Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b_7FAg2gJSVaw2lNZeMvTuKt_LE.roa
File: b_7FAg2gJSVaw2lNZeMvTuKt_LE.roa (raw, json)
Hash identifier: eCyaUhu+U/7r/ol9yEOLafoy3sM9NF7EUYO2UwxliFk=
Subject key identifier: 6F:FE:C5:02:0D:A0:25:25:5A:C3:69:4D:65:E3:2F:4E:E2:AD:FC:B1
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01975DB42AA3598295A904CF66BC900DF4BF
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b_7FAg2gJSVaw2lNZeMvTuKt_LE.roa
Signing time: Wed 11 Jun 2025 06:36:17 +0000
ROA not before: Wed 11 Jun 2025 06:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:f1c0::/32 maxlen: 32
2a09:f9c6::/32 maxlen: 32
2a0e:4780::/32 maxlen: 32
2a0e:4bc6::/32 maxlen: 32
2a0e:5cc7::/32 maxlen: 32
2a0e:7346::/32 maxlen: 32
2a0e:b1c7::/32 maxlen: 32
2a0e:ccc3::/32 maxlen: 32
2a0e:ccc6::/32 maxlen: 32
2a0e:ffc4::/32 maxlen: 32
2a0f:4340::/32 maxlen: 32
2a0f:4343::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 18:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:b4:2a:a3:59:82:95:a9:04:cf:66:bc:90:0d:f4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jun 11 06:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ffec5020da025255ac3694d65e32f4ee2adfcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:44:8e:0f:d9:d1:19:d8:6a:4e:19:18:4b:43:
aa:57:d7:cd:dc:2a:09:74:09:40:96:7a:30:3d:e7:
b4:89:86:e5:15:eb:43:4e:44:eb:77:9b:78:c0:0f:
ca:0b:25:72:77:11:1d:6e:5d:f4:28:36:c0:b2:ac:
42:7f:a6:28:6c:96:b3:1a:ec:02:69:9d:a7:a8:2f:
92:58:d1:48:3b:a1:bb:63:96:ad:2b:4c:5b:db:ab:
1c:a7:4d:8f:c6:77:e4:0e:8a:40:71:c2:f6:e3:96:
a7:8d:c8:2c:51:82:58:a9:22:a1:c4:47:ff:84:f7:
e6:02:02:7d:f8:92:87:3d:dc:11:94:61:91:a5:d9:
bf:a0:3e:e3:0f:1a:c5:30:2c:47:e7:25:22:86:84:
11:ea:c4:1b:4a:00:6d:a7:ae:e7:fe:37:78:31:ca:
06:31:14:bf:3e:82:84:73:5e:46:56:99:53:4a:ed:
82:33:5a:f3:b9:a6:9c:b9:0a:e5:74:90:88:21:13:
e3:0e:12:5c:93:5b:65:a2:ea:53:eb:4e:5a:90:e0:
d7:ca:55:e2:5e:70:d0:69:fb:6a:f2:1b:b9:65:52:
f2:d8:7b:72:94:d3:e8:fe:4b:3f:c7:73:0b:2c:fa:
8c:d8:2b:ab:b1:b5:1c:b1:24:92:e1:08:74:0b:f1:
07:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FE:C5:02:0D:A0:25:25:5A:C3:69:4D:65:E3:2F:4E:E2:AD:FC:B1
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b_7FAg2gJSVaw2lNZeMvTuKt_LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f1c0::/32
2a09:f9c6::/32
2a0e:4780::/32
2a0e:4bc6::/32
2a0e:5cc7::/32
2a0e:7346::/32
