Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-l_gre_pxhYS4_zZwDxZG1Nt_5c.roa
File: 1-l_gre_pxhYS4_zZwDxZG1Nt_5c.roa (raw, json)
Hash identifier: 79+LUQppQGCR1ma6gkDs/MxaDYgg8iUK7GVvWKXvzJ8=
Subject key identifier: FA:5F:E0:AD:EF:E9:C6:16:12:E3:FC:D9:C0:3C:59:1B:53:6D:FF:97
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0197F6EEB5BE193BEC7F8B43E2CF9BC4D53E
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-l_gre_pxhYS4_zZwDxZG1Nt_5c.roa
Signing time: Fri 11 Jul 2025 00:42:08 +0000
ROA not before: Fri 11 Jul 2025 00:42:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216039
IP address blocks: 2a0d:d940:900b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 16:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f6:ee:b5:be:19:3b:ec:7f:8b:43:e2:cf:9b:c4:d5:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jul 11 00:42:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5fe0adefe9c61612e3fcd9c03c591b536dff97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e2:4e:38:35:9c:c6:1b:78:a2:0b:67:fb:ff:
9c:83:b8:4f:a5:d7:d7:fd:b1:af:bf:70:55:8d:6e:
58:6a:dd:c4:a8:58:51:4d:d3:9e:b2:59:23:ed:3a:
dd:0d:a2:73:3a:5c:51:24:3c:ae:16:f0:4a:bc:c8:
2d:a6:bb:22:46:da:79:16:63:12:4d:73:81:53:36:
3b:85:6a:48:bb:21:05:4f:0a:4d:1a:5f:c9:87:da:
5e:76:cc:08:d0:0e:c8:4c:a5:ac:20:ab:3e:69:23:
cb:24:33:b2:9b:37:b8:f4:2a:7e:2c:18:5d:d0:4a:
0b:b6:95:3a:ee:83:00:19:64:cf:1c:e1:39:3f:23:
47:03:bf:ae:e5:06:17:f3:14:1d:82:47:cc:e3:3d:
21:49:27:17:96:86:08:ef:5d:da:c0:4d:6d:c2:1b:
60:30:73:ec:b8:c0:77:b6:76:72:33:78:a0:49:a1:
6a:60:31:aa:a7:ad:15:b2:02:eb:d5:ab:14:b0:94:
a1:48:c5:04:77:25:94:85:1e:d5:da:74:55:99:ab:
dc:ae:64:60:7a:1d:9b:ce:15:e7:09:44:45:b6:5b:
43:b1:06:a1:ef:46:46:36:72:e2:bd:d3:a1:60:2f:
11:b2:26:6c:b7:40:ff:0c:52:58:e6:00:07:87:21:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5F:E0:AD:EF:E9:C6:16:12:E3:FC:D9:C0:3C:59:1B:53:6D:FF:97
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-l_gre_pxhYS4_zZwDxZG1Nt_5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:900b::/48
Signature Algorithm: sha256WithRSAEncryption
28:23:93:70:04:13:d7:5f:58:83:99:d9:ab:f5:a9:4f:d4:85:
a2:72:f5:03:bc:ee:40:5e:c5:66:79:71:cb:6f:19:97:ac:8d:
38:92:dc:48:a9:04:38:cf:18:b7:48:b8:26:0b:ad:af:4c:3c:
75:d3:4b:2f:bc:f3:ed:70:af:6b:01:58:cb:f5:93:66:14:a2:
3c:d9:bd:a3:05:e4:b5:56:2f:16:07:82:ba:64:9a:71:19:98:
53:0b:fb:99:f5:f6:44:07:8e:58:6f:5e:37:61:54:c3:7f:62:
8c:99:3a:32:f5:06:0f:45:1f:6c:e6:d9:4a:07:39:ac:e2:35:
59:11:7a:d0:26:3b:ea:d8:06:4a:f9:d3:e7:e3:8b:65:df:5c:
82:91:da:53:57:02:86:81:66:e9:79:15:4c:4f:26:e4:75:9c:
67:b6:06:0c:09:3a:63:7a:bd:d7:7c:57:17:4c:15:23:f4:4b:
62:a9:6a:d7:57:cd:ad:58:c2:a8:b1:9d:ab:d0:71:95:dd:bb:
4c:00:1f:79:4c:f5:11:8e:93:a9:40:b1:da:2d:fb:99:02:31:
07:eb:8f:4d:7f:6d:57:63:86:1f:68:97:f8:61:de:65:0a:03:
db:b0:ee:a4:ed:79:e7:87:91:40:a8:e8:9e:4e:0e:ea:98:51:
2e:57:fc:79
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZf27rW+GTvsf4tD4s+bxNU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNzExMDA0MjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVmZTBhZGVmZTljNjE2MTJlM2ZjZDljMDNjNTkxYjUzNmRmZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeJOODWcxht4ogtn+/+cg7hPpdfX
/bGvv3BVjW5Yat3EqFhRTdOeslkj7TrdDaJzOlxRJDyuFvBKvMgtprsiRtp5FmMS
TXOBUzY7hWpIuyEFTwpNGl/Jh9pedswI0A7ITKWsIKs+aSPLJDOymze49Cp+LBhd
0EoLtpU67oMAGWTPHOE5PyNHA7+u5QYX8xQdgkfM4z0hSScXloYI713awE1twhtg
MHPsuMB3tnZyM3igSaFqYDGqp60VsgLr1asUsJShSMUEdyWUhR7V2nRVmavcrmRg
eh2bzhXnCURFtltDsQah70ZGNnLivdOhYC8RsiZst0D/DFJY5gAHhyG9qQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPpf4K3v6cYWEuP82cA8WRtTbf+XMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvMS1sX2dyZV9weGhZUzRfelp3RHhaRzFOdF81Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvN2JhMWIxLTU1NjItNGEzMi05ZjVkLTE0ZDIzODUyNzgz
NS8xL0MwNDdPNFFrSWxpR01VTHRPaGw1TFpmTHZIUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN2UCQ
CzANBgkqhkiG9w0BAQsFAAOCAQEAKCOTcAQT119Yg5nZq/WpT9SFonL1A7zuQF7F
Znlxy28Zl6yNOJLcSKkEOM8Yt0i4Jgutr0w8ddNLL7zz7XCvawFYy/WTZhSiPNm9
owXktVYvFgeCumSacRmYUwv7mfX2RAeOWG9eN2FUw39ijJk6MvUGD0UfbObZSgc5
rOI1WRF60CY76tgGSvnT5+OLZd9cgpHaU1cChoFm6XkVTE8m5HWcZ7YGDAk6Y3q9
13xXF0wVI/RLYqlq11fNrVjCqLGdq9Bxld27TAAfeUz1EY6TqUCx2i37mQIxB+uP
TX9tV2OGH2iX+GHeZQoD27DupO1554eRQKjonk4O6phRLlf8eQ==
-----END CERTIFICATE-----
Generated at Fri Jul 25 21:46:57 2025 by rpki-client