Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/zWqY4g9GDyFqazxDI_5X0GVOz5I.roa
File: zWqY4g9GDyFqazxDI_5X0GVOz5I.roa (raw, json)
Hash identifier: nLaxKffxirO/sOKUfN4HpmMrvXxuk0Ijg8zkWA7/b7Y=
Subject key identifier: CD:6A:98:E2:0F:46:0F:21:6A:6B:3C:43:23:FE:57:D0:65:4E:CF:92
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 019855DED96160989BA3D739FC5627FB81B7
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/zWqY4g9GDyFqazxDI_5X0GVOz5I.roa
Signing time: Tue 29 Jul 2025 11:08:44 +0000
ROA not before: Tue 29 Jul 2025 11:08:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8989
IP address blocks: 2.110.64.0/18 maxlen: 18
2.110.128.0/17 maxlen: 17
2a02:980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:de:d9:61:60:98:9b:a3:d7:39:fc:56:27:fb:81:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Jul 29 11:08:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd6a98e20f460f216a6b3c4323fe57d0654ecf92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5f:a4:7b:97:c6:aa:3b:25:ae:aa:26:fb:85:
7e:07:29:86:4a:ac:6c:85:f3:b7:e5:99:0d:b8:bb:
db:3a:70:32:69:65:91:7e:97:86:f1:81:da:de:3d:
d0:17:0b:ff:1e:b3:13:4b:53:64:51:b2:8a:57:77:
e1:82:42:40:7c:0e:c9:ef:aa:5d:71:d1:48:a8:6d:
18:4c:2e:88:b8:64:11:fe:53:f6:cf:09:54:a3:8b:
0b:16:ef:c7:f2:2a:9c:75:48:93:c7:62:9b:9e:fe:
66:b6:ec:ab:6f:1f:f4:b2:98:f6:a9:16:ad:18:66:
83:58:ff:36:7f:cc:07:14:27:04:28:34:64:bf:e5:
59:19:5e:8c:23:1f:18:e7:20:f6:ae:c8:aa:3d:dd:
97:e7:21:87:68:a3:5d:ff:7f:7f:cc:00:eb:6c:9f:
fc:d2:36:de:f2:8c:27:ba:7d:e7:91:d4:d8:81:df:
6b:57:c5:b9:3e:e1:8e:18:e8:d6:d8:7f:2e:73:c3:
1f:6a:cd:1a:75:ab:b4:37:c4:03:85:ad:b5:1d:a9:
f8:31:ad:09:3b:85:33:9d:3a:60:3b:6f:e1:65:65:
b0:26:c9:da:7a:0d:32:48:1c:dd:83:09:c5:83:1f:
da:0f:83:2c:d2:e1:b5:bd:07:4e:50:f4:ae:20:88:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6A:98:E2:0F:46:0F:21:6A:6B:3C:43:23:FE:57:D0:65:4E:CF:92
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/zWqY4g9GDyFqazxDI_5X0GVOz5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.110.64.0-2.110.255.255
IPv6:
2a02:980::/29
Signature Algorithm: sha256WithRSAEncryption
0f:fe:26:8a:c1:78:25:3f:1f:90:90:72:8b:74:6b:22:24:3f:
41:c4:1d:c0:4c:41:de:f6:44:1d:eb:cc:f1:ec:e8:3f:e6:23:
9f:4b:4f:ff:d2:b2:ad:6a:43:ef:26:f0:92:2b:2b:7d:4a:ca:
33:c7:42:4f:02:6a:1d:82:5d:d1:5e:4c:c1:27:28:88:9b:41:
b3:59:af:64:02:12:18:a9:e1:bd:b6:69:84:7c:61:aa:b1:7b:
a1:79:5b:b7:eb:8a:aa:30:18:a7:32:bb:5b:f2:f1:5d:dc:9e:
6b:85:d0:c7:76:6c:57:89:70:33:ab:e6:8f:15:d1:f3:0d:0a:
48:70:16:bf:48:b0:30:18:f4:9b:e9:96:b0:66:58:8d:f5:db:
24:ae:82:f0:72:9f:ad:73:2b:42:f3:c9:22:ba:74:1e:08:a2:
0b:8d:b4:8c:d7:65:53:d3:02:ea:b9:53:48:b6:2f:36:75:d7:
93:a8:51:ec:d0:cb:1c:08:e2:0f:60:65:dc:bd:cd:32:fd:67:
00:09:1a:43:19:70:cf:89:67:b0:50:be:e2:45:29:4d:a1:09:
e1:1d:ef:3f:23:f0:18:67:54:5d:74:c7:0a:54:ec:6d:58:83:
cf:64:d0:44:fd:d7:ba:63:47:10:fa:ae:38:56:dd:70:f6:b5:
bf:fa:8b:8e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhV3tlhYJibo9c5/FYn+4G3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjUwNzI5MTEwODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZhOThlMjBmNDYwZjIxNmE2YjNjNDMyM2ZlNTdkMDY1NGVjZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9V+ke5fGqjslrqom+4V+BymGSqxs
hfO35ZkNuLvbOnAyaWWRfpeG8YHa3j3QFwv/HrMTS1NkUbKKV3fhgkJAfA7J76pd
cdFIqG0YTC6IuGQR/lP2zwlUo4sLFu/H8iqcdUiTx2Kbnv5mtuyrbx/0spj2qRat
GGaDWP82f8wHFCcEKDRkv+VZGV6MIx8Y5yD2rsiqPd2X5yGHaKNd/39/zADrbJ/8
0jbe8ownun3nkdTYgd9rV8W5PuGOGOjW2H8uc8Mfas0adau0N8QDha21Han4Ma0J
O4UznTpgO2/hZWWwJsnaeg0ySBzdgwnFgx/aD4Ms0uG1vQdOUPSuIIjOEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM1qmOIPRg8hams8QyP+V9BlTs+SMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL3pXcVk0ZzlHRHlGcWF6eERJXzVYMEdWT3o1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBMEAgABMA0wCwMEBgJu
QAMDAAJuMA0EAgACMAcDBQMqAgmAMA0GCSqGSIb3DQEBCwUAA4IBAQAP/iaKwXgl
Px+QkHKLdGsiJD9BxB3ATEHe9kQd68zx7Og/5iOfS0//0rKtakPvJvCSKyt9Ssoz
x0JPAmodgl3RXkzBJyiIm0GzWa9kAhIYqeG9tmmEfGGqsXuheVu364qqMBinMrtb
8vFd3J5rhdDHdmxXiXAzq+aPFdHzDQpIcBa/SLAwGPSb6ZawZliN9dskroLwcp+t
cytC88kiunQeCKILjbSM12VT0wLquVNIti82ddeTqFHs0MscCOIPYGXcvc0y/WcA
CRpDGXDPiWewUL7iRSlNoQnhHe8/I/AYZ1RddMcKVOxtWIPPZNBE/de6Y0cQ+q44
Vt1w9rW/+ouO
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:16:55 2025 by rpki-client