Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/D5K3vpbUVBlO6iRrrfmg6m2Mqho.roa
File: D5K3vpbUVBlO6iRrrfmg6m2Mqho.roa (raw, json)
Hash identifier: fbtKIhVizZjt0Vd0hAwbQy5nqoZGiv9YiHg1bEIkpKw=
Subject key identifier: 0F:92:B7:BE:96:D4:54:19:4E:EA:24:6B:AD:F9:A0:EA:6D:8C:AA:1A
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 01970BB66FAD6C67AB146DB8E1BD0CF297E3
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/D5K3vpbUVBlO6iRrrfmg6m2Mqho.roa
Signing time: Mon 26 May 2025 08:29:54 +0000
ROA not before: Mon 26 May 2025 08:29:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 2a13:7b40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:b6:6f:ad:6c:67:ab:14:6d:b8:e1:bd:0c:f2:97:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: May 26 08:29:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f92b7be96d454194eea246badf9a0ea6d8caa1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8a:cf:c2:63:31:3f:94:22:d6:0e:c4:a2:76:
1c:e6:6e:73:0a:42:83:e8:45:c9:3a:c5:dd:e3:9c:
24:b8:53:90:3b:a1:dd:cb:86:6d:31:56:99:ad:81:
7e:97:f1:e9:b4:84:b4:32:e8:c7:47:03:6c:79:48:
c2:19:1d:cc:f6:8f:eb:c0:2c:9e:3e:22:4f:f9:88:
dc:7d:16:a9:1a:ca:a3:31:b1:1d:64:81:21:b5:2b:
4c:7e:0a:75:40:df:23:54:c7:4a:a6:2d:ea:97:25:
60:0d:8f:c5:d7:f3:66:11:e8:51:03:da:d3:17:19:
0d:1d:b6:f9:b0:b7:eb:50:04:42:45:5c:0b:9e:1f:
0e:e8:1b:ce:a7:bc:20:1a:53:b6:db:a5:ca:eb:ca:
e7:a4:c5:c6:ff:b1:ca:54:c2:7e:3f:18:42:49:d9:
65:ff:b3:1b:50:82:46:00:a5:3b:43:8d:6e:34:70:
2f:1e:d3:ab:61:c6:6b:98:ac:98:29:9b:c0:49:14:
9f:b8:a2:59:57:6c:ce:7e:a4:94:f5:65:12:d2:81:
4a:de:ef:c5:cc:20:1d:25:70:e8:cb:a9:50:d6:36:
f9:f5:b1:e1:9f:ca:e3:cb:85:67:48:3e:17:7f:a3:
86:86:6d:cf:a9:c7:e5:33:0d:c7:b1:9b:c1:8e:c0:
9d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:92:B7:BE:96:D4:54:19:4E:EA:24:6B:AD:F9:A0:EA:6D:8C:AA:1A
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/D5K3vpbUVBlO6iRrrfmg6m2Mqho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7b40:2::/48
Signature Algorithm: sha256WithRSAEncryption
0f:88:45:81:76:eb:6c:8a:7e:fa:8d:50:1a:5f:54:b7:bb:50:
ef:eb:b5:b9:6a:4c:fa:9d:b4:b4:e1:8a:b6:98:88:07:02:ec:
16:db:f6:fb:a6:3e:e3:4b:07:33:71:7e:dc:45:35:a6:58:4e:
e2:da:52:1f:d3:60:e9:d5:79:71:3b:46:80:19:fc:76:9c:5e:
e4:03:77:b9:17:11:7d:6b:35:fd:af:08:ca:e2:57:fb:93:37:
3e:fe:1f:a8:1d:0b:a4:a9:e9:9c:3b:97:4d:96:99:9e:bf:bc:
d4:3b:cc:5d:d8:2d:f6:26:c2:c0:22:84:57:c3:48:50:8b:d3:
62:d9:ed:84:b5:04:75:40:48:1b:ef:70:51:95:52:14:06:34:
01:bf:b1:e3:b8:ea:81:2b:4f:d5:3b:e3:f3:79:eb:6a:36:ce:
ec:91:36:93:87:6c:23:c2:c6:53:f3:0a:e7:c1:da:d7:c0:03:
cf:d3:93:62:31:f7:35:77:79:b6:da:80:db:a8:ac:16:7d:eb:
d5:af:f0:95:19:0e:3b:ff:42:4c:2c:1a:f5:d9:9b:f4:b1:43:
d5:4f:c0:5c:fa:bc:cb:37:0d:56:96:8d:ec:28:16:d9:09:00:
e7:13:13:2f:e3:c2:43:a4:83:54:03:7f:28:4f:64:98:31:07:
51:45:ef:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZcLtm+tbGerFG244b0M8pfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjUwNTI2MDgyOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjkyYjdiZTk2ZDQ1NDE5NGVlYTI0NmJhZGY5YTBlYTZkOGNhYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYrPwmMxP5Qi1g7EonYc5m5zCkKD
6EXJOsXd45wkuFOQO6Hdy4ZtMVaZrYF+l/HptIS0MujHRwNseUjCGR3M9o/rwCye
PiJP+YjcfRapGsqjMbEdZIEhtStMfgp1QN8jVMdKpi3qlyVgDY/F1/NmEehRA9rT
FxkNHbb5sLfrUARCRVwLnh8O6BvOp7wgGlO226XK68rnpMXG/7HKVMJ+PxhCSdll
/7MbUIJGAKU7Q41uNHAvHtOrYcZrmKyYKZvASRSfuKJZV2zOfqSU9WUS0oFK3u/F
zCAdJXDoy6lQ1jb59bHhn8rjy4VnSD4Xf6OGhm3PqcflMw3HsZvBjsCdvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA+St76W1FQZTuoka635oOptjKoaMB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvRDVLM3ZwYlVWQmxPNmlScnJmbWc2bTJNcWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhN7QAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAPiEWBdutsin76jVAaX1S3u1Dv67W5akz6nbS0
4Yq2mIgHAuwW2/b7pj7jSwczcX7cRTWmWE7i2lIf02Dp1XlxO0aAGfx2nF7kA3e5
FxF9azX9rwjK4lf7kzc+/h+oHQukqemcO5dNlpmev7zUO8xd2C32JsLAIoRXw0hQ
i9Ni2e2EtQR1QEgb73BRlVIUBjQBv7HjuOqBK0/VO+PzeetqNs7skTaTh2wjwsZT
8wrnwdrXwAPP05NiMfc1d3m22oDbqKwWfevVr/CVGQ47/0JMLBr12Zv0sUPVT8Bc
+rzLNw1Wlo3sKBbZCQDnExMv48JDpINUA38oT2SYMQdRRe/t
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:50:47 2025 by rpki-client