Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/0KZX05rL8h9xkUYSwRaJ35ZtOBw.roa
File: 0KZX05rL8h9xkUYSwRaJ35ZtOBw.roa (raw, json)
Hash identifier: 0p1i5WbBLqVZcu2ejejVhnVH/tBsiXUpsUEhbMpG3eU=
Subject key identifier: D0:A6:57:D3:9A:CB:F2:1F:71:91:46:12:C1:16:89:DF:96:6D:38:1C
Certificate issuer: /CN=54deb1d6a377ac9d1f5b888c5cd1d400c7997271
Certificate serial: 019770886A5157C92A9EA94D6C7A239B6267
Authority key identifier: 54:DE:B1:D6:A3:77:AC:9D:1F:5B:88:8C:5C:D1:D4:00:C7:99:72:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/0KZX05rL8h9xkUYSwRaJ35ZtOBw.roa
Signing time: Sat 14 Jun 2025 22:21:17 +0000
ROA not before: Sat 14 Jun 2025 22:21:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215812
IP address blocks: 2a01:fec0::/48 maxlen: 48
2a01:fec0:1::/48 maxlen: 48
2a01:fec0:2::/48 maxlen: 48
2a01:fec0:3::/48 maxlen: 48
2a01:fec0:4::/48 maxlen: 48
2a01:fec0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:70:88:6a:51:57:c9:2a:9e:a9:4d:6c:7a:23:9b:62:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54deb1d6a377ac9d1f5b888c5cd1d400c7997271
Validity
Not Before: Jun 14 22:21:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a657d39acbf21f71914612c11689df966d381c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:68:0d:f7:a0:40:77:43:e1:be:75:18:d1:4c:
b4:b5:a6:bf:d9:e6:3e:58:38:2c:65:1d:76:99:9e:
95:fe:49:8c:10:93:a7:be:ba:95:08:72:cd:5a:b8:
51:9c:2e:73:fb:01:d6:86:4d:6f:47:a4:32:cb:28:
bc:12:f7:6b:4d:5f:39:72:20:3f:81:2e:1d:a0:c6:
d0:d2:ee:3c:1c:c7:39:f3:3a:43:20:5d:df:ed:ec:
f3:68:7d:4f:3e:36:d4:37:8e:bb:f4:8e:3e:5a:15:
39:dd:4f:c2:50:e7:b9:9d:db:3e:89:ff:36:dc:ec:
a5:4f:93:5c:c9:ca:f7:8c:dc:ab:9d:1e:6b:57:44:
89:88:f4:95:4d:1e:59:ae:96:3b:b1:72:75:e6:c5:
45:6b:c3:ac:ad:5e:27:df:53:4b:c2:af:ce:f2:ed:
f7:b4:2d:9d:92:0d:22:71:5b:bf:f2:d4:cf:ca:bb:
ee:d8:18:e0:86:63:23:3a:b0:1c:9b:aa:87:55:80:
cf:6c:74:89:1a:c1:03:a8:32:3b:7f:e2:ca:83:22:
dc:6b:08:8a:f3:4d:af:f8:fd:0e:80:f7:d4:48:46:
c3:9e:05:12:72:b5:a8:6b:83:b2:5b:f1:5a:0d:5d:
c3:26:d7:97:62:4f:79:d9:45:71:51:85:56:82:46:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A6:57:D3:9A:CB:F2:1F:71:91:46:12:C1:16:89:DF:96:6D:38:1C
X509v3 Authority Key Identifier:
keyid:54:DE:B1:D6:A3:77:AC:9D:1F:5B:88:8C:5C:D1:D4:00:C7:99:72:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/0KZX05rL8h9xkUYSwRaJ35ZtOBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:fec0::-2a01:fec0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8c:8f:c5:f9:dc:2e:99:42:ee:2b:b6:5a:05:5a:ed:8f:3f:d7:
