Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CxlCGStctf_gb2B8GuFTECJFnPA.roa
File: CxlCGStctf_gb2B8GuFTECJFnPA.roa (raw, json)
Hash identifier: JtsPLyipWVd/0jn6A6jrrWO51k+uJj265jNYPBDpaCY=
Subject key identifier: 0B:19:42:19:2B:5C:B5:FF:E0:6F:60:7C:1A:E1:53:10:22:45:9C:F0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01984B672EABE5D3D150DA7858C558E2FB79
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CxlCGStctf_gb2B8GuFTECJFnPA.roa
Signing time: Sun 27 Jul 2025 10:21:49 +0000
ROA not before: Sun 27 Jul 2025 10:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 2a07:a300::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a10:34c0::/29 maxlen: 29
2a11:1c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 23:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4b:67:2e:ab:e5:d3:d1:50:da:78:58:c5:58:e2:fb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 27 10:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b1942192b5cb5ffe06f607c1ae1531022459cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3f:7c:b3:8f:24:db:b3:51:5a:dc:32:53:60:
60:e9:18:c3:53:79:74:77:00:b7:77:1b:2c:30:3f:
ea:d0:ff:eb:81:8d:2d:7a:48:2b:01:78:1d:1e:36:
18:a5:ee:ed:e0:c5:1c:a6:41:97:bc:42:45:4f:11:
ad:27:39:73:95:df:73:d4:ad:37:0d:59:72:cb:37:
4d:8c:f1:c0:d5:e6:f7:6d:ae:d0:8e:c5:47:19:f8:
68:02:20:6c:0e:ee:e8:f7:ef:a2:de:06:09:e4:93:
4c:d0:26:03:26:a0:36:f9:d3:9b:f5:c7:b4:66:6a:
d7:70:e0:2c:cc:27:82:a5:af:33:9e:63:42:ab:78:
ab:30:ed:30:60:99:fc:f6:19:6e:ad:0a:21:f1:b9:
6b:52:e4:77:0a:31:df:f3:82:47:69:cc:2d:9b:26:
63:9b:80:a0:0f:e9:0f:02:92:4f:11:f2:2a:b6:f5:
c7:46:cf:68:4b:f5:8f:24:40:0a:d6:59:de:c0:0a:
07:a3:66:5f:4a:0a:a3:75:1b:e4:a0:a9:44:44:b7:
82:75:7d:cc:c7:8c:9b:4b:4c:db:c0:a8:56:66:eb:
5f:9e:b4:5b:0e:fe:61:d6:96:ba:22:d8:34:47:4f:
ab:a9:df:99:50:c4:2b:f8:36:34:9f:7f:f0:ca:37:
87:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:19:42:19:2B:5C:B5:FF:E0:6F:60:7C:1A:E1:53:10:22:45:9C:F0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CxlCGStctf_gb2B8GuFTECJFnPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:a300::/29
2a0f:1a40::/29
2a0f:7f00::/29
2a0f:8100::/29
2a10:34c0::/29
2a11:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
4e:5c:b4:f3:70:60:8e:47:e5:b5:5e:e2:f4:92:a6:59:e3:5d:
a7:15:4d:9e:be:30:aa:09:01:cd:c9:3d:4f:cd:c3:66:e0:5c:
64:6c:74:c3:7c:12:2f:f8:1f:9e:56:2f:56:e0:10:73:17:93:
45:4f:bb:e8:82:7f:56:44:25:58:46:90:c8:f0:e8:0b:0f:a1:
8f:5f:8f:3e:03:45:48:4c:96:6c:90:e3:55:6d:91:a0:01:c4:
c7:fa:b0:33:6f:74:94:a6:3c:dd:02:90:ea:92:cf:1d:20:52:
04:ab:0a:09:af:d8:48:c4:cf:3f:cf:ad:16:6d:d7:d0:12:da:
9f:68:57:cb:77:cd:55:19:16:c7:c9:66:c9:b9:9e:6a:9a:0c:
b3:36:d0:fa:7b:6f:f0:38:37:af:a5:2c:56:0c:ca:6e:ea:f2:
bd:47:eb:26:e8:e7:e4:4a:8f:36:d3:ea:ba:ac:e0:87:67:3e:
cc:c3:ae:77:10:0a:0d:3f:f7:ec:8e:8a:ab:da:bd:9f:3d:d5:
0d:91:3b:f5:b8:9d:c9:da:09:16:b4:11:52:76:76:6e:09:c4:
ff:4b:b1:f4:9c:d7:b1:e8:31:db:cf:28:7a:fe:70:f2:26:42:
08:39:62:ee:67:45:3a:f1:dd:b2:9c:1e:23:ff:c8:bd:89:ad:
16:5d:07:93
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhLZy6r5dPRUNp4WMVY4vt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzI3MTAyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE5NDIxOTJiNWNiNWZmZTA2ZjYwN2MxYWUxNTMxMDIyNDU5Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2T98s48k27NRWtwyU2Bg6RjDU3l0
dwC3dxssMD/q0P/rgY0tekgrAXgdHjYYpe7t4MUcpkGXvEJFTxGtJzlzld9z1K03
DVlyyzdNjPHA1eb3ba7QjsVHGfhoAiBsDu7o9++i3gYJ5JNM0CYDJqA2+dOb9ce0
ZmrXcOAszCeCpa8znmNCq3irMO0wYJn89hlurQoh8blrUuR3CjHf84JHacwtmyZj
m4CgD+kPApJPEfIqtvXHRs9oS/WPJEAK1lnewAoHo2ZfSgqjdRvkoKlERLeCdX3M
x4ybS0zbwKhWZutfnrRbDv5h1pa6Itg0R0+rqd+ZUMQr+DY0n3/wyjeHSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAsZQhkrXLX/4G9gfBrhUxAiRZzwMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ3hsQ0dTdGN0Zl9nYjJCOEd1RlRFQ0pGblBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgejAAMF
AyoPGkADBQMqD38AAwUDKg+BAAMFAyoQNMADBQMqERxAMA0GCSqGSIb3DQEBCwUA
A4IBAQBOXLTzcGCOR+W1XuL0kqZZ412nFU2evjCqCQHNyT1PzcNm4FxkbHTDfBIv
+B+eVi9W4BBzF5NFT7vogn9WRCVYRpDI8OgLD6GPX48+A0VITJZskONVbZGgAcTH
+rAzb3SUpjzdApDqks8dIFIEqwoJr9hIxM8/z60WbdfQEtqfaFfLd81VGRbHyWbJ
uZ5qmgyzNtD6e2/wODevpSxWDMpu6vK9R+sm6OfkSo820+q6rOCHZz7Mw653EAoN
P/fsjoqr2r2fPdUNkTv1uJ3J2gkWtBFSdnZuCcT/S7H0nNex6DHbzyh6/nDyJkII
OWLuZ0U68d2ynB4j/8i9ia0WXQeT
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:38:30 2025 by rpki-client