Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/Iy0rHic_3PT8I4SllQOcj0rP21I.roa
File: Iy0rHic_3PT8I4SllQOcj0rP21I.roa (raw, json)
Hash identifier: 1k4b/DPKi2PAqgzyxoLR8dS4rCq9uyypxDCl+6BFsrg=
Subject key identifier: 23:2D:2B:1E:27:3F:DC:F4:FC:23:84:A5:95:03:9C:8F:4A:CF:DB:52
Certificate issuer: /CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Certificate serial: 0198747A9CAC29202D68A489E03EE570293D
Authority key identifier: 53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/Iy0rHic_3PT8I4SllQOcj0rP21I.roa
Signing time: Mon 04 Aug 2025 09:47:29 +0000
ROA not before: Mon 04 Aug 2025 09:47:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214670
IP address blocks: 2a06:8181::/32 maxlen: 32
2a06:8184::/32 maxlen: 32
2a06:8184:ff00::/40 maxlen: 40
2a06:8184:ff00::/45 maxlen: 48
2a06:8184:ff00::/48 maxlen: 48
2a06:8184:ff01::/48 maxlen: 48
2a06:8184:ff02::/48 maxlen: 48
2a06:8184:ff03::/48 maxlen: 48
2a06:8184:ff04::/48 maxlen: 48
2a06:8184:ff05::/48 maxlen: 48
2a06:8184:ff06::/48 maxlen: 48
2a06:8184:ff07::/48 maxlen: 48
2a06:8184:ff08::/48 maxlen: 48
2a06:8184:ff14::/48 maxlen: 48
2a06:8185::/32 maxlen: 32
2a06:8185:aa00::/40 maxlen: 40
2a06:8185:aa00::/48 maxlen: 48
2a06:8185:aa01::/48 maxlen: 48
2a06:8185:aa02::/48 maxlen: 48
2a06:8185:aa03::/48 maxlen: 48
2a06:8185:aa04::/48 maxlen: 48
2a06:8185:aa05::/48 maxlen: 48
2a06:8185:aa06::/48 maxlen: 48
2a06:8185:aa07::/48 maxlen: 48
2a06:8185:aa08::/48 maxlen: 48
2a06:8185:aa09::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:7a:9c:ac:29:20:2d:68:a4:89:e0:3e:e5:70:29:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Validity
Not Before: Aug 4 09:47:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=232d2b1e273fdcf4fc2384a595039c8f4acfdb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:81:62:4d:ee:bb:1c:70:6b:4e:ca:a4:e3:f2:
4d:91:67:c7:cb:38:fe:4f:91:a1:96:f1:e3:05:4e:
d3:f8:f2:61:ec:73:f0:2d:b3:f0:18:e1:62:77:2c:
d9:62:68:dd:98:19:9e:90:79:0b:ca:d4:8b:a6:b5:
4d:a7:5a:46:35:c7:65:3b:c4:73:1f:eb:3d:2d:ee:
92:fc:cb:a2:06:0f:a0:1c:ae:b7:c4:1a:5a:97:7a:
6e:52:24:69:13:e2:94:fa:de:20:c3:4f:d8:94:c6:
b7:3a:7b:b4:0f:93:c0:33:a0:2c:41:b8:52:ef:48:
0e:52:14:eb:d5:e0:eb:f0:e0:ea:61:6c:fe:d0:50:
a9:12:68:d7:08:6e:e3:b6:2b:b8:35:5b:12:cc:1e:
a7:20:f2:7a:12:aa:bc:a2:fe:36:af:98:fc:bb:b7:
b6:a9:7d:90:0f:3d:9e:a0:cf:1d:c4:67:50:bd:31:
7c:aa:8f:a8:95:08:2f:4b:80:f6:42:1e:5c:b0:a9:
c2:d2:0f:00:9c:9f:31:f6:07:8c:d7:c0:60:c4:16:
f0:40:ea:2c:25:89:52:5f:a0:29:7d:e5:71:42:e2:
97:ac:ed:47:20:2d:9a:cc:ef:68:98:eb:80:ba:c7:
65:00:6b:74:55:65:75:6d:90:82:47:64:f5:49:ef:
