Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IKiKBtqV8aj5bEB_07uOzUdtWLk.roa
File: IKiKBtqV8aj5bEB_07uOzUdtWLk.roa (raw, json)
Hash identifier: bQ7k6i8N3tX0GvUq5MJyPUTOMxjiiyFXgrbUPEnTVIc=
Subject key identifier: 20:A8:8A:06:DA:95:F1:A8:F9:6C:40:7F:D3:BB:8E:CD:47:6D:58:B9
Certificate issuer: /CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Certificate serial: 01984795A11D225699A33F50219ED7671B1A
Authority key identifier: DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IKiKBtqV8aj5bEB_07uOzUdtWLk.roa
Signing time: Sat 26 Jul 2025 16:34:05 +0000
ROA not before: Sat 26 Jul 2025 16:34:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 2a01:e5c0:2000::/36 maxlen: 36
2a01:e5c0:3000::/36 maxlen: 36
2a01:e5c0:4000::/36 maxlen: 36
2a01:e5c0:5000::/36 maxlen: 36
2a01:e5c0:6000::/36 maxlen: 36
2a01:e5c0:7000::/36 maxlen: 36
2a01:e5c0:8003::/48 maxlen: 48
2a01:e5c0:8004::/48 maxlen: 48
2a01:e5c0:8008::/48 maxlen: 48
2a01:e5c0:9000::/36 maxlen: 36
2a01:e5c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.mft
rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:47:95:a1:1d:22:56:99:a3:3f:50:21:9e:d7:67:1b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Validity
Not Before: Jul 26 16:34:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20a88a06da95f1a8f96c407fd3bb8ecd476d58b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:90:d3:89:4b:0a:50:e3:4d:55:02:bf:ab:
d3:49:1c:ac:ff:2c:73:d7:f1:1f:57:20:96:5a:4d:
25:90:ee:07:c7:63:3d:e6:fc:ad:2f:38:a5:43:29:
eb:87:3e:3f:c8:ac:05:3a:03:61:f0:35:bc:a6:0c:
97:dc:bc:2e:3b:69:20:07:57:e4:85:0a:56:c4:ca:
7e:0b:6a:d1:6e:a0:2d:21:e8:ae:6c:c5:dc:9c:08:
05:9d:ff:e3:e6:82:7f:25:5c:f7:54:06:5b:50:ec:
c4:03:3c:89:97:a7:f6:1d:06:47:6c:69:5f:18:03:
2f:c1:1b:aa:8f:24:23:72:29:78:e1:8e:bd:84:4c:
b8:20:91:98:a4:62:57:a2:ae:97:24:45:94:d7:9c:
d1:90:0d:33:eb:67:5c:bc:30:da:88:5f:b7:f0:65:
11:fd:c1:a4:f6:c6:18:9b:6d:7c:9f:fd:78:72:7e:
d6:a6:9c:8b:98:a8:6d:cb:92:88:db:d7:90:df:99:
ab:c7:25:dc:c2:4e:53:f3:a5:a9:b6:fb:6b:54:4b:
25:a6:69:fe:0f:d9:81:d5:fc:ce:d7:a9:59:fc:b8:
e8:50:46:f9:0a:7d:fe:ae:f6:c2:90:be:b5:79:3c:
f9:b7:d2:9d:30:c5:8e:6d:9b:c9:09:a0:9f:b5:5b:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A8:8A:06:DA:95:F1:A8:F9:6C:40:7F:D3:BB:8E:CD:47:6D:58:B9
X509v3 Authority Key Identifier:
keyid:DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IKiKBtqV8aj5bEB_07uOzUdtWLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0:2000::-2a01:e5c0:7fff:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8003::-2a01:e5c0:8004:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8008::/48