ba:48:ac:07:72:99:2f:42:6a:c2:fa:36:e7:f3:ac:cc:4b:1f:
af:c8:53:c4:e9:f6:3e:6f:52:f3:82:fc:e5:5d:d1:b3:50:da:
ba:71:7e:f5:34:6e:3f:a6:eb:63:a7:99:5a:7f:6c:b1:21:ed:
f8:05:0f:7c:fb:fa:e3:27:9e:0a:92:22:9a:5b:c3:18:7d:c7:
a1:fc:dc:67:a3:d5:ac:04:84:e3:1d:3f:27:b8:04:cc:dd:5f:
73:92:d0:07:dd:13:31:34:5e:2f:49:ab:fc:ae:87:8b:13:eb:
35:06:8e:c9:56:38:6e:5a:41:6e:23:d4:e7:b4:f1:af:06:91:
e8:02:76:20:b6:be:e4:53:20:5b:f5:40:62:0e:cc:5f:ab:4d:
4d:6a:12:73:15:49:5b:79:61:2a:8e:f7:0b:19:f5:08:f2:e7:
24:2c:28:fc:9a:dc:3b:8b:79:3a:81:fa:56:97:67:84:8e:12:
a9:94:d5:1f:e6:cf:f1:e3:7c:81:15:8e:57:d5:db:00:c4:74:
e2:d7:1e:de:7d:66:3a:d5:5f:9e:14:2e:cf:a4:cf:5d:45:59:
f6:69:8d:fb:10:aa:29:a9:d9:ca:a0:42:f5:c2:e5:a0:43:b2:
5e:00:ed:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdwiGpRV8kqnqlNbHojm2JnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZGViMWQ2YTM3N2FjOWQxZjViODg4YzVjZDFkNDAwYzc5
OTcyNzEwHhcNMjUwNjE0MjIyMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE2NTdkMzlhY2JmMjFmNzE5MTQ2MTJjMTE2ODlkZjk2NmQzODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmgN96BAd0PhvnUY0Uy0taa/2eY+
WDgsZR12mZ6V/kmMEJOnvrqVCHLNWrhRnC5z+wHWhk1vR6Qyyyi8EvdrTV85ciA/
gS4doMbQ0u48HMc58zpDIF3f7ezzaH1PPjbUN4679I4+WhU53U/CUOe5nds+if82
3OylT5Ncycr3jNyrnR5rV0SJiPSVTR5ZrpY7sXJ15sVFa8OsrV4n31NLwq/O8u33
tC2dkg0icVu/8tTPyrvu2BjghmMjOrAcm6qHVYDPbHSJGsEDqDI7f+LKgyLcawiK
802v+P0OgPfUSEbDngUScrWoa4OyW/FaDV3DJteXYk952UVxUYVWgka3uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNCmV9Oay/IfcZFGEsEWid+WbTgcMB8GA1UdIwQY
MBaAFFTesdajd6ydH1uIjFzR1ADHmXJxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk42eDFxTjNySjBmVzRpTVhOSFVBTWVaY25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wNDQzOWYtNDJlMy00ZTZjLWJkM2It
YjMzNmYzMWU0YTc0LzEvMEtaWDA1ckw4aDl4a1VZU3dSYUozNVp0T0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wNDQzOWYtNDJlMy00ZTZjLWJkM2ItYjMzNmYzMWU0YTc0
LzEvVk42eDFxTjNySjBmVzRpTVhOSFVBTWVaY25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqAf7A
AwcBKgH+wAAEMA0GCSqGSIb3DQEBCwUAA4IBAQCMj8X53C6ZQu4rtloFWu2PP9e6
SKwHcpkvQmrC+jbn86zMSx+vyFPE6fY+b1LzgvzlXdGzUNq6cX71NG4/putjp5la
f2yxIe34BQ98+/rjJ54KkiKaW8MYfceh/Nxno9WsBITjHT8nuATM3V9zktAH3RMx
NF4vSav8roeLE+s1Bo7JVjhuWkFuI9TntPGvBpHoAnYgtr7kUyBb9UBiDsxfq01N
ahJzFUlbeWEqjvcLGfUI8uckLCj8mtw7i3k6gfpWl2eEjhKplNUf5s/x43yBFY5X
1dsAxHTi1x7efWY61V+eFC7PpM9dRVn2aY37EKopqdnKoEL1wuWgQ7JeAO20
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:31:47 2025 by rpki-client