a1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2D:2B:1E:27:3F:DC:F4:FC:23:84:A5:95:03:9C:8F:4A:CF:DB:52
X509v3 Authority Key Identifier:
keyid:53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/Iy0rHic_3PT8I4SllQOcj0rP21I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8181::/32
2a06:8184::/31
Signature Algorithm: sha256WithRSAEncryption
69:64:1e:c0:4e:42:9a:51:8f:cb:d0:ce:b3:a4:e6:06:81:17:
eb:e8:19:8e:0f:f3:a2:27:fd:7d:3e:4d:59:7f:fc:95:ad:8a:
d0:25:18:31:3a:9f:0e:c8:82:9a:a2:33:cc:ef:de:24:f7:a1:
b5:8d:36:3f:26:20:a5:28:d4:6a:58:03:6d:e6:70:36:28:1a:
f0:de:90:e5:bb:05:29:16:f8:ab:65:4e:08:b6:b8:24:8e:b0:
d5:af:23:19:0a:47:02:a6:3e:32:5e:d6:23:ce:a1:10:21:62:
56:91:8b:d8:6d:fe:a4:92:9d:4a:f7:04:6c:e0:e0:7a:07:90:
5b:76:cc:1d:1f:36:29:c1:e1:d7:d7:2b:23:a1:ea:6a:fb:20:
7e:8c:60:c4:53:aa:d2:fc:3c:fa:01:e5:9b:a1:c5:08:7e:95:
fb:09:f2:44:f5:46:74:3e:66:dc:cc:65:a6:43:09:b6:6a:24:
6d:a6:b3:99:a6:0d:ad:40:a4:28:8a:d8:c3:ef:89:c6:0c:41:
50:a1:93:05:88:fa:50:e4:80:0f:33:a9:f3:f8:7a:16:e8:7a:
8d:cc:a5:fb:8b:3c:1b:a4:50:c3:1e:03:6a:01:ed:22:05:0e:
bc:f3:23:9c:82:37:68:cc:fb:9c:c4:14:70:7c:ca:25:eb:73:
55:a9:aa:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZh0epysKSAtaKSJ4D7lcCk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjQ3YTcyNWM3NjhkNGRlNzhmYjMxYmI0MGZlMTZlYmEx
OWYyMGQwHhcNMjUwODA0MDk0NzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJkMmIxZTI3M2ZkY2Y0ZmMyMzg0YTU5NTAzOWM4ZjRhY2ZkYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIFiTe67HHBrTsqk4/JNkWfHyzj+
T5GhlvHjBU7T+PJh7HPwLbPwGOFidyzZYmjdmBmekHkLytSLprVNp1pGNcdlO8Rz
H+s9Le6S/MuiBg+gHK63xBpal3puUiRpE+KU+t4gw0/YlMa3Onu0D5PAM6AsQbhS
70gOUhTr1eDr8ODqYWz+0FCpEmjXCG7jtiu4NVsSzB6nIPJ6Eqq8ov42r5j8u7e2
qX2QDz2eoM8dxGdQvTF8qo+olQgvS4D2Qh5csKnC0g8AnJ8x9geM18BgxBbwQOos
JYlSX6ApfeVxQuKXrO1HIC2azO9omOuAusdlAGt0VWV1bZCCR2T1Se+hJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCMtKx4nP9z0/COEpZUDnI9Kz9tSMB8GA1UdIwQY
MBaAFFP0enJcdo1N54+zG7QP4W66GfINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMt
NTc0NzEzODQ1ZGJjLzEvSXkwckhpY18zUFQ4STRTbGxRT2NqMHJQMjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMtNTc0NzEzODQ1ZGJj
LzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgaBgQMF
ASoGgYQwDQYJKoZIhvcNAQELBQADggEBAGlkHsBOQppRj8vQzrOk5gaBF+voGY4P
86In/X0+TVl//JWtitAlGDE6nw7IgpqiM8zv3iT3obWNNj8mIKUo1GpYA23mcDYo
GvDekOW7BSkW+KtlTgi2uCSOsNWvIxkKRwKmPjJe1iPOoRAhYlaRi9ht/qSSnUr3
BGzg4HoHkFt2zB0fNinB4dfXKyOh6mr7IH6MYMRTqtL8PPoB5ZuhxQh+lfsJ8kT1
RnQ+ZtzMZaZDCbZqJG2ms5mmDa1ApCiK2MPvicYMQVChkwWI+lDkgA8zqfP4ehbo
eo3MpfuLPBukUMMeA2oB7SIFDrzzI5yCN2jM+5zEFHB8yiXrc1Wpqvk=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:12:54 2025 by rpki-client