Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/ccs7nyLFaW5A18K4O1qhpOVnDF0.roa
File: ccs7nyLFaW5A18K4O1qhpOVnDF0.roa (raw, json)
Hash identifier: kVq8Rt+cDTCddUdzX9poi4CfmBkJSUYFh1PJxqkXE8A=
Subject key identifier: 71:CB:3B:9F:22:C5:69:6E:40:D7:C2:B8:3B:5A:A1:A4:E5:67:0C:5D
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 019875791FFA048876AD18F22C27F4CA4F2B
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/ccs7nyLFaW5A18K4O1qhpOVnDF0.roa
Signing time: Mon 04 Aug 2025 14:25:28 +0000
ROA not before: Mon 04 Aug 2025 14:25:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44194
IP address blocks: 2001:bf7::/32 maxlen: 48
2001:bf7:750::/44 maxlen: 48
2001:bf7:760::/43 maxlen: 48
2001:bf7:760::/44 maxlen: 44
2001:bf7:770::/44 maxlen: 44
2001:bf7:780::/43 maxlen: 48
2001:bf7:780::/44 maxlen: 44
2001:bf7:790::/44 maxlen: 44
2001:bf7:800::/42 maxlen: 48
2001:bf7:800::/44 maxlen: 44
2001:bf7:810::/44 maxlen: 44
2001:bf7:820::/44 maxlen: 44
2001:bf7:830::/44 maxlen: 44
2001:bf7:840::/43 maxlen: 48
2001:bf7:840::/44 maxlen: 44
2001:bf7:850::/44 maxlen: 44
2001:bf7:860::/44 maxlen: 48
2001:bf7:b200::/44 maxlen: 44
2001:bf7:b201::/48 maxlen: 48
2001:bf7:fc00::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:79:1f:fa:04:88:76:ad:18:f2:2c:27:f4:ca:4f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Aug 4 14:25:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71cb3b9f22c5696e40d7c2b83b5aa1a4e5670c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:d7:ff:98:57:86:77:01:7d:e0:1b:2f:88:
33:4c:ca:8c:8f:06:64:6d:0b:19:be:18:fb:70:98:
d1:a5:f3:f1:cc:92:ec:52:f0:34:b1:68:38:85:9c:
28:7a:15:41:69:f4:40:eb:88:d3:40:fb:ec:90:d5:
2e:9c:4f:72:24:9d:a2:59:42:9e:75:87:3d:9c:3d:
f3:9c:7d:99:04:c5:66:fa:f6:1b:a1:6d:a0:02:9b:
ab:b3:2b:4f:f7:72:22:f4:c0:2b:45:18:95:ef:f8:
f7:de:0b:ae:a2:75:b6:10:f4:fb:71:d3:6b:ed:33:
07:04:fc:a2:34:ef:3c:19:eb:3d:af:49:0c:a9:33:
33:23:f5:98:79:63:94:c4:bf:72:bc:ab:28:eb:09:
56:ae:f2:0b:c4:25:71:0a:55:59:90:a3:1a:79:3b:
ab:17:74:a5:89:cd:1c:81:2a:77:c4:d5:87:18:06:
45:91:b4:7a:c2:84:40:92:77:5d:c1:11:ed:40:cc:
ff:0f:97:1a:96:9c:9f:b4:25:39:41:7c:2a:b0:92:
86:46:35:5c:c6:57:ff:5c:aa:d8:01:aa:5f:b5:56:
2c:02:cd:8e:a2:8f:81:51:71:21:b0:73:34:a0:d0:
82:8f:73:15:61:1c:e4:83:4c:06:8c:54:f5:fb:47:
e4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CB:3B:9F:22:C5:69:6E:40:D7:C2:B8:3B:5A:A1:A4:E5:67:0C:5D
