Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5lUHVJgMKYa70_j6NWqO3UCAhQo.roa
File: 5lUHVJgMKYa70_j6NWqO3UCAhQo.roa (raw, json)
Hash identifier: Yjsr/3XRUfxk4e2w0ECLCSCVdqC/ChIvoqm6m/2Jp74=
Subject key identifier: E6:55:07:54:98:0C:29:86:BB:D3:F8:FA:35:6A:8E:DD:40:80:85:0A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01987C16DF8F2E3BD9E3E4E4AD29CAB90476
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5lUHVJgMKYa70_j6NWqO3UCAhQo.roa
Signing time: Tue 05 Aug 2025 21:15:30 +0000
ROA not before: Tue 05 Aug 2025 21:15:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a0f:fb40::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a11:f086::/32 maxlen: 36
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 17:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:16:df:8f:2e:3b:d9:e3:e4:e4:ad:29:ca:b9:04:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 5 21:15:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6550754980c2986bbd3f8fa356a8edd4080850a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:cc:6b:17:20:e2:ff:9a:8b:3b:5b:68:f8:
6f:12:4a:95:3c:de:9b:a7:02:10:04:94:09:bc:82:
28:2b:d6:a4:18:16:f9:b3:19:69:12:f1:74:c4:22:
4e:8e:eb:3f:fc:f2:a4:8a:1d:e0:45:b2:da:41:bb:
89:1b:ba:e2:9b:73:40:d8:83:42:b2:35:68:94:35:
24:5b:b3:1c:6b:16:70:a0:29:61:a6:26:65:e4:d1:
5e:4c:19:f0:af:03:dd:e7:e9:84:07:99:46:75:83:
b6:4d:92:08:62:42:e0:e8:02:2d:57:56:ed:85:d4:
8c:5e:0f:22:32:6a:1d:fb:f6:2f:ec:9a:ad:c0:24:
14:b1:cc:7b:ce:36:7d:09:b1:cd:9c:b5:e9:92:76:
39:ec:35:57:c6:42:a4:9e:17:fe:ad:80:f4:8a:d3:
99:42:26:a5:ae:1f:70:c4:12:91:e6:2f:0b:72:d5:
b7:73:f0:54:fc:27:32:7e:3d:db:ce:07:1e:96:6f:
9c:7b:51:40:54:3b:81:d6:c6:33:be:87:14:6c:ef:
54:f9:08:f7:12:04:6e:7e:d1:0d:02:13:55:70:01:
c8:09:06:1d:bf:91:f7:6c:2e:07:e3:51:f0:98:f7:
f9:47:7e:3e:11:dd:7a:80:96:a7:70:64:5b:37:d2:
bf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:55:07:54:98:0C:29:86:BB:D3:F8:FA:35:6A:8E:DD:40:80:85:0A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5lUHVJgMKYa70_j6NWqO3UCAhQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a11:f086::/32
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:61:8b:31:8d:be:44:bb:e9:4d:d4:39:d4:20:1d:cc:65:6f:
f8:3f:e1:ac:83:cd:30:14:35:cc:32:1c:09:f6:0d:f4:7e:9e:
e1:9a:e0:50:e3:98:62:c8:17:42:6b:d1:69:f1:2d:84:ba:83:
27:f8:4d:bd:c6:7c:67:fe:d5:d5:61:30:8c:ef:9d:04:e5:b8:
a4:90:59:7d:1e:d1:59:37:5f:36:44:9e:bc:c9:9d:f3:8c:a9:
37:13:5b:55:8a:d2:b8:0a:b9:0a:8e:a4:66:58:5a:e2:4a:72:
a4:2b:a1:71:da:62:95:49:ca:3b:db:f8:a6:d7:53:80:c9:95:
dc:b0:9e:3f:d9:79:11:3b:1f:b1:a7:cd:5a:ee:15:64:d3:e8:
00:97:a2:30:65:e4:cd:c2:35:b4:85:5d:6d:11:65:ca:6b:24:
51:27:e8:7d:dc:2b:38:07:ec:35:37:04:b9:a1:46:27:74:d4:
54:aa:2c:13:f6:ef:3b:59:a8:3d:56:28:42:41:42:d9:0a:05:
68:4c:bc:aa:8e:c7:c4:10:d5:47:16:05:bb:54:70:be:36:50:
3a:57:9f:fb:f2:4d:53:c7:b4:02:e6:2c:f3:cf:6c:5b:fb:df:
bc:66:af:19:81:f2:06:33:85:8b:2f:22:bf:88:25:20:6e:b5:
64:e8:bb:68
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZh8Ft+PLjvZ4+TkrSnKuQR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwODA1MjExNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU1MDc1NDk4MGMyOTg2YmJkM2Y4ZmEzNTZhOGVkZDQwODA4NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLDMaxcg4v+aiztbaPhvEkqVPN6b
pwIQBJQJvIIoK9akGBb5sxlpEvF0xCJOjus//PKkih3gRbLaQbuJG7rim3NA2INC
sjVolDUkW7McaxZwoClhpiZl5NFeTBnwrwPd5+mEB5lGdYO2TZIIYkLg6AItV1bt
hdSMXg8iMmod+/Yv7JqtwCQUscx7zjZ9CbHNnLXpknY57DVXxkKknhf+rYD0itOZ
Qialrh9wxBKR5i8LctW3c/BU/Ccyfj3bzgcelm+ce1FAVDuB1sYzvocUbO9U+Qj3
EgRuftENAhNVcAHICQYdv5H3bC4H41HwmPf5R34+Ed16gJancGRbN9K/IwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFOZVB1SYDCmGu9P4+jVqjt1AgIUKMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNWxVSFZKZ01LWWE3MF9qNk5XcU8zVUNBaFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhFmAAMFAyoRbAADBQMqEdQAAwUA
KhHwhgMFAyoSPIADBQMqEuTAAwUDKhM6gAMFAyoTPoADBQMqE0aAAwUDKhNkwAMF
AyoTZUADBQMqE2hAAwUDKhNowAMFAyoTacADBQMqE2pAAwUDKhNqwAMFAyoTa8Aw
DQYJKoZIhvcNAQELBQADggEBAEphizGNvkS76U3UOdQgHcxlb/g/4ayDzTAUNcwy
HAn2DfR+nuGa4FDjmGLIF0Jr0WnxLYS6gyf4Tb3GfGf+1dVhMIzvnQTluKSQWX0e
0Vk3XzZEnrzJnfOMqTcTW1WK0rgKuQqOpGZYWuJKcqQroXHaYpVJyjvb+KbXU4DJ
ldywnj/ZeRE7H7GnzVruFWTT6ACXojBl5M3CNbSFXW0RZcprJFEn6H3cKzgH7DU3
BLmhRid01FSqLBP27ztZqD1WKEJBQtkKBWhMvKqOx8QQ1UcWBbtUcL42UDpXn/vy
TVPHtALmLPPPbFv737xmrxmB8gYzhYsvIr+IJSButWTou2g=
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:45:14 2025 by rpki-client