Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/CSQOd1Ivsq7SauN1-IwPUSzYm48.roa
File: CSQOd1Ivsq7SauN1-IwPUSzYm48.roa (raw, json)
Hash identifier: dGIueTuGLpuTY7iHF/OWsqSj5IRgJq+ixisf6vrNlv0=
Subject key identifier: 09:24:0E:77:52:2F:B2:AE:D2:6A:E3:75:F8:8C:0F:51:2C:D8:9B:8F
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 01980D93D45D25DEA6881400AACC613AB2A4
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/CSQOd1Ivsq7SauN1-IwPUSzYm48.roa
Signing time: Tue 15 Jul 2025 10:14:08 +0000
ROA not before: Tue 15 Jul 2025 10:14:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 46.29.36.0/24 maxlen: 24
2a13:d040:1::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:10::/48 maxlen: 48
2a13:d040:11::/48 maxlen: 48
2a13:d040:12::/48 maxlen: 48
2a13:d040:13::/48 maxlen: 48
2a13:d040:14::/48 maxlen: 48
2a13:d040:15::/48 maxlen: 48
2a13:d040:16::/48 maxlen: 48
2a13:d040:17::/48 maxlen: 48
2a13:d040:18::/48 maxlen: 48
2a13:d040:19::/48 maxlen: 48
2a13:d040:1a::/48 maxlen: 48
2a13:d040:1b::/48 maxlen: 48
2a13:d040:1c::/48 maxlen: 48
2a13:d040:1d::/48 maxlen: 48
2a13:d040:1e::/48 maxlen: 48
2a13:d040:1f::/48 maxlen: 48
2a13:d040:20::/48 maxlen: 48
2a13:d040:21::/48 maxlen: 48
2a13:d040:22::/48 maxlen: 48
2a13:d040:23::/48 maxlen: 48
2a13:d040:24::/48 maxlen: 48
2a13:d040:25::/48 maxlen: 48
2a13:d040:26::/48 maxlen: 48
2a13:d040:27::/48 maxlen: 48
2a13:d040:28::/48 maxlen: 48
2a13:d040:29::/48 maxlen: 48
2a13:d040:2a::/48 maxlen: 48
2a13:d040:2b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:93:d4:5d:25:de:a6:88:14:00:aa:cc:61:3a:b2:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Jul 15 10:14:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09240e77522fb2aed26ae375f88c0f512cd89b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2a:03:5d:e4:9f:56:f3:43:c3:a0:b3:25:41:
58:e7:d1:b7:93:c2:f3:73:c4:e8:36:a9:81:7f:a5:
7a:a9:2c:70:3e:1e:03:ab:62:65:3c:c9:da:26:cc:
cf:df:f2:90:38:b4:02:df:c3:b7:50:da:29:c2:8c:
82:39:24:64:96:af:d3:9f:20:3d:a8:56:ad:44:8c:
55:c9:80:0c:ac:4f:d9:78:27:06:f5:c2:ce:77:b8:
f0:c9:6c:e9:3e:67:c2:8c:0d:07:88:7a:51:6a:a4:
73:98:7a:10:ba:5a:14:51:54:e0:a9:83:3d:7d:14:
bf:19:7e:28:32:4d:eb:15:bb:df:8a:09:7f:aa:af:
65:0e:65:2c:fd:d6:04:02:54:83:5f:d0:eb:f2:47:
62:90:f4:c4:e1:3c:c5:cb:5d:30:b4:87:18:76:5e:
d6:e5:d4:e1:02:ae:1a:84:e1:75:bd:ec:9e:44:12:
fc:d5:7f:c1:1a:3f:0a:84:fb:f7:14:c8:65:88:52:
ad:e7:94:ba:74:7d:a7:c8:0b:03:be:f1:82:d1:54:
40:e7:0c:5f:3b:14:fd:f2:4b:49:95:2f:ec:fc:70:
49:5f:c6:c8:c8:ba:d5:4d:e7:d0:1c:26:fd:10:16:
e9:e9:ce:36:80:5f:d4:6a:3a:8e:14:f3:09:d6:68:
0a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:24:0E:77:52:2F:B2:AE:D2:6A:E3:75:F8:8C:0F:51:2C:D8:9B:8F
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/CSQOd1Ivsq7SauN1-IwPUSzYm48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.36.0/24
IPv6:
2a13:d040:1::-2a13:d040:3:ffff:ffff:ffff:ffff:ffff
2a13:d040:10::-2a13:d040:2b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:f8:4e:ae:8c:d8:67:46:4c:4f:cd:ad:d6:84:e4:ce:e0:97:
89:f4:39:44:d8:8f:63:25:e0:ef:07:5e:ab:13:6a:ba:37:af:
5d:ba:38:6e:e9:ca:83:5f:bd:d9:41:fd:34:b2:f8:f6:a6:bb:
ca:13:e8:89:88:95:e9:57:a4:09:ec:19:da:da:cc:14:62:9a:
ff:88:55:10:74:e5:37:03:3a:b1:7e:8e:07:94:83:66:0d:9b:
b6:93:14:da:5c:10:2e:bc:bd:a3:70:3f:fc:d0:8c:aa:e4:44:
c8:72:41:50:2a:0e:e4:56:3a:b5:26:f9:da:b1:8a:42:19:ca:
34:78:3a:fc:16:96:87:9d:be:66:f2:ff:2f:f6:69:93:ed:64:
99:e1:73:f8:7d:0f:8b:7f:5d:12:3c:7c:88:c2:02:6c:e9:81:
c4:88:76:d1:6e:02:fb:51:7e:73:f2:6f:e7:64:2f:b8:7a:40:
73:d1:1b:1b:b7:76:64:4c:88:f8:01:01:c1:59:79:1c:78:99:
0a:a0:31:c8:68:d9:6d:36:1e:28:cb:e7:47:12:d0:11:b5:fc:
5b:78:3f:54:64:4c:aa:c1:7f:21:01:55:87:9e:95:50:99:d7:
83:ba:ef:76:f2:09:8a:69:80:cf:f0:fa:07:a5:44:94:95:f3:
a9:93:97:63
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZgNk9RdJd6miBQAqsxhOrKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjUwNzE1MTAxNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI0MGU3NzUyMmZiMmFlZDI2YWUzNzVmODhjMGY1MTJjZDg5YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yoDXeSfVvNDw6CzJUFY59G3k8Lz
c8ToNqmBf6V6qSxwPh4Dq2JlPMnaJszP3/KQOLQC38O3UNopwoyCOSRklq/TnyA9
qFatRIxVyYAMrE/ZeCcG9cLOd7jwyWzpPmfCjA0HiHpRaqRzmHoQuloUUVTgqYM9
fRS/GX4oMk3rFbvfigl/qq9lDmUs/dYEAlSDX9Dr8kdikPTE4TzFy10wtIcYdl7W
5dThAq4ahOF1veyeRBL81X/BGