Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ex40gTfo8qCTBRFH-NQGOZfw2f4.roa
File: ex40gTfo8qCTBRFH-NQGOZfw2f4.roa (raw, json)
Hash identifier: ETAd6PaetjWbwYQvoc6Qk5i/xCSArplF6e8tiY+58+c=
Subject key identifier: 7B:1E:34:81:37:E8:F2:A0:93:05:11:47:F8:D4:06:39:97:F0:D9:FE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01981E4B45044079AB144873CFD98E0281F3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ex40gTfo8qCTBRFH-NQGOZfw2f4.roa
Signing time: Fri 18 Jul 2025 16:08:25 +0000
ROA not before: Fri 18 Jul 2025 16:08:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207196
IP address blocks: 2a0c:9a46:d00::/40 maxlen: 48
2a0c:9a46:e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:4b:45:04:40:79:ab:14:48:73:cf:d9:8e:02:81:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jul 18 16:08:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b1e348137e8f2a093051147f8d4063997f0d9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:cb:57:6c:3f:cb:0f:84:fe:95:10:d7:13:
02:fa:d6:f1:66:8f:74:5d:94:89:e4:4e:3a:a6:b4:
61:fc:c4:8f:79:fa:06:aa:79:87:e7:89:d7:b2:65:
86:8b:27:ac:11:8a:5f:ce:f1:0b:9c:f5:d9:e4:3a:
f3:5d:ac:3e:c3:02:ea:ff:e2:a1:73:10:a8:c4:7d:
fb:8a:c0:f3:a1:25:f4:d9:a9:39:eb:1b:ef:8e:42:
2d:ae:43:d2:25:e7:b1:ef:5f:6c:51:95:7f:08:71:
a3:47:c7:4f:37:66:a9:31:5f:32:c8:14:40:1a:08:
29:10:59:51:13:50:69:ed:7e:8b:8d:89:64:aa:18:
18:a9:35:24:04:fa:e7:1d:12:7e:ee:c4:8f:a0:13:
30:e4:30:78:59:4a:2a:9b:32:71:09:2f:f5:92:61:
ee:d7:2e:2e:00:2d:3c:23:4f:6a:21:cb:de:50:1b:
71:04:9e:e8:7d:15:61:1b:07:7f:04:7a:b9:28:d8:
28:c5:78:31:02:47:95:6b:2e:73:5c:66:6b:77:61:
c4:74:02:80:9b:7d:71:3a:17:e8:40:bf:00:e3:99:
09:a7:7b:ca:27:96:b6:d3:40:4d:8b:4c:44:49:3e:
73:cb:aa:93:97:cf:a3:4e:e0:ed:27:17:f1:51:eb:
4e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1E:34:81:37:E8:F2:A0:93:05:11:47:F8:D4:06:39:97:F0:D9:FE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ex40gTfo8qCTBRFH-NQGOZfw2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a46:d00::-2a0c:9a46:eff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c0:f6:02:4c:ae:37:74:0b:78:12:b6:95:33:7c:c0:0b:08:ab:
81:03:88:91:b6:51:8f:45:53:b7:23:b4:2d:18:2b:8d:98:5b:
6e:56:f1:36:9c:66:37:15:24:bc:bb:90:4c:c3:fe:9a:79:50:
41:5e:41:07:c9:af:86:db:63:79:97:31:1a:b4:80:6b:87:a8:
b8:58:dc:49:4a:c5:63:4e:53:4b:07:26:01:2f:ae:b4:24:e8:
97:29:2f:ad:95:bb:da:4f:87:c4:cc:55:6b:43:5f:4b:11:76:
68:af:6b:9b:cd:a8:c2:7a:24:c8:2d:03:d9:84:02:84:1f:86:
d7:d1:2b:b7:4e:90:a9:54:9f:71:23:5d:c7:b0:64:3f:e7:76:
37:4f:6d:3e:68:d6:68:b0:58:0f:e1:73:e8:45:72:59:6a:8e:
ec:25:4d:53:d8:3a:43:2b:cc:0e:d9:7c:89:fc:d7:b4:90:81:
ee:f3:23:3c:99:91:50:08:c3:9b:1c:cc:2d:1a:4e:3a:73:56:
6b:85:ff:2e:a5:4d:83:12:dd:5e:a9:40:6a:47:6d:84:08:1e:
7a:46:58:04:fe:65:60:24:1e:71:85:10:0f:3b:ba:74:f2:01:
4b:44:3f:65:df:93:13:7a:dc:9d:4d:2a:0d:f3:d5:8f:68:08:
62:ce:1d:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgeS0UEQHmrFEhzz9mOAoHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwNzE4MTYwODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFlMzQ4MTM3ZThmMmEwOTMwNTExNDdmOGQ0MDYzOTk3ZjBkOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UrLV2w/yw+E/pUQ1xMC+tbxZo90
XZSJ5E46prRh/MSPefoGqnmH54nXsmWGiyesEYpfzvELnPXZ5DrzXaw+wwLq/+Kh
cxCoxH37isDzoSX02ak56xvvjkItrkPSJeex719sUZV/CHGjR8dPN2apMV8yyBRA
GggpEFlRE1Bp7X6LjYlkqhgYqTUkBPrnHRJ+7sSPoBMw5DB4WUoqmzJxCS/1kmHu
1y4uAC08I09qIcveUBtxBJ7ofRVhGwd/BHq5KNgoxXgxAkeVay5zXGZrd2HEdAKA
m31xOhfoQL8A45kJp3vKJ5a200BNi0xEST5zy6qTl8+jTuDtJxfxUetOYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHseNIE36PKgkwURR/jUBjmX8Nn+MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZXg0MGdUZm84cUNUQlJGSC1OUUdPWmZ3MmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqDJpG
DQMGACoMmkYOMA0GCSqGSIb3DQEBCwUAA4IBAQDA9gJMrjd0C3gStpUzfMALCKuB
A4iRtlGPRVO3I7QtGCuNmFtuVvE2nGY3FSS8u5BMw/6aeVBBXkEHya+G22N5lzEa
tIBrh6i4WNxJSsVjTlNLByYBL660JOiXKS+tlbvaT4fEzFVrQ19LEXZor2ubzajC
eiTILQPZhAKEH4bX0Su3TpCpVJ9xI13HsGQ/53Y3T20+aNZosFgP4XPoRXJZao7s
JU1T2DpDK8wO2XyJ/Ne0kIHu8yM8mZFQCMObHMwtGk46c1Zrhf8upU2DEt1eqUBq
R22ECB56RlgE/mVgJB5xhRAPO7p08gFLRD9l35MTetydTSoN89WPaAhizh29
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:05:38 2025 by rpki-client