Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dwuRwRjZ7I8_moHhVthmMQkui2g.roa
File: dwuRwRjZ7I8_moHhVthmMQkui2g.roa (raw, json)
Hash identifier: Xy4VUxgArneoh6kU4gqE3gfGhyz+6jmn2Xs4cI1eUIY=
Subject key identifier: 77:0B:91:C1:18:D9:EC:8F:3F:9A:81:E1:56:D8:66:31:09:2E:8B:68
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0197C12C1C4C34BA51A5889BAFC90F361B8A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dwuRwRjZ7I8_moHhVthmMQkui2g.roa
Signing time: Mon 30 Jun 2025 14:09:42 +0000
ROA not before: Mon 30 Jun 2025 14:09:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0c:9a40:8470::/48 maxlen: 48
2a0c:9a40:9600::/40 maxlen: 48
2a0c:9a44:cf::/48 maxlen: 48
2a0e:7d41:8888::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:2c:1c:4c:34:ba:51:a5:88:9b:af:c9:0f:36:1b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jun 30 14:09:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=770b91c118d9ec8f3f9a81e156d86631092e8b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e7:26:e7:7a:90:01:4e:00:3b:93:bc:d6:c1:
17:67:cd:0b:30:95:b8:a0:b0:ba:2f:0c:7c:2e:c4:
ca:5b:40:92:62:83:f2:92:d3:b1:ac:bd:2a:cf:0c:
3d:22:29:3c:99:a6:a8:b3:a3:fc:56:86:2a:ac:dc:
d4:30:a1:2d:06:c4:c8:a7:0d:a5:fb:d4:ee:b3:7a:
f1:da:26:76:4d:c4:81:d4:07:c8:f0:b9:2a:3d:ce:
aa:86:eb:d5:1b:ef:b2:18:80:1c:0c:e3:20:d8:8b:
a4:56:2a:61:04:93:3d:dc:2e:82:d0:f8:94:a4:f1:
29:6e:87:22:3f:53:d7:62:17:81:28:4d:40:a9:1e:
89:3d:32:38:c5:d2:a3:b0:74:a3:eb:ef:14:0e:7d:
df:d0:07:87:cc:1a:d0:b6:48:15:f7:cf:5e:f1:e1:
b6:c5:a9:35:d5:04:d5:e5:01:d5:00:84:d9:b8:08:
21:31:41:65:82:da:fb:58:b5:81:f6:5c:95:b2:24:
54:84:dc:6f:f4:4e:eb:cc:90:7b:aa:cd:22:88:04:
b5:03:ac:a2:98:57:60:01:48:a0:b9:fd:7e:ac:9f:
64:53:7f:5c:7a:bb:38:22:87:27:b4:1b:b6:85:dd:
d4:f8:53:32:a7:b6:21:b4:31:7b:17:14:cc:c7:de:
87:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0B:91:C1:18:D9:EC:8F:3F:9A:81:E1:56:D8:66:31:09:2E:8B:68
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dwuRwRjZ7I8_moHhVthmMQkui2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8470::/48
2a0c:9a40:9600::/40
2a0c:9a44:cf::/48
2a0e:7d41:8888::/48
Signature Algorithm: sha256WithRSAEncryption
af:18:38:d9:e2:5a:22:3d:25:ee:de:ea:01:76:94:0d:74:8c:
82:5b:95:4d:14:76:49:97:d5:ef:73:7b:c4:55:55:eb:36:28:
bf:b3:d1:a3:1e:3a:ab:44:e8:12:2e:55:e3:bd:c5:09:7a:7f:
73:37:5b:0a:0a:55:9f:d2:12:3c:3c:41:b7:2a:e5:bd:59:7b:
de:d2:a6:27:ab:d3:99:8f:d2:1c:e9:8a:d3:4a:f2:c0:60:2e:
34:f3:a9:8b:60:31:ae:ee:6a:7d:00:15:18:ce:f9:76:10:8f:
80:9a:d3:42:4e:47:86:bf:e6:68:1f:39:ca:f7:23:7b:7b:48:
cd:1f:87:71:6d:fc:cb:b1:44:dd:ec:7b:92:c9:ea:ae:b4:8e:
d0:92:55:51:bc:39:bc:65:61:96:9e:2d:9d:6d:13:3f:1f:a4:
d6:81:6b:30:2b:a7:83:2b:0d:e6:41:8b:76:d9:49:ba:47:5f:
5d:1b:00:1d:52:53:df:01:e7:82:1e:e3:46:db:e6:e3:99:df:
8e:dc:ef:b1:96:fb:10:2b:6c:45:e0:3e:00:38:31:17:fc:d8:
31:9a:e3:27:04:98:44:44:e3:ae:ed:13:f3:88:e4:33:5f:a4:
ba:5b:8f:0e:6b:93:28:e2:87:76:6f:e9:da:d5:35:15:eb:1a:
0e:3b:ac:72
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZfBLBxMNLpRpYibr8kPNhuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwNjMwMTQwOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzBiOTFjMTE4ZDllYzhmM2Y5YTgxZTE1NmQ4NjYzMTA5MmU4YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ecm53qQAU4AO5O81sEXZ80LMJW4
oLC6Lwx8LsTKW0CSYoPyktOxrL0qzww9Iik8maaos6P8VoYqrNzUMKEtBsTIpw2l
+9Tus3rx2iZ2TcSB1AfI8LkqPc6qhuvVG++yGIAcDOMg2IukViphBJM93C6C0PiU
pPEpbociP1PXYheBKE1AqR6JPTI4xdKjsHSj6+8UDn3f0AeHzBrQtkgV989e8eG2
xak11QTV5QHVAITZuAghMUFlgtr7WLWB9lyVsiRUhNxv9E7rzJB7qs0iiAS1A6yi
mFdgAUiguf1+rJ9kU39cers4IocntBu2hd3U+FMyp7YhtDF7FxTMx96HtwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHcLkcEY2eyPP5qB4VbYZjEJLotoMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZHd1UndSalo3SThfbW9IaFZ0aG1NUWt1aTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcAKgyaQIRw
AwYAKgyaQJYDBwAqDJpEAM8DBwAqDn1BiIgwDQYJKoZIhvcNAQELBQADggEBAK8Y
ONniWiI9Je7e6gF2lA10jIJblU0UdkmX1e9ze8RVVes2KL+z0aMeOqtE6BIuVeO9
xQl6f3M3WwoKVZ/SEjw8Qbcq5b1Ze97Spier05mP0hzpitNK8sBgLjTzqYtgMa7u
an0AFRjO+XYQj4Ca00JOR4a/5mgfOcr3I3t7SM0fh3Ft/MuxRN3se5LJ6q60jtCS
VVG8ObxlYZaeLZ1tEz8fpNaBazArp4MrDeZBi3bZSbpHX10bAB1SU98B54Ie40bb
5uOZ347c77GW+xArbEXgPgA4MRf82DGa4ycEmERE467tE/OI5DNfpLpbjw5rkyji
h3Zv6drVNRXrGg47rHI=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:05:12 2025 by rpki-client