Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/6eacljktsjfqwIXK2BQ3zUoxTQM.roa
File: 6eacljktsjfqwIXK2BQ3zUoxTQM.roa (raw, json)
Hash identifier: u6yB5Jf0ql9f9C+l+IiRvrAOA00Ku2NS1PwxGK/5UO4=
Subject key identifier: E9:E6:9C:96:39:2D:B2:37:EA:C0:85:CA:D8:14:37:CD:4A:31:4D:03
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019A255A8F5A5664435100B0C879A0441B04
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/6eacljktsjfqwIXK2BQ3zUoxTQM.roa
Signing time: Mon 27 Oct 2025 11:08:03 +0000
ROA not before: Mon 27 Oct 2025 11:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:1200::/48 maxlen: 48
2a07:3500:1998::/48 maxlen: 48
2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
2a07:3500:19b8::/48 maxlen: 48
2a07:3500:19d8::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19e8::/48 maxlen: 48
2a07:3500:19f0::/48 maxlen: 48
2a07:3500:19f8::/48 maxlen: 48
2a07:3500:1a00::/48 maxlen: 48
2a07:3502:1040::/48 maxlen: 48
2a07:3502:1070::/48 maxlen: 48
2a07:3502:1090::/48 maxlen: 48
2a07:3502:11d0::/48 maxlen: 48
2a07:3502:11e0::/48 maxlen: 48
2a07:3502:11f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:5a:8f:5a:56:64:43:51:00:b0:c8:79:a0:44:1b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Oct 27 11:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9e69c96392db237eac085cad81437cd4a314d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ed:eb:4c:66:15:fd:c1:18:d8:43:9c:9c:d5:
2a:37:4d:de:75:ce:ba:40:ef:88:1f:d9:4b:af:7e:
b2:a4:97:d3:e4:63:d1:76:e4:3e:89:71:e9:85:35:
60:62:75:70:a6:f7:8f:c2:7a:78:76:34:2d:3a:eb:
bd:94:ad:27:28:ab:bb:e6:8d:a8:42:01:8b:6c:f6:
44:6e:8d:71:97:77:fd:da:94:55:31:c9:31:af:37:
c3:d7:0e:11:70:a0:d8:ae:7e:33:bc:07:10:1f:48:
44:0f:ee:35:a1:98:ca:af:41:a0:8c:eb:d4:06:e5:
ec:bd:d9:66:e0:ca:03:7f:a2:66:89:a7:72:82:2d:
7f:ef:29:54:bc:24:33:72:de:c6:a2:89:47:14:77:
b9:a3:59:35:27:3c:87:a4:31:69:8e:a6:76:92:5d:
c5:1b:55:e0:d3:88:b0:3f:54:99:9f:f1:73:97:94:
04:c3:59:ae:56:fc:77:c1:1e:c8:fa:f4:ea:18:80:
f2:2d:05:13:5d:b0:52:87:eb:2c:7c:ba:94:6d:00:
a5:ee:61:42:c4:eb:66:d4:d4:89:fd:eb:66:37:04:
e9:db:12:d3:46:48:f6:04:1a:dd:c6:a6:43:51:24:
f8:d3:30:d8:29:e2:2f:dd:04:15:78:97:3d:ae:37:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E6:9C:96:39:2D:B2:37:EA:C0:85:CA:D8:14:37:CD:4A:31:4D:03
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/6eacljktsjfqwIXK2BQ3zUoxTQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19b8::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
2a07:3500:19e8::/48
2a07:3500:19f0::/48
2a07:3500:19f8::/48
