Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kAK1RZioUFyH5g0k4IlaoU-82OM.roa
File: kAK1RZioUFyH5g0k4IlaoU-82OM.roa (raw, json)
Hash identifier: 1c8CPi11OjNHa9D9v40bBbGIUryUSxYzOujwIiphXXw=
Subject key identifier: 90:02:B5:45:98:A8:50:5C:87:E6:0D:24:E0:89:5A:A1:4F:BC:D8:E3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019765AB0C27037017F3E07DD3F04D7DE1AD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kAK1RZioUFyH5g0k4IlaoU-82OM.roa
Signing time: Thu 12 Jun 2025 19:43:17 +0000
ROA not before: Thu 12 Jun 2025 19:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197992
IP address blocks: 2a06:5280::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
2a0d:a9c0::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a10:3040::/29 maxlen: 29
2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:90c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a13:2f40::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a13:9100::/29 maxlen: 29
2a13:9480::/29 maxlen: 29
2a13:9b00::/29 maxlen: 29
2a13:9d00::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:ab:0c:27:03:70:17:f3:e0:7d:d3:f0:4d:7d:e1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 12 19:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9002b54598a8505c87e60d24e0895aa14fbcd8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2f:6f:48:1f:d3:be:8d:10:97:fc:49:27:e3:
73:05:ae:31:3f:34:04:0a:16:9d:9c:40:4c:84:d9:
7c:4d:ca:8d:42:fc:c0:65:eb:8b:36:6e:a7:8b:f1:
d1:8b:af:2a:fc:0d:09:66:ea:7a:66:19:5d:05:2f:
89:5a:0a:af:53:6e:45:2c:48:b4:9e:d0:01:77:84:
3b:0c:04:d3:ca:bb:2d:55:2c:b2:9e:ee:c2:03:09:
61:11:e1:0b:fb:e4:0c:60:1c:c0:b0:88:66:e6:d2:
d5:c6:09:9a:55:2f:2f:e8:75:37:e4:f2:7c:7e:fa:
e6:8c:15:08:cc:47:1c:cf:0f:3f:36:bc:ab:6d:af:
14:be:e6:5c:e5:68:2d:b4:f1:09:6c:b1:b0:cc:d8:
d3:9a:30:45:ac:fc:f6:2e:12:b5:ec:38:8b:ff:77:
31:9e:19:67:b8:c4:cd:03:b6:7d:7d:9e:89:42:d5:
39:c7:e9:d1:a6:85:d6:d9:fb:46:24:64:f2:87:da:
af:ca:37:a4:6f:3f:cf:91:9f:27:43:35:ee:48:0b:
36:01:d1:2e:78:08:be:5e:87:cf:21:15:74:88:cb:
65:24:2d:6a:2f:a9:86:a6:d7:9f:91:41:67:46:3a:
2c:2a:e9:03:1f:54:e5:9c:a9:8f:c3:02:56:0d:35:
a3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:02:B5:45:98:A8:50:5C:87:E6:0D:24:E0:89:5A:A1:4F:BC:D8:E3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kAK1RZioUFyH5g0k4IlaoU-82OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a07:95c0::/29
2a0d:1140::/29
2a0d:a9c0::/29
2a0f:1a40::/29
2a0f:27c0::/29
2a0f:2e40::/29
2a0f:3640::/29
2a0f:7280::/29
2a0f:9600::/29
2a0f:ec00::/29
2a10:3040::/29
2a10:3640::/29
2a10:6300::/29
2a10:6900::/29
2a11:1880::/29
2a11:3f80::/29
