Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/zqqfTRCTil92XNw8W0L8jZ1Pfpg.roa
File: zqqfTRCTil92XNw8W0L8jZ1Pfpg.roa (raw, json)
Hash identifier: p8lpJZrT7uSFLvBd9ToMpXNcs5hHPxeaf84WxPgNeqw=
Subject key identifier: CE:AA:9F:4D:10:93:8A:5F:76:5C:DC:3C:5B:42:FC:8D:9D:4F:7E:98
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01987C141D3B8DA2969BA9F0984338AE89B5
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/zqqfTRCTil92XNw8W0L8jZ1Pfpg.roa
Signing time: Tue 05 Aug 2025 21:12:29 +0000
ROA not before: Tue 05 Aug 2025 21:12:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207432
IP address blocks: 2a0f:5ec0::/29 maxlen: 36
2a0f:7fc0::/29 maxlen: 36
2a0f:edc0::/29 maxlen: 36
2a0f:fb40::/29 maxlen: 36
2a11:3a80::/29 maxlen: 37
2a11:6600::/29 maxlen: 36
2a11:6780::/29 maxlen: 37
2a11:6880::/29 maxlen: 37
2a11:6980::/29 maxlen: 37
2a11:6c00::/29 maxlen: 36
2a11:a680::/29 maxlen: 37
2a11:d400::/29 maxlen: 36
2a12:3c80::/29 maxlen: 36
2a12:e4c0::/29 maxlen: 36
2a13:3a80::/29 maxlen: 36
2a13:3e80::/29 maxlen: 36
2a13:4680::/29 maxlen: 36
2a13:64c0::/29 maxlen: 36
2a13:6540::/29 maxlen: 36
2a13:6840::/29 maxlen: 36
2a13:68c0::/29 maxlen: 36
2a13:69c0::/29 maxlen: 36
2a13:6a40::/29 maxlen: 36
2a13:6ac0::/29 maxlen: 36
2a13:6bc0::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 17:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:14:1d:3b:8d:a2:96:9b:a9:f0:98:43:38:ae:89:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 5 21:12:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceaa9f4d10938a5f765cdc3c5b42fc8d9d4f7e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cb:e9:a9:58:a6:e4:53:16:45:cc:6f:8b:a6:
c3:b1:d5:9f:e7:f2:40:87:4b:3e:ef:e5:78:5a:ea:
f2:f2:0c:f4:52:b9:a9:b5:88:ce:9a:f3:75:ef:9c:
7f:49:45:ea:62:87:06:2c:75:c9:e7:3b:97:d4:1f:
de:3c:8e:b5:46:54:8b:04:37:2c:b4:83:48:06:2a:
0e:61:1b:f7:22:ed:a3:c6:06:37:2e:a3:60:ec:df:
93:66:4d:ab:55:e7:de:73:1c:05:a0:fe:7d:3c:55:
4b:0b:90:6f:92:bc:ca:9d:c7:a1:28:54:2b:8c:42:
b8:52:17:e3:03:54:04:0f:5e:2b:ab:42:f7:c7:39:
77:fc:2c:d7:55:fe:87:49:ed:e5:56:20:0f:a3:ad:
9b:95:2a:91:fc:c0:b1:e4:56:f3:b5:17:82:ca:f6:
07:94:ec:52:8b:7c:f4:19:c5:dc:89:37:56:fb:7d:
34:41:1f:f0:36:35:51:df:0e:7d:66:cb:61:b0:e8:
93:45:ed:aa:12:8d:d7:34:db:e5:ac:61:08:bf:46:
9f:18:c3:2e:0e:8e:35:b0:20:ee:f8:e5:83:5a:08:
69:70:f8:38:6d:58:3c:8f:2c:13:31:ea:a7:8e:34:
39:9b:d0:3d:ed:95:d4:3c:0e:20:31:4e:01:b8:d9:
dd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AA:9F:4D:10:93:8A:5F:76:5C:DC:3C:5B:42:FC:8D:9D:4F:7E:98
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/zqqfTRCTil92XNw8W0L8jZ1Pfpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:3a80::/29
