:8b:52:85:78:60:f1:fc:
a0:7b:a9:7b:17:9e:95:3d:a6:fb:51:4d:cd:a4:68:
cd:cd:66:0a:b3:ea:34:c9:60:ec:37:c8:e7:fe:22:
22:37:2c:09:07:29:56:6f:f1:ed:b2:d2:9d:aa:0a:
61:a9:38:21:06:ff:cb:99:03:d3:98:e9:5c:3d:45:
c1:79:c5:6b:89:8d:24:f6:58:b0:d9:4c:e0:d5:ad:
8c:15:af:1b:d1:fc:0b:9b:0a:dd:d2:60:6b:a8:b2:
52:b1:dc:93:52:85:c2:7a:ec:61:c8:57:21:33:bd:
92:30:f6:79:c8:08:91:a3:60:b5:16:01:ca:08:e4:
30:b5:ea:3b:b0:7c:0a:55:bf:2d:90:a0:3b:26:d6:
a9:df:b3:6e:b8:8b:1e:36:44:6b:56:8a:82:17:cd:
6f:17:c2:cc:f2:32:4c:99:08:0c:77:84:09:0d:cb:
84:a7:8a:21:7b:12:07:ca:e0:73:2d:c4:36:7a:b2:
4d:34:39:22:c9:99:18:90:b9:9a:f3:30:d3:44:d7:
10:48:13:4a:9f:1a:68:32:cb:14:00:0d:a6:77:09:
94:dd:17:11:33:26:4c:d0:9e:ba:2a:33:0f:e8:b5:
c8:f0:87:17:b6:35:43:72:a9:a8:7c:5b:33:84:e5:
28:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B6:F4:7B:5C:A4:8D:56:CF:17:74:D1:14:17:C2:CB:93:57:06:CF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4Lb0e1ykjVbPF3TRFBfCy5NXBs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f9c5::/32
2a0e:4783::/32
2a0e:ffc6::/32
2a0f:4341::/32
Signature Algorithm: sha256WithRSAEncryption
aa:a7:97:fc:b0:e4:9c:4a:44:81:00:95:6f:eb:f0:35:84:97:
1b:fd:c0:ef:d4:d1:73:7a:20:72:ef:d9:bb:a7:7e:a9:d5:a4:
55:77:c9:88:d3:30:c8:0a:63:30:95:43:e9:6a:27:9f:8b:40:
d0:ad:1c:d0:cb:c0:ed:5b:f2:63:4f:03:50:62:88:21:a5:5d:
a4:d2:fe:15:f8:43:9d:3b:a2:dc:7e:ad:b3:25:bf:19:9b:1e:
39:10:08:c5:51:67:fb:2f:82:bc:f7:c1:1b:15:e6:f5:d9:f3:
78:25:3f:33:d9:70:de:f2:6e:59:27:4d:f7:70:03:40:e5:99:
49:ad:25:f0:36:9c:fa:99:3d:26:11:06:86:aa:97:6f:75:6c:
d9:d2:d9:20:a2:33:5b:a6:5c:6c:1c:89:aa:3b:2b:bc:e4:be:
08:63:f5:1b:52:c6:22:ff:72:72:8a:cb:60:6e:4b:0a:8c:8a:
f0:91:53:90:1b:90:11:03:0a:75:ed:57:37:be:44:a2:f1:df:
c7:be:84:03:2d:53:2f:00:96:8f:47:40:8c:86:4a:6a:75:d0:
21:25:71:42:9c:c8:6f:39:08:b0:12:0e:d2:8f:d8:3c:3a:81:
01:1f:b1:97:41:97:13:cf:b2:b0:fb:14:96:a8:af:d2:88:3e:
92:60:8e:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZddtRT6SQmsluhY6SKLp9KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwNjExMDYzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI2ZjQ3YjVjYTQ4ZDU2Y2YxNzc0ZDExNDE3YzJjYjkzNTcwNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGR843ak/otShXhg8fyge6l7F56V
Pab7UU3NpGjNzWYKs+o0yWDsN8jn/iIiNywJBylWb/HtstKdqgphqTghBv/LmQPT
mOlcPUXBecVriY0k9liw2Uzg1a2MFa8b0fwLmwrd0mBrqLJSsdyTUoXCeuxhyFch
M72SMPZ5yAiRo2C1FgHKCOQwteo7sHwKVb8tkKA7Jtap37NuuIseNkRrVoqCF81v
F8LM8jJMmQgMd4QJDcuEp4ohexIHyuBzLcQ2erJNNDkiyZkYkLma8zDTRNcQSBNK
nxpoMssUAA2mdwmU3RcRMyZM0J66KjMP6LXI8IcXtjVDcqmofFszhOUoqQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOC29HtcpI1Wzxd00RQXwsuTVwbPMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvNExiMGUxeWtqVmJQRjNUUkZCZkN5NU5YQnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgn5xQMF
ACoOR4MDBQAqDv/GAwUAKg9DQTANBgkqhkiG9w0BAQsFAAOCAQEAqqeX/LDknEpE
gQCVb+vwNYSXG/3A79TRc3ogcu/Zu6d+qdWkVXfJiNMwyApjMJVD6Wonn4tA0K0c
0MvA7VvyY08DUGKIIaVdpNL+FfhDnTui3H6tsyW/GZseORAIxVFn+y+CvPfBGxXm
9dnzeCU/M9lw3vJuWSdN93ADQOWZSa0l8Dac+pk9JhEGhqqXb3Vs2dLZIKIzW6Zc
bByJqjsrvOS+CGP1G1LGIv9ycorLYG5LCoyK8JFTkBuQEQMKde1XN75EovHfx76E
Ay1TLwCWj0dAjIZKanXQISVxQpzIbzkIsBIO0o/YPDqBAR+xl0GXE8+ysPsUlqiv
0og+kmCOTA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:55:45 2025 by rpki-client