Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/yI3G2IMZNSFb4tjab8mWB1NrL_s.roa
File: yI3G2IMZNSFb4tjab8mWB1NrL_s.roa (raw, json)
Hash identifier: jG0poIWV+PowwbIjga57bSHiu6NuJ6Vy7gu5Nqqeu/k=
Subject key identifier: C8:8D:C6:D8:83:19:35:21:5B:E2:D8:DA:6F:C9:96:07:53:6B:2F:FB
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01976584E1B411CFF62B7E44DF2A9578F447
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/yI3G2IMZNSFb4tjab8mWB1NrL_s.roa
Signing time: Thu 12 Jun 2025 19:01:36 +0000
ROA not before: Thu 12 Jun 2025 19:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58285
IP address blocks: 2a14:5840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 19:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:84:e1:b4:11:cf:f6:2b:7e:44:df:2a:95:78:f4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 12 19:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c88dc6d8831935215be2d8da6fc99607536b2ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c1:9d:aa:21:94:52:24:58:f6:56:70:62:56:
de:a2:b1:2c:05:fe:46:15:e4:bd:08:14:b6:30:f9:
35:7c:04:3e:56:73:2e:fe:a6:a6:a3:9a:0e:94:bf:
d5:ff:ae:ea:5e:92:6d:81:0a:71:d0:a2:42:9e:37:
42:59:94:1e:c0:dd:ea:2c:1a:b7:91:56:e3:2d:c7:
a4:c2:52:f2:99:b6:7f:96:b3:93:96:0f:d1:32:8c:
8f:e8:35:bf:5e:8e:e6:21:67:d2:6a:49:84:cf:49:
47:6d:23:95:bf:e4:d9:f0:9a:41:35:84:86:d3:8d:
88:96:36:a2:00:37:83:3a:52:fb:d7:9b:22:6b:8a:
d2:b7:cb:06:5e:e0:f5:1c:31:54:b2:53:88:dc:d2:
5d:4a:5a:8c:5f:d9:63:33:7f:7c:0a:26:75:de:9c:
db:ef:75:a3:d8:10:4f:fd:66:4c:77:ad:ed:71:f7:
a4:71:54:d8:5a:84:7a:e9:3f:36:77:5f:8a:4c:87:
d8:8f:fd:06:af:48:49:52:9d:14:e2:17:83:32:df:
dc:78:02:e5:22:e1:57:4e:82:51:c6:3a:80:16:75:
85:2d:ef:04:55:ae:8a:99:90:78:24:9a:84:d6:5a:
94:90:52:4c:31:f1:f7:c0:a0:1d:73:2f:8e:e1:fd:
ce:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8D:C6:D8:83:19:35:21:5B:E2:D8:DA:6F:C9:96:07:53:6B:2F:FB
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/yI3G2IMZNSFb4tjab8mWB1NrL_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5840::/29
Signature Algorithm: sha256WithRSAEncryption
21:67:30:f6:d1:04:66:78:f5:86:cc:63:b6:b1:c3:5e:63:a1:
95:89:80:51:db:f6:cd:6c:11:4e:69:60:cf:ec:2a:4e:64:16:
f4:7b:78:fb:11:1f:73:91:86:18:a6:ec:2a:f0:09:3d:7b:27:
fc:42:f4:02:cd:47:f9:b0:61:6a:a9:8f:ca:04:92:80:f6:40:
9b:f8:1d:8a:45:bb:dd:48:88:7c:d5:ea:fb:c3:44:13:8e:91:
7a:b6:72:f3:a5:cb:fd:6c:4b:f1:e1:b4:4c:47:a8:61:85:0a:
55:75:43:dc:80:19:66:d9:fa:00:12:e4:af:4e:ec:04:3c:b2:
e1:4a:8f:9d:ff:a3:c8:62:af:15:1f:11:a6:59:cd:b8:79:51:
85:1c:75:98:91:e1:ea:0e:50:02:43:b8:e9:5a:da:16:a8:91:
76:99:a6:88:8d:25:d6:79:b4:8a:67:b1:a7:9c:c6:f5:74:82:
c0:02:a2:b9:34:66:09:8b:08:4e:01:66:8d:29:53:b9:a8:15:
e4:ad:ea:17:98:83:2e:dc:8b:3c:fe:66:a5:b4:b5:dc:08:4c:
35:23:fa:b8:be:d0:b9:6b:ee:65:cc:62:ec:52:f0:90:0d:48:
43:a5:3d:49:18:1d:27:3a:dc:f6:f7:84:42:98:d0:cb:9e:01:
b2:c9:94:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZdlhOG0Ec/2K35E3yqVePRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjEyMTkwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODhkYzZkODgzMTkzNTIxNWJlMmQ4ZGE2ZmM5OTYwNzUzNmIyZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMGdqiGUUiRY9lZwYlbeorEsBf5G
FeS9CBS2MPk1fAQ+VnMu/qamo5oOlL/V/67qXpJtgQpx0KJCnjdCWZQewN3qLBq3
kVbjLcekwlLymbZ/lrOTlg/RMoyP6DW/Xo7mIWfSakmEz0lHbSOVv+TZ8JpBNYSG
042IljaiADeDOlL715sia4rSt8sGXuD1HDFUslOI3NJdSlqMX9ljM398CiZ13pzb
73Wj2BBP/WZMd63tcfekcVTYWoR66T82d1+KTIfYj/0Gr0hJUp0U4heDMt/ceALl
IuFXToJRxjqAFnWFLe8EVa6KmZB4JJqE1lqUkFJMMfH3wKAdcy+O4f3OBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMiNxtiDGTUhW+LY2m/JlgdTay/7MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEveUkzRzJJTVpOU0ZiNHRqYWI4bVdCMU5yTF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRYQDAN
BgkqhkiG9w0BAQsFAAOCAQEAIWcw9tEEZnj1hsxjtrHDXmOhlYmAUdv2zWwRTmlg
z+wqTmQW9Ht4+xEfc5GGGKbsKvAJPXsn/EL0As1H+bBhaqmPygSSgPZAm/gdikW7
3UiIfNXq+8NEE46RerZy86XL/WxL8eG0TEeoYYUKVXVD3IAZZtn6ABLkr07sBDyy
4UqPnf+jyGKvFR8RplnNuHlRhRx1mJHh6g5QAkO46VraFqiRdpmmiI0l1nm0imex
p5zG9XSCwAKiuTRmCYsITgFmjSlTuagV5K3qF5iDLtyLPP5mpbS13AhMNSP6uL7Q
uWvuZcxi7FLwkA1IQ6U9SRgdJzrc9veEQpjQy54BssmUiA==
-----END CERTIFICATE-----
Generated at Thu Jun 19 05:54:20 2025 by rpki-client