2a01:e5c0:9000::/36
2a01:e5c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
78:a0:58:da:dd:90:35:ce:3a:dd:06:2e:b4:d8:b4:f5:ac:50:
65:85:ab:74:82:31:9f:9c:4c:6d:13:ae:e3:df:db:de:e5:f5:
6d:6e:62:29:74:35:4a:03:24:fc:7a:30:9a:b3:fd:a2:f3:32:
73:c0:6a:a0:5d:cd:6b:1a:88:6f:8e:d9:be:91:10:27:71:f2:
7b:cb:a9:98:fc:c1:81:70:af:61:e4:d4:cb:4e:b5:7c:a1:70:
5a:b7:6a:de:3a:fb:a4:6b:f3:27:42:23:9f:1c:a8:27:cc:25:
13:a3:d4:94:ec:e2:20:52:db:7c:ce:fc:16:7f:b3:ea:8d:4c:
e3:fa:56:e0:b4:2e:83:6c:af:5b:18:6b:cd:13:fd:f8:a0:fd:
15:fc:f7:a9:81:d8:56:b7:1e:02:a0:fd:4f:93:85:de:84:5a:
d0:ce:52:94:03:d8:f0:d4:31:65:f1:8c:c6:ed:9b:90:94:27:
83:c6:8f:90:72:4c:15:30:0c:4a:de:27:a5:cb:c8:97:59:9e:
54:0d:e5:a0:f4:fe:8e:a1:b9:a5:18:3e:c0:e0:8c:71:a6:f5:
bc:49:5f:b3:8f:06:3e:8d:7a:7e:23:d4:f3:25:7b:db:fc:c5:
7b:21:c0:8d:4e:a0:81:37:3d:36:d9:90:9a:0b:79:45:45:30:
10:1b:75:de
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZhHlaEdIlaZoz9QIZ7XZxsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2Q1ZmNhMWU0Njk5MjlkNGE4YjZmNTdhZjNjYmNkYzYz
OWEzNWUwHhcNMjUwNzI2MTYzNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE4OGEwNmRhOTVmMWE4Zjk2YzQwN2ZkM2JiOGVjZDQ3NmQ1OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt++Q04lLClDjTVUCv6vTSRys/yxz
1/EfVyCWWk0lkO4Hx2M95vytLzilQynrhz4/yKwFOgNh8DW8pgyX3LwuO2kgB1fk
hQpWxMp+C2rRbqAtIeiubMXcnAgFnf/j5oJ/JVz3VAZbUOzEAzyJl6f2HQZHbGlf
GAMvwRuqjyQjcil44Y69hEy4IJGYpGJXoq6XJEWU15zRkA0z62dcvDDaiF+38GUR
/cGk9sYYm218n/14cn7WppyLmKhty5KI29eQ35mrxyXcwk5T86WptvtrVEslpmn+
D9mB1fzO16lZ/LjoUEb5Cn3+rvbCkL61eTz5t9KdMMWObZvJCaCftVuFtQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCCoigbalfGo+WxAf9O7js1HbVi5MB8GA1UdIwQY
MBaAFNp9X8oeRpkp1Ki29Xrzy83GOaNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGIt
NDFiNzMwMzI3Yzc4LzEvSUtpS0J0cVY4YWo1YkVCXzA3dU96VWR0V0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGItNDFiNzMwMzI3Yzc4
LzEvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/MBADBgUqAeXA
IAMGByoB5cAAMBIDBwAqAeXAgAMDBwAqAeXAgAQDBwAqAeXAgAgDBgQqAeXAkAMG
BCoB5cDwMA0GCSqGSIb3DQEBCwUAA4IBAQB4oFja3ZA1zjrdBi602LT1rFBlhat0
gjGfnExtE67j39ve5fVtbmIpdDVKAyT8ejCas/2i8zJzwGqgXc1rGohvjtm+kRAn
cfJ7y6mY/MGBcK9h5NTLTrV8oXBat2reOvuka/MnQiOfHKgnzCUTo9SU7OIgUtt8
zvwWf7PqjUzj+lbgtC6DbK9bGGvNE/34oP0V/PepgdhWtx4CoP1Pk4XehFrQzlKU
A9jw1DFl8YzG7ZuQlCeDxo+QckwVMAxK3iely8iXWZ5UDeWg9P6OobmlGD7A4Ixx
pvW8SV+zjwY+jXp+I9TzJXvb/MV7IcCNTqCBNz022ZCaC3lFRTAQG3Xe
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:04:19 2025 by rpki-client