2a0e:b1c7::/32
2a0e:ccc3::/32
2a0e:ccc6::/32
2a0e:ffc4::/32
2a0f:4340::/32
2a0f:4343::/32
Signature Algorithm: sha256WithRSAEncryption
55:73:b8:fb:37:c5:16:55:a3:83:0f:ac:98:76:22:c6:78:c2:
0a:7d:51:e2:78:2c:51:41:2c:c4:5b:94:91:a0:df:17:8f:ee:
e5:41:c6:cc:77:7d:ed:90:03:0b:60:c6:91:f1:59:1d:97:8a:
8f:b9:65:52:ab:f8:75:ec:80:d8:88:40:17:8a:9c:c8:37:de:
6e:75:d1:78:a5:bf:37:83:28:20:96:d5:49:74:fc:3b:51:ed:
3c:76:b0:56:b5:a1:14:3a:12:aa:90:12:c0:2a:af:75:4d:13:
95:be:6b:58:13:eb:47:cb:c8:f6:6a:93:07:c7:38:26:75:c6:
d1:9d:84:f9:85:56:79:ae:62:fc:d4:87:61:e7:b9:bd:81:8d:
c1:62:9a:fd:18:ef:c9:8d:5e:a0:c5:a5:99:84:09:a6:58:7b:
5e:8c:30:94:b3:35:e8:02:1f:3c:cc:62:1d:65:e7:d6:e5:55:
b4:f6:65:15:a0:8b:2b:2f:84:38:0f:09:11:e6:cd:8d:4a:30:
28:8b:a1:66:06:dc:1f:5b:56:c5:19:2e:89:fa:98:13:ab:d9:
82:00:10:ef:84:85:65:51:f1:46:84:ee:e6:ad:f8:19:cc:9c:
03:88:09:70:f0:04:cf:a5:53:65:1e:dc:a1:a5:0d:3e:71:32:
67:eb:68:98
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZddtCqjWYKVqQTPZryQDfS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwNjExMDYzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZlYzUwMjBkYTAyNTI1NWFjMzY5NGQ2NWUzMmY0ZWUyYWRmY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ESOD9nRGdhqThkYS0OqV9fN3CoJ
dAlAlnowPee0iYblFetDTkTrd5t4wA/KCyVydxEdbl30KDbAsqxCf6YobJazGuwC
aZ2nqC+SWNFIO6G7Y5atK0xb26scp02PxnfkDopAccL245anjcgsUYJYqSKhxEf/
hPfmAgJ9+JKHPdwRlGGRpdm/oD7jDxrFMCxH5yUihoQR6sQbSgBtp67n/jd4McoG
MRS/PoKEc15GVplTSu2CM1rzuaacuQrldJCIIRPjDhJck1tloupT605akODXylXi
XnDQaftq8hu5ZVLy2HtylNPo/ks/x3MLLPqM2CursbUcsSSS4Qh0C/EHxQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFG/+xQINoCUlWsNpTWXjL07irfyxMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvYl83RkFnMmdKU1ZhdzJsTlplTXZUdUt0X0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKgnxwAMF
ACoJ+cYDBQAqDkeAAwUAKg5LxgMFACoOXMcDBQAqDnNGAwUAKg6xxwMFACoOzMMD
BQAqDszGAwUAKg7/xAMFACoPQ0ADBQAqD0NDMA0GCSqGSIb3DQEBCwUAA4IBAQBV
c7j7N8UWVaODD6yYdiLGeMIKfVHieCxRQSzEW5SRoN8Xj+7lQcbMd33tkAMLYMaR
8Vkdl4qPuWVSq/h17IDYiEAXipzIN95uddF4pb83gyggltVJdPw7Ue08drBWtaEU
OhKqkBLAKq91TROVvmtYE+tHy8j2apMHxzgmdcbRnYT5hVZ5rmL81Idh57m9gY3B
Ypr9GO/JjV6gxaWZhAmmWHtejDCUszXoAh88zGIdZefW5VW09mUVoIsrL4Q4DwkR
5s2NSjAoi6FmBtwfW1bFGS6J+pgTq9mCABDvhIVlUfFGhO7mrfgZzJwDiAlw8ATP
pVNlHtyhpQ0+cTJn62iY
-----END CERTIFICATE-----
Generated at Sun Jun 15 23:59:35 2025 by rpki-client