2a11:90c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b740::/29
2a11:f040::/29
2a13:2f40::/29
2a13:4f00::/29
2a13:9100::/29
2a13:9480::/29
2a13:9b00::/29
2a13:9d00::/29
2a13:c700::/29
Signature Algorithm: sha256WithRSAEncryption
bd:b8:2c:ca:66:aa:7c:9e:02:3b:1b:1a:1e:38:30:26:a5:ab:
89:f1:da:73:8a:a1:f1:f1:a6:3c:23:99:50:d3:3c:4a:77:49:
df:ad:19:b8:b9:2d:32:61:8f:fb:d2:8e:80:f3:c9:0b:32:8c:
5c:2a:cc:f6:ea:2f:7b:89:58:c5:05:48:d6:39:aa:5c:84:18:
f3:cc:20:a3:b9:f6:1f:01:73:53:23:d3:a9:50:38:95:00:be:
cd:f3:86:b1:0e:fe:3f:28:8c:df:55:fe:5b:e4:f0:4f:b7:0d:
c7:96:52:f4:c6:f6:9f:14:5c:d2:5b:8c:26:25:09:be:d3:24:
2c:67:3b:cf:2a:ce:02:c3:bb:24:f4:e4:b5:02:50:b5:0d:09:
39:ff:d7:9a:35:f6:b2:d2:ae:e9:d7:9d:4d:86:ff:97:7f:5f:
bd:24:ce:04:ee:97:18:79:fb:b6:cd:fe:eb:6a:d2:d6:3d:31:
54:25:c4:f3:ad:df:75:95:36:ca:ae:6d:d3:ae:6a:0f:75:2c:
b9:25:89:51:c7:0b:4e:93:57:54:d1:18:71:19:42:5b:fd:d0:
1e:73:23:b3:73:d8:30:32:e2:30:68:60:b3:ad:5b:cc:7b:9e:
26:0a:68:77:f7:08:7e:ac:6d:ff:6d:3b:01:60:05:f2:c1:67:
c3:97:a6:58
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZdlqwwnA3AX8+B90/BNfeGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjEyMTk0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDAyYjU0NTk4YTg1MDVjODdlNjBkMjRlMDg5NWFhMTRmYmNkOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy9vSB/Tvo0Ql/xJJ+NzBa4xPzQE
ChadnEBMhNl8TcqNQvzAZeuLNm6ni/HRi68q/A0JZup6ZhldBS+JWgqvU25FLEi0
ntABd4Q7DATTyrstVSyynu7CAwlhEeEL++QMYBzAsIhm5tLVxgmaVS8v6HU35PJ8
fvrmjBUIzEcczw8/Nryrba8UvuZc5WgttPEJbLGwzNjTmjBFrPz2LhK17DiL/3cx
nhlnuMTNA7Z9fZ6JQtU5x+nRpoXW2ftGJGTyh9qvyjekbz/PkZ8nQzXuSAs2AdEu
eAi+XofPIRV0iMtlJC1qL6mGptefkUFnRjosKukDH1TlnKmPwwJWDTWjDwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFJACtUWYqFBch+YNJOCJWqFPvNjjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva0FLMVJaaW9VRnlINWcwazRJbGFvVS04Mk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCB0gQCAAIwgcsDBQMq
BlKAAwUDKgeVwAMFAyoNEUADBQMqDanAAwUDKg8aQAMFAyoPJ8ADBQMqDy5AAwUD
Kg82QAMFAyoPcoADBQMqD5YAAwUDKg/sAAMFAyoQMEADBQMqEDZAAwUDKhBjAAMF
AyoQaQADBQMqERiAAwUDKhE/gAMFAyoRkMADBQMqEZNAAwUDKhGeAAMFAyoRt0AD
BQMqEfBAAwUDKhMvQAMFAyoTTwADBQMqE5EAAwUDKhOUgAMFAyoTmwADBQMqE50A
AwUDKhPHADANBgkqhkiG9w0BAQsFAAOCAQEAvbgsymaqfJ4COxsaHjgwJqWrifHa
c4qh8fGmPCOZUNM8SndJ360ZuLktMmGP+9KOgPPJCzKMXCrM9uove4lYxQVI1jmq
XIQY88wgo7n2HwFzUyPTqVA4lQC+zfOGsQ7+PyiM31X+W+TwT7cNx5ZS9Mb2nxRc
0luMJiUJvtMkLGc7zyrOAsO7JPTktQJQtQ0JOf/XmjX2stKu6dedTYb/l39fvSTO
BO6XGHn7ts3+62rS1j0xVCXE863fdZU2yq5t065qD3UsuSWJUccLTpNXVNEYcRlC
W/3QHnMjs3PYMDLiMGhgs61bzHueJgpod/cIfqxt/207AWAF8sFnw5emWA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:03:47 2025 by rpki-client