Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xxVCA8uITxzYzKaLDC0g-YxfTzo.roa
File: xxVCA8uITxzYzKaLDC0g-YxfTzo.roa (raw, json)
Hash identifier: Jpxudfggo0Vzfm7+EORSxKBJSTHID/1Yzgtr62f5yI8=
Subject key identifier: C7:15:42:03:CB:88:4F:1C:D8:CC:A6:8B:0C:2D:20:F9:8C:5F:4F:3A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019859E92837D6768C9AC8A22012B3850855
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xxVCA8uITxzYzKaLDC0g-YxfTzo.roa
Signing time: Wed 30 Jul 2025 05:58:29 +0000
ROA not before: Wed 30 Jul 2025 05:58:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 2a04:a5c0::/32 maxlen: 32
2a04:a5c1::/32 maxlen: 32
2a04:a5c2::/32 maxlen: 32
2a04:a5c3::/32 maxlen: 32
2a04:a5c4::/32 maxlen: 32
2a04:a5c5::/32 maxlen: 32
2a04:a5c6::/32 maxlen: 32
2a04:a5c7::/32 maxlen: 32
2a0e:c380::/30 maxlen: 30
2a0e:c384::/30 maxlen: 30
2a10:4700::/31 maxlen: 31
2a10:4702::/31 maxlen: 31
2a10:4704::/31 maxlen: 31
2a10:4706::/31 maxlen: 31
2a13:4fc0::/30 maxlen: 30
2a13:4fc4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 16:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:59:e9:28:37:d6:76:8c:9a:c8:a2:20:12:b3:85:08:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 30 05:58:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7154203cb884f1cd8cca68b0c2d20f98c5f4f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c0:b8:f3:4c:a9:91:fc:12:20:c8:37:0d:99:
65:47:3b:71:65:9c:3c:b3:04:56:40:1a:00:1e:f0:
23:03:f2:05:d8:7b:4d:7f:0d:0c:78:01:35:c7:ce:
a8:cd:5e:ce:32:47:bb:35:92:4f:11:6e:45:a2:11:
3f:54:ce:c0:4a:be:49:30:79:85:65:a9:c9:01:89:
37:1e:6a:5d:3a:46:49:8e:25:45:04:c0:ec:39:6a:
32:86:e1:92:67:1d:7c:fc:04:dc:19:0e:fd:dc:47:
37:cd:77:a6:f0:a4:9e:7b:6e:a9:97:c3:0e:39:9a:
1d:1f:37:9e:4a:0e:e3:e4:1b:fa:49:92:a2:1a:01:
c8:db:4f:5f:a6:e5:66:5d:ae:5b:c8:22:3e:01:52:
56:08:03:71:e5:07:cf:dc:8a:45:f7:8e:32:1a:01:
b8:70:ae:30:6b:3b:dc:86:7b:8d:f8:18:7b:f0:58:
cc:3d:6a:43:9f:45:7d:d5:7d:5f:05:33:90:78:55:
0b:6d:36:83:da:61:aa:0e:94:c8:26:bc:b9:16:ce:
17:7e:fe:4b:35:a9:d6:d3:6a:30:b9:28:7a:cc:8f:
f8:9e:4e:d0:8a:5e:59:b0:de:db:28:2e:60:b0:5c:
fb:9f:78:b2:59:76:ed:17:c4:d3:35:20:76:bb:24:
74:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:15:42:03:CB:88:4F:1C:D8:CC:A6:8B:0C:2D:20:F9:8C:5F:4F:3A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xxVCA8uITxzYzKaLDC0g-YxfTzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:c380::/29
2a10:4700::/29
2a13:4fc0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:a5:eb:f9:a2:71:25:fd:1e:60:0b:cc:a5:2c:4d:7a:c9:3b:
e2:20:a7:94:59:a6:99:28:f6:32:2f:ac:d5:8a:af:76:51:b3:
12:af:cb:8d:45:f8:44:13:31:a0:be:00:7f:57:72:0d:d5:80:
d0:57:4e:14:d6:de:f4:7a:0b:81:0c:d6:09:5f:b5:62:fc:f1:
55:49:bc:64:ce:fb:12:62:eb:d0:8b:48:58:d2:8e:bb:f5:94:
96:35:08:78:52:c7:52:7a:85:c6:a8:61:32:61:21:80:36:7a:
59:2d:38:47:e5:e4:59:9f:05:5f:bd:58:1c:ee:67:06:54:e1:
f6:70:c5:6d:b6:46:60:e0:45:a0:73:4e:27:bf:74:9f:d1:ea:
1e:26:0c:a5:9a:5b:19:16:e1:71:3b:e5:af:9a:fe:fa:81:84:
8e:9c:f3:35:65:46:51:41:27:df:7c:54:8e:8c:56:af:db:82:
28:e2:56:40:d0:40:34:71:9d:8e:f0:03:e5:e9:27:07:34:c3:
10:40:6d:f4:e9:43:8b:09:57:44:15:24:65:ea:cc:7a:b0:4b:
67:5f:e8:f7:76:7f:58:b4:aa:20:7e:bb:8f:dd:dc:ea:7f:8d:
ba:54:cb:c4:49:8a:1f:7a:03:d7:62:ca:b3:57:c9:10:da:0a:
21:64:cd:94
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZhZ6Sg31naMmsiiIBKzhQhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNzMwMDU1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzE1NDIwM2NiODg0ZjFjZDhjY2E2OGIwYzJkMjBmOThjNWY0ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8C480ypkfwSIMg3DZllRztxZZw8
swRWQBoAHvAjA/IF2HtNfw0MeAE1x86ozV7OMke7NZJPEW5FohE/VM7ASr5JMHmF
ZanJAYk3HmpdOkZJjiVFBMDsOWoyhuGSZx18/ATcGQ793Ec3zXem8KSee26pl8MO
OZodHzeeSg7j5Bv6SZKiGgHI209fpuVmXa5byCI+AVJWCANx5QfP3IpF944yGgG4
cK4wazvchnuN+Bh78FjMPWpDn0V91X1fBTOQeFULbTaD2mGqDpTIJry5Fs4Xfv5L
NanW02owuSh6zI/4nk7Qil5ZsN7bKC5gsFz7n3iyWXbtF8TTNSB2uyR0AwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMcVQgPLiE8c2MymiwwtIPmMX086MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveHhWQ0E4dUlUeHpZekthTERDMGctWXhmVHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgSlwAMF
AyoOw4ADBQMqEEcAAwUDKhNPwDANBgkqhkiG9w0BAQsFAAOCAQEAqqXr+aJxJf0e
YAvMpSxNesk74iCnlFmmmSj2Mi+s1YqvdlGzEq/LjUX4RBMxoL4Af1dyDdWA0FdO
FNbe9HoLgQzWCV+1YvzxVUm8ZM77EmLr0ItIWNKOu/WUljUIeFLHUnqFxqhhMmEh
gDZ6WS04R+XkWZ8FX71YHO5nBlTh9nDFbbZGYOBFoHNOJ790n9HqHiYMpZpbGRbh
cTvlr5r++oGEjpzzNWVGUUEn33xUjoxWr9uCKOJWQNBANHGdjvAD5eknBzTDEEBt
9OlDiwlXRBUkZerMerBLZ1/o93Z/WLSqIH67j93c6n+NulTLxEmKH3oD12LKs1fJ
ENoKIWTNlA==
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:04:24 2025 by rpki-client