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/ccs7nyLFaW5A18K4O1qhpOVnDF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7::/32
Signature Algorithm: sha256WithRSAEncryption
1b:7b:9a:65:c1:86:da:52:44:25:4e:90:93:86:ab:29:a9:53:
32:0d:11:6d:59:d0:a4:c7:77:91:d7:06:cc:ec:e4:77:f9:4d:
d6:f2:e7:64:ef:30:1a:6d:13:c1:61:2f:d8:78:ec:be:d2:ae:
b9:f0:b3:42:3c:4b:9b:e8:ac:4d:5c:7c:96:57:80:75:26:26:
c5:c7:85:57:04:f6:b5:05:08:f9:b1:c7:f9:cc:c0:38:7c:7e:
b0:a0:d3:1a:b5:e5:3a:0e:d5:71:b8:18:ee:33:a7:b8:6c:28:
7f:35:72:dd:f2:48:b7:21:00:f8:a2:cf:42:10:d0:a7:d9:04:
d4:e8:b3:c5:0e:a4:cb:3a:07:6f:a9:8c:2c:bc:5f:8e:d8:7f:
4e:04:70:ab:46:7d:a1:84:87:35:e9:29:8d:40:86:d0:4c:d4:
d3:0e:28:a3:0d:f4:23:d3:be:70:0a:40:ce:5e:df:1d:2e:2a:
69:d7:19:4a:56:db:4a:c6:e9:bc:cd:92:fd:c5:4b:20:c2:29:
8e:c6:bf:26:4d:50:79:5c:b8:bf:29:f4:19:f6:79:58:1f:56:
d7:9c:2e:c3:3e:fe:87:ef:ab:b5:25:14:da:2d:a6:8d:d0:80:
ed:1d:ad:17:a2:3c:17:3c:a7:0c:3e:a4:40:27:a7:86:7b:0c:
b1:16:eb:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZh1eR/6BIh2rRjyLCf0yk8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjUwODA0MTQyNTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNiM2I5ZjIyYzU2OTZlNDBkN2MyYjgzYjVhYTFhNGU1NjcwYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdrX/5hXhncBfeAbL4gzTMqMjwZk
bQsZvhj7cJjRpfPxzJLsUvA0sWg4hZwoehVBafRA64jTQPvskNUunE9yJJ2iWUKe
dYc9nD3znH2ZBMVm+vYboW2gApursytP93Ii9MArRRiV7/j33guuonW2EPT7cdNr
7TMHBPyiNO88Ges9r0kMqTMzI/WYeWOUxL9yvKso6wlWrvILxCVxClVZkKMaeTur
F3Slic0cgSp3xNWHGAZFkbR6woRAknddwRHtQMz/D5calpyftCU5QXwqsJKGRjVc
xlf/XKrYAapftVYsAs2Ooo+BUXEhsHM0oNCCj3MVYRzkg0wGjFT1+0fkfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHHLO58ixWluQNfCuDtaoaTlZwxdMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvY2NzN255TEZhVzVBMThLNE8xcWhwT1ZuREYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEL9zAN
BgkqhkiG9w0BAQsFAAOCAQEAG3uaZcGG2lJEJU6Qk4arKalTMg0RbVnQpMd3kdcG
zOzkd/lN1vLnZO8wGm0TwWEv2HjsvtKuufCzQjxLm+isTVx8lleAdSYmxceFVwT2
tQUI+bHH+czAOHx+sKDTGrXlOg7VcbgY7jOnuGwofzVy3fJItyEA+KLPQhDQp9kE
1OizxQ6kyzoHb6mMLLxfjth/TgRwq0Z9oYSHNekpjUCG0EzU0w4oow30I9O+cApA
zl7fHS4qadcZSlbbSsbpvM2S/cVLIMIpjsa/Jk1QeVy4vyn0GfZ5WB9W15wuwz7+
h++rtSUU2i2mjdCA7R2tF6I8FzynDD6kQCenhnsMsRbrfw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:25:10 2025 by rpki-client