Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/lVqcNhHZhJJM3cni05QJsqrmC6o.roa
File: lVqcNhHZhJJM3cni05QJsqrmC6o.roa (raw, json)
Hash identifier: VwllMkwnryfmfdw6ZledmJiyv0+FJYJWLryed/wV+2E=
Subject key identifier: 95:5A:9C:36:11:D9:84:92:4C:DD:C9:E2:D3:94:09:B2:AA:E6:0B:AA
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019864EDE5A26EE3B38B2B50E1B5ED65CEC6
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/lVqcNhHZhJJM3cni05QJsqrmC6o.roa
Signing time: Fri 01 Aug 2025 09:19:29 +0000
ROA not before: Fri 01 Aug 2025 09:19:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29226
IP address blocks: 2a09:6286::/32 maxlen: 32
2a10:4103::/32 maxlen: 32
2a10:4105::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a12:a341::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
2a13:3c80::/30 maxlen: 30
2a13:3c84::/30 maxlen: 30
2a13:9340::/32 maxlen: 32
2a13:9341::/32 maxlen: 32
2a13:9342::/32 maxlen: 32
2a13:9343::/32 maxlen: 32
2a13:9344::/32 maxlen: 32
2a13:9345::/32 maxlen: 32
2a13:9346::/32 maxlen: 32
2a13:9347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:64:ed:e5:a2:6e:e3:b3:8b:2b:50:e1:b5:ed:65:ce:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 1 09:19:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=955a9c3611d984924cddc9e2d39409b2aae60baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:3c:40:03:35:a6:dd:25:a7:12:cf:67:56:
38:82:c6:6d:27:8f:89:4c:cd:4c:67:b0:82:20:3f:
5a:12:da:bd:2d:13:c9:04:d2:d2:3b:39:c8:1d:56:
51:99:41:bf:df:a6:0d:a4:48:1d:11:14:46:7e:55:
7e:61:4f:10:e1:3a:63:af:3e:e2:f8:ac:69:22:22:
3f:cf:aa:12:d4:d2:2a:77:70:c1:83:bf:10:80:58:
f9:48:e8:ba:33:1d:26:fb:fe:43:8a:2c:71:4d:a3:
cf:fc:b0:04:9f:bf:1d:39:44:04:1d:f0:b7:c1:8c:
64:27:cf:ee:22:4e:a8:73:01:d4:55:48:9c:c1:7c:
a3:8e:c9:89:28:09:17:3a:44:18:8a:f2:39:52:21:
38:60:07:53:65:21:f5:1b:8e:90:46:f2:8d:53:2e:
8b:3e:2f:01:9a:5c:d3:8f:4a:64:64:28:ae:bc:88:
fe:34:0b:c9:62:76:c3:57:a7:be:4b:cd:75:34:71:
3f:d7:1d:2f:ae:3d:68:a5:59:90:05:66:62:44:48:
f7:31:ac:4f:dc:3a:0d:62:3c:e0:15:f1:9f:78:5c:
0c:ca:de:0c:63:ba:92:f0:d0:fb:42:65:0a:7a:97:
44:a0:b2:b9:18:ed:3e:24:dd:1d:6b:45:07:be:e1:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5A:9C:36:11:D9:84:92:4C:DD:C9:E2:D3:94:09:B2:AA:E6:0B:AA
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/lVqcNhHZhJJM3cni05QJsqrmC6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6286::/32
2a10:4103::/32
2a10:4105::/32
2a11:4b44::/32
2a11:4b46::/32
2a12:a341::/32
2a12:a347::/32
2a13:3c80::/29
2a13:9340::/29
Signature Algorithm: sha256WithRSAEncryption
ac:80:36:10:81:da:f2:c8:36:ca:e5:67:22:84:93:b3:65:5d:
34:9f:3a:68:63:0f:15:9a:e1:38:bf:6e:77:5e:ac:1e:69:10:
0f:14:8d:d0:6d:b8:eb:f8:8d:68:b1:ab:88:bf:c3:7d:d8:9b:
40:65:7e:14:d2:b7:8a:a5:cc:56:c3:22:9c:8c:9a:09:70:b2:
6c:9e:db:41:1e:c9:91:b7:2d:d0:71:5d:01:f1:30:a9:d6:71:
75:c0:a4:5b:80:10:7c:9f:15:47:4d:1e:c8:20:e2:72:46:1d:
49:3d:69:a0:eb:10:93:cf:57:19:8e:cb:0a:61:43:d9:f7:4d:
15:1c:9b:cf:46:d4:b1:f7:19:59:73:28:47:d4:c9:10:0b:3c:
79:30:50:e9:c0:54:cb:b1:b4:31:04:c7:53:13:6d:67:7d:b2:
7a:41:d4:1b:ea:23:cf:98:45:0b:5b:6d:06:b1:5e:c9:82:28:
25:f9:60:8c:fb:1c:80:7b:08:ca:54:32:70:d9:45:7c:f3:f4:
77:35:21:74:6b:34:ab:1c:e3:e1:10:b0:fd:aa:c6:36:9c:bc:
0a:fb:35:87:ad:69:7c:cb:c4:8c:20:fa:88:08:6c:3a:e2:8d:
0b:89:0a:7f:f1:a3:e6:15:82:47:a2:1a:3e:43:ef:2f:c6:7e:
12:72:96:3e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZhk7eWibuOziytQ4bXtZc7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwODAxMDkxOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVhOWMzNjExZDk4NDkyNGNkZGM5ZTJkMzk0MDliMmFhZTYwYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorY8QAM1pt0lpxLPZ1Y4gsZtJ4+J
TM1MZ7CCID9aEtq9LRPJBNLSOznIHVZRmUG/36YNpEgdERRGflV+YU8Q4Tpjrz7i
+KxpIiI/z6oS1NIqd3DBg78QgFj5SOi6Mx0m+/5DiixxTaPP/LAEn78dOUQEHfC3
wYxkJ8/uIk6ocwHUVUicwXyjjsmJKAkXOkQYivI5UiE4YAdTZSH1G46QRvKNUy6L
Pi8BmlzTj0pkZCiuvIj+NAvJYnbDV6e+S811NHE/1x0vrj1opVmQBWZiREj3MaxP
3DoNYjzgFfGfeFwMyt4MY7qS8ND7QmUKepdEoLK5GO0+JN0da0UHvuHocwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJVanDYR2YSSTN3J4tOUCbKq5guqMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbFZxY05oSFpoSkpNM2NuaTA1UUpzcXJtQzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUAKglihgMF
ACoQQQMDBQAqEEEFAwUAKhFLRAMFACoRS0YDBQAqEqNBAwUAKhKjRwMFAyoTPIAD
BQMqE5NAMA0GCSqGSIb3DQEBCwUAA4IBAQCsgDYQgdryyDbK5WcihJOzZV00nzpo
Yw8VmuE4v253XqweaRAPFI3Qbbjr+I1osauIv8N92JtAZX4U0reKpcxWwyKcjJoJ
cLJsnttBHsmRty3QcV0B8TCp1nF1wKRbgBB8nxVHTR7IIOJyRh1JPWmg6xCTz1cZ
jssKYUPZ900VHJvPRtSx9xlZcyhH1MkQCzx5MFDpwFTLsbQxBMdTE21nfbJ6QdQb
6iPPmEULW20GsV7Jgigl+WCM+xyAewjKVDJw2UV88/R3NSF0azSrHOPhELD9qsY2
nLwK+zWHrWl8y8SMIPqICGw64o0LiQp/8aPmFYJHoho+Q+8vxn4ScpY+
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:15:09 2025 by rpki-client