Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/PCLEBGkkNn5EeH8qQD6pZWKPVYo.roa
File: PCLEBGkkNn5EeH8qQD6pZWKPVYo.roa (raw, json)
Hash identifier: LSyBgD9DKxmtFnMTdBKddcTZQvhReetnvqyNNdMfvV8=
Subject key identifier: 3C:22:C4:04:69:24:36:7E:44:78:7F:2A:40:3E:A9:65:62:8F:55:8A
Certificate issuer: /CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Certificate serial: 019A0F29B5A6AAA4C2FE17BFF1D0FCDB1058
Authority key identifier: 8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/PCLEBGkkNn5EeH8qQD6pZWKPVYo.roa
Signing time: Thu 23 Oct 2025 03:43:02 +0000
ROA not before: Thu 23 Oct 2025 03:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199614
IP address blocks: 2a13:a280::/29 maxlen: 29
2a13:a280::/33 maxlen: 33
2a13:a280:8000::/33 maxlen: 33
2a13:a281::/33 maxlen: 33
2a13:a281:8000::/33 maxlen: 33
2a13:a282::/33 maxlen: 33
2a13:a282:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:29:b5:a6:aa:a4:c2:fe:17:bf:f1:d0:fc:db:10:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Validity
Not Before: Oct 23 03:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c22c4046924367e44787f2a403ea965628f558a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:66:44:ad:0d:50:49:88:9b:1a:bb:9d:14:
c7:58:22:89:00:4d:3b:62:aa:b2:f2:49:dd:34:5e:
42:cd:c8:4f:b5:2a:80:36:c5:f9:bf:e9:f1:42:7c:
53:10:1b:12:72:90:e5:5f:7d:08:63:81:e4:5c:15:
17:d1:42:0e:eb:eb:53:30:58:fd:2d:47:03:40:93:
2a:26:d8:86:d3:d8:52:43:ce:bf:80:4e:8e:12:70:
a5:a5:b3:9d:96:21:9e:7a:34:e4:a8:dc:5b:e1:1e:
7a:0e:53:b7:f2:a6:ae:17:71:37:3e:5f:b1:a8:2f:
4e:d5:ee:a8:d5:ad:94:32:47:5b:67:ca:18:41:a1:
51:f1:5f:e4:96:6c:71:b0:a7:a9:aa:24:e1:e5:fd:
c1:38:f4:0a:3e:14:e4:be:83:23:cb:8a:ec:9a:bb:
f7:cf:db:e7:c4:11:7d:5a:a8:48:e0:e3:3e:e1:2f:
73:51:5c:6e:1f:5a:7d:ee:84:5b:fa:cc:fa:06:e2:
4f:90:b2:e8:50:0a:13:19:04:c8:ce:b1:2a:72:ae:
d9:20:a0:74:7b:39:a2:11:8e:e9:e7:25:09:0e:f1:
e0:88:35:1c:06:e7:58:5b:d2:47:bf:c9:b8:2d:27:
bc:8c:1f:67:e7:91:7e:40:d7:e1:ac:be:23:39:18:
38:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:22:C4:04:69:24:36:7E:44:78:7F:2A:40:3E:A9:65:62:8F:55:8A
X509v3 Authority Key Identifier:
keyid:8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/PCLEBGkkNn5EeH8qQD6pZWKPVYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a280::/29
Signature Algorithm: sha256WithRSAEncryption
89:c0:cf:6c:bb:59:9c:15:15:84:83:78:a4:42:72:16:1a:45:
d9:8e:d0:d1:70:70:52:47:f7:7c:3d:b9:a7:e3:ed:28:4b:8f:
60:50:20:b5:05:90:0e:81:51:06:58:3c:ef:10:fa:90:09:cc:
2b:2e:32:79:18:31:cb:c9:dc:e8:f9:81:d5:c2:d3:a1:db:bf:
b2:d0:1d:a3:42:9a:0b:5b:37:e0:4c:f3:5d:b3:ad:4c:96:b5:
e0:28:a3:dc:e8:20:30:25:30:9e:a4:98:d9:55:e1:1c:9a:ce:
67:0d:2f:ed:35:de:04:f0:3d:76:0e:4c:d9:20:7e:50:1e:d0:
ee:9d:f0:30:d2:be:d1:91:38:62:74:ad:d8:76:f2:a3:e2:fa:
ee:a5:dd:e4:7c:90:9a:14:19:ed:50:14:99:c6:9d:13:d8:41:
a7:cc:fa:b8:8b:a5:dc:f6:e1:e2:df:1c:2b:11:4e:8e:d4:36:
8c:a4:a7:66:54:3e:71:69:58:38:c5:5c:0d:21:96:71:b3:2e:
26:4f:8d:01:71:09:f5:ac:35:92:49:3c:3a:d7:34:fd:06:d9:
5d:23:5d:8a:e5:fb:86:21:40:eb:23:0b:02:8b:c6:e8:a3:61:
a2:a2:98:4a:8a:72:83:f2:16:ae:ef:ae:5e:e3:2a:47:8d:1a:
04:1c:60:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZoPKbWmqqTC/he/8dD82xBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDZmNWE3MzE0YjJmOTY2YjI0ZmM1MzE1NWNlN2JmNjA0
YzA3YTYwHhcNMjUxMDIzMDM0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIyYzQwNDY5MjQzNjdlNDQ3ODdmMmE0MDNlYTk2NTYyOGY1NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRBmRK0NUEmImxq7nRTHWCKJAE07
Yqqy8kndNF5CzchPtSqANsX5v+nxQnxTEBsScpDlX30IY4HkXBUX0UIO6+tTMFj9
LUcDQJMqJtiG09hSQ86/gE6OEnClpbOdliGeejTkqNxb4R56DlO38qauF3E3Pl+x
qC9O1e6o1a2UMkdbZ8oYQaFR8V/klmxxsKepqiTh5f3BOPQKPhTkvoMjy4rsmrv3
z9vnxBF9WqhI4OM+4S9zUVxuH1p97oRb+sz6BuJPkLLoUAoTGQTIzrEqcq7ZIKB0
ezmiEY7p5yUJDvHgiDUcBudYW9JHv8m4LSe8jB9n55F+QNfhrL4jORg4FwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDwixARpJDZ+RHh/KkA+qWVij1WKMB8GA1UdIwQY
MBaAFI4G9acxSy+WayT8UxVc579gTAemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEt
YjQ3NDk3MGVjYTY2LzEvUENMRUJHa2tObjVFZUg4cVFENnBaV0tQVllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEtYjQ3NDk3MGVjYTY2
LzEvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOigDAN
BgkqhkiG9w0BAQsFAAOCAQEAicDPbLtZnBUVhIN4pEJyFhpF2Y7Q0XBwUkf3fD25
p+PtKEuPYFAgtQWQDoFRBlg87xD6kAnMKy4yeRgxy8nc6PmB1cLTodu/stAdo0Ka
C1s34EzzXbOtTJa14Cij3OggMCUwnqSY2VXhHJrOZw0v7TXeBPA9dg5M2SB+UB7Q
7p3wMNK+0ZE4YnSt2Hbyo+L67qXd5HyQmhQZ7VAUmcadE9hBp8z6uIul3Pbh4t8c
KxFOjtQ2jKSnZlQ+cWlYOMVcDSGWcbMuJk+NAXEJ9aw1kkk8Otc0/QbZXSNdiuX7
hiFA6yMLAovG6KNhoqKYSopyg/IWru+uXuMqR40aBBxgDg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:39 2025 by rpki-client