Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RfbBg8tOxgjrM12MGHoAop_G7i8.roa
File: RfbBg8tOxgjrM12MGHoAop_G7i8.roa (raw, json)
Hash identifier: nQnlvGmzqNuBYjUIOZX+T4KPZ99ZTWrovTyz7Vq3aMM=
Subject key identifier: 45:F6:C1:83:CB:4E:C6:08:EB:33:5D:8C:18:7A:00:A2:9F:C6:EE:2F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01983D270A35771A105CE24231C974AD3489
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RfbBg8tOxgjrM12MGHoAop_G7i8.roa
Signing time: Thu 24 Jul 2025 15:57:05 +0000
ROA not before: Thu 24 Jul 2025 15:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212336
IP address blocks: 2a12:bec0:160::/48 maxlen: 48
2a12:bec0:162::/48 maxlen: 48
2a12:bec0:166::/48 maxlen: 48
2a12:bec0:168::/48 maxlen: 48
2a12:bec0:16d::/48 maxlen: 48
2a12:bec0:16e::/48 maxlen: 48
2a12:bec0:680::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 19:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3d:27:0a:35:77:1a:10:5c:e2:42:31:c9:74:ad:34:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jul 24 15:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45f6c183cb4ec608eb335d8c187a00a29fc6ee2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:49:e3:fa:a3:e6:15:3f:73:7a:ed:05:e1:24:
d5:c3:e2:09:80:4a:85:1c:d1:aa:38:7a:e0:04:32:
5d:fd:4a:db:9f:b4:6b:f5:8d:a9:3c:f2:19:93:b7:
07:38:b0:64:c4:b8:28:6a:d3:5d:c9:08:16:21:6b:
37:c1:0f:8f:01:6d:bf:ea:80:f4:f1:f7:90:63:2c:
66:87:84:22:58:ca:2c:6b:8f:99:77:93:0e:72:f6:
b9:75:24:11:24:03:3a:9d:c9:b7:ee:89:0a:2f:c6:
bd:21:af:30:9e:54:9b:fa:c3:e3:e8:af:85:de:12:
fe:1b:5f:b7:d2:b9:f0:bd:0a:a8:64:34:78:01:11:
4d:ba:7d:32:72:d8:2d:ed:b2:45:e9:83:52:12:54:
b5:0a:da:9c:e7:fd:de:f2:a8:64:1a:dd:d2:c8:1e:
2f:4a:49:d2:29:a4:81:e4:3f:70:87:83:13:84:e7:
0d:59:13:a0:db:eb:bd:3d:15:20:15:a3:6f:2f:7b:
dc:fc:be:0c:ca:bf:da:94:3c:ba:2f:38:bd:88:e8:
bd:0c:a7:03:4c:ea:80:1e:87:98:af:96:bc:c2:73:
b0:97:03:8d:3c:b0:9d:a9:4d:62:2d:be:de:c2:11:
0b:5d:6c:fb:7c:42:15:cb:65:88:f7:59:85:7c:9c:
1b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F6:C1:83:CB:4E:C6:08:EB:33:5D:8C:18:7A:00:A2:9F:C6:EE:2F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RfbBg8tOxgjrM12MGHoAop_G7i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:160::/48
2a12:bec0:162::/48
2a12:bec0:166::/48
2a12:bec0:168::/48
2a12:bec0:16d::-2a12:bec0:16e:ffff:ffff:ffff:ffff:ffff
2a12:bec0:680::/45
Signature Algorithm: sha256WithRSAEncryption
26:7f:69:45:ea:9b:11:c8:f7:74:2a:d8:c4:e3:1c:5e:fc:69:
15:24:ed:7d:13:ac:25:12:46:1e:e6:ae:0b:17:b3:aa:dd:27:
89:19:3d:66:fb:79:60:73:ee:15:5b:3e:55:ac:59:bb:c2:9a:
45:23:60:6a:e1:62:32:1a:42:d4:09:90:b4:06:ab:b5:6d:d1:
b0:36:94:e1:f8:59:1d:c9:59:a0:08:aa:55:9a:a1:8d:58:10:
5b:ac:46:c7:d9:60:6f:bb:d8:72:2f:55:81:50:6a:8d:32:6c:
59:a0:43:13:8f:bc:be:3f:a8:bf:f9:f2:2f:a6:52:b4:97:d9:
a7:80:27:af:d3:1b:66:6a:11:3e:1b:f1:4d:bb:51:aa:1c:74:
f7:a4:77:28:33:94:39:70:11:76:ca:86:17:3e:34:1a:4f:de:
70:31:db:3b:d9:e7:b0:2e:f1:5f:1d:c0:c4:e5:b2:04:20:76:
ad:57:8e:1c:37:05:a0:d8:ac:de:6f:dc:63:e4:0c:9f:b5:b4:
48:5e:3b:18:d2:fb:ec:7c:f2:95:65:c2:74:a8:a5:40:e2:12:
69:c8:52:92:66:0b:bb:09:49:e6:3d:f0:fe:5d:f9:11:b8:ad:
da:0b:91:0f:dc:d4:59:c8:b0:07:4e:60:4a:0c:e7:63:74:30:
e3:35:ec:67
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZg9Jwo1dxoQXOJCMcl0rTSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNzI0MTU1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY2YzE4M2NiNGVjNjA4ZWIzMzVkOGMxODdhMDBhMjlmYzZlZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50nj+qPmFT9zeu0F4STVw+IJgEqF
HNGqOHrgBDJd/Urbn7Rr9Y2pPPIZk7cHOLBkxLgoatNdyQgWIWs3wQ+PAW2/6oD0
8feQYyxmh4QiWMosa4+Zd5MOcva5dSQRJAM6ncm37okKL8a9Ia8wnlSb+sPj6K+F
3hL+G1+30rnwvQqoZDR4ARFNun0yctgt7bJF6YNSElS1Ctqc5/3e8qhkGt3SyB4v
SknSKaSB5D9wh4MThOcNWROg2+u9PRUgFaNvL3vc/L4Myr/alDy6Lzi9iOi9DKcD
TOqAHoeYr5a8wnOwlwONPLCdqU1iLb7ewhELXWz7fEIVy2WI91mFfJwbtQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFEX2wYPLTsYI6zNdjBh6AKKfxu4vMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUmZiQmc4dE94Z2pyTTEyTUdIb0FvcF9HN2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKhK+wAFg
AwcAKhK+wAFiAwcAKhK+wAFmAwcAKhK+wAFoMBIDBwAqEr7AAW0DBwAqEr7AAW4D
BwMqEr7ABoAwDQYJKoZIhvcNAQELBQADggEBACZ/aUXqmxHI93Qq2MTjHF78aRUk
7X0TrCUSRh7mrgsXs6rdJ4kZPWb7eWBz7hVbPlWsWbvCmkUjYGrhYjIaQtQJkLQG
q7Vt0bA2lOH4WR3JWaAIqlWaoY1YEFusRsfZYG+72HIvVYFQao0ybFmgQxOPvL4/
qL/58i+mUrSX2aeAJ6/TG2ZqET4b8U27UaocdPekdygzlDlwEXbKhhc+NBpP3nAx
2zvZ57Au8V8dwMTlsgQgdq1Xjhw3BaDYrN5v3GPkDJ+1tEheOxjS++x88pVlwnSo
pUDiEmnIUpJmC7sJSeY98P5d+RG4rdoLkQ/c1FnIsAdOYEoM52N0MOM17Gc=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:30:21 2025 by rpki-client