2a07:3500:1a00::/48
2a07:3502:1040::/48
2a07:3502:1070::/48
2a07:3502:1090::/48
2a07:3502:11d0::/48
2a07:3502:11e0::/48
2a07:3502:11f0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:1e:6e:cf:b0:2c:91:5d:10:04:e9:49:95:3f:4c:0f:8b:30:
6b:7e:f1:7d:fc:93:ee:a1:a6:8e:1f:70:52:1e:4d:7e:c9:fc:
0e:23:9e:f5:8b:91:a9:f1:da:19:f9:3c:11:48:fd:28:ed:b3:
03:2d:d0:30:88:52:c9:b5:df:a9:a7:c8:3b:e4:bc:d9:59:76:
69:10:06:b3:bf:2f:57:6f:85:c0:bf:25:21:9c:6e:0b:fa:67:
51:07:82:18:81:4e:fa:f9:fc:a2:29:d8:a6:60:43:17:7a:58:
64:d3:c1:d0:9a:53:27:cd:22:1c:89:ac:7b:9c:6c:4a:82:ce:
b8:6f:38:ee:51:a4:ec:90:34:f9:61:86:9c:de:1f:74:fb:29:
18:56:c2:e3:12:33:ac:2a:6f:af:b5:3c:5a:07:ec:11:00:07:
91:65:3c:bf:6d:ca:44:cb:8b:28:78:7f:98:38:b0:97:5c:e0:
32:40:72:49:8f:a5:5b:1f:74:90:d1:3d:88:0f:0a:94:ce:13:
84:77:a0:2e:d2:e6:b2:ea:db:df:82:12:85:0b:33:51:36:b2:
80:ad:e4:1c:19:a3:1f:00:49:60:16:0a:d4:e2:de:ca:53:db:
a3:b3:b2:f7:61:98:05:ca:37:d6:0e:d7:2f:d2:a4:eb:30:4a:
8c:f3:75:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZolWo9aVmRDUQCwyHmgRBsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUxMDI3MTEwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWU2OWM5NjM5MmRiMjM3ZWFjMDg1Y2FkODE0MzdjZDRhMzE0ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+3rTGYV/cEY2EOcnNUqN03edc66
QO+IH9lLr36ypJfT5GPRduQ+iXHphTVgYnVwpvePwnp4djQtOuu9lK0nKKu75o2o
QgGLbPZEbo1xl3f92pRVMckxrzfD1w4RcKDYrn4zvAcQH0hED+41oZjKr0GgjOvU
BuXsvdlm4MoDf6Jmiadygi1/7ylUvCQzct7GoolHFHe5o1k1JzyHpDFpjqZ2kl3F
G1Xg04iwP1SZn/Fzl5QEw1muVvx3wR7I+vTqGIDyLQUTXbBSh+ssfLqUbQCl7mFC
xOtm1NSJ/etmNwTp2xLTRkj2BBrdxqZDUST40zDYKeIv3QQVeJc9rjeuawIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFOnmnJY5LbI36sCFytgUN81KMU0DMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvNmVhY2xqa3RzamZxd0lYSzJCUTN6VW94VFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAIwgaIDBwAq
BzUAEgADBwAqBzUAGZgDBwAqBzUAGaADBwAqBzUAGagDBwAqBzUAGbADBwAqBzUA
GbgDBwAqBzUAGdgDBwAqBzUAGeADBwAqBzUAGegDBwAqBzUAGfADBwAqBzUAGfgD
BwAqBzUAGgADBwAqBzUCEEADBwAqBzUCEHADBwAqBzUCEJADBwAqBzUCEdADBwAq
BzUCEeADBwAqBzUCEfAwDQYJKoZIhvcNAQELBQADggEBAF8ebs+wLJFdEATpSZU/
TA+LMGt+8X38k+6hpo4fcFIeTX7J/A4jnvWLkanx2hn5PBFI/SjtswMt0DCIUsm1
36mnyDvkvNlZdmkQBrO/L1dvhcC/JSGcbgv6Z1EHghiBTvr5/KIp2KZgQxd6WGTT
wdCaUyfNIhyJrHucbEqCzrhvOO5RpOyQNPlhhpzeH3T7KRhWwuMSM6wqb6+1PFoH
7BEAB5FlPL9tykTLiyh4f5g4sJdc4DJAckmPpVsfdJDRPYgPCpTOE4R3oC7S5rLq
29+CEoULM1E2soCt5BwZox8ASWAWCtTi3spT26OzsvdhmAXKN9YO1y/SpOswSozz
dYQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:36:05 2025 by rpki-client