2a11:6600::/29
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:6c00::/29
2a11:a680::/29
2a11:d400::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
36:03:24:47:3a:e4:51:e8:ce:2c:6b:62:f2:be:44:9b:27:3b:
90:6b:28:cd:d4:14:e8:a7:8a:aa:b4:67:e0:ea:ba:3c:8c:0e:
8a:b5:7f:54:9c:c5:b2:c4:a2:7b:a6:7e:be:e8:13:01:45:2d:
fa:74:35:d7:f9:9a:42:a5:88:4b:f1:54:53:15:09:22:3f:cf:
37:f8:01:30:9b:18:b9:93:3d:9a:52:06:f3:f8:18:2c:1b:e6:
55:7f:43:a6:59:ed:80:f2:87:e1:31:6d:b6:e0:86:0d:8d:a2:
bf:dc:dc:1f:c9:62:80:b5:0d:a1:0b:ca:ff:c0:16:73:7d:a8:
ee:99:91:5e:e1:46:8b:53:09:06:4a:29:da:c3:f8:e3:38:a0:
5b:75:e4:ad:33:65:32:d4:1f:8e:04:88:e5:88:6b:84:e6:4c:
72:39:f6:33:b5:2d:d0:d9:29:c4:7d:38:6d:35:3d:11:0b:41:
af:62:e8:ca:e9:d2:0e:16:39:0d:8a:84:02:7e:07:79:27:7b:
be:a6:04:d5:39:67:c0:82:6a:fd:4b:b7:de:48:bb:45:18:36:
aa:fb:08:a0:7e:22:44:d1:3e:bd:e6:ea:60:f0:cf:71:96:b4:
99:f3:87:01:d5:97:8b:91:27:b6:9e:b3:09:15:15:29:96:80:
26:4c:ec:50
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZh8FB07jaKWm6nwmEM4rom1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwODA1MjExMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFhOWY0ZDEwOTM4YTVmNzY1Y2RjM2M1YjQyZmM4ZDlkNGY3ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7svpqVim5FMWRcxvi6bDsdWf5/JA
h0s+7+V4Wury8gz0UrmptYjOmvN175x/SUXqYocGLHXJ5zuX1B/ePI61RlSLBDcs
tINIBioOYRv3Iu2jxgY3LqNg7N+TZk2rVefecxwFoP59PFVLC5BvkrzKncehKFQr
jEK4UhfjA1QED14rq0L3xzl3/CzXVf6HSe3lViAPo62blSqR/MCx5FbztReCyvYH
lOxSi3z0GcXciTdW+300QR/wNjVR3w59ZsthsOiTRe2qEo3XNNvlrGEIv0afGMMu
Do41sCDu+OWDWghpcPg4bVg8jywTMeqnjjQ5m9A97ZXUPA4gMU4BuNndFQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFM6qn00Qk4pfdlzcPFtC/I2dT36YMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvenFxZlRSQ1RpbDkyWE53OFcwTDhqWjFQZnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBtgQCAAIwga8DBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhE6gAMFAyoRZgADBQMqEWeAAwUD
KhFogAMFAyoRaYADBQMqEWwAAwUDKhGmgAMFAyoR1AADBQMqEjyAAwUDKhLkwAMF
AyoTOoADBQMqEz6AAwUDKhNGgAMFAyoTZMADBQMqE2VAAwUDKhNoQAMFAyoTaMAD
BQMqE2nAAwUDKhNqQAMFAyoTasADBQMqE2vAMA0GCSqGSIb3DQEBCwUAA4IBAQA2
AyRHOuRR6M4sa2LyvkSbJzuQayjN1BTop4qqtGfg6ro8jA6KtX9UnMWyxKJ7pn6+
6BMBRS36dDXX+ZpCpYhL8VRTFQkiP883+AEwmxi5kz2aUgbz+BgsG+ZVf0OmWe2A
8ofhMW224IYNjaK/3NwfyWKAtQ2hC8r/wBZzfajumZFe4UaLUwkGSinaw/jjOKBb
deStM2Uy1B+OBIjliGuE5kxyOfYztS3Q2SnEfThtNT0RC0GvYujK6dIOFjkNioQC
fgd5J3u+pgTVOWfAgmr9S7feSLtFGDaq+wigfiJE0T695upg8M9xlrSZ84cB1ZeL
kSe2nrMJFRUploAmTOxQ
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:49:29 2025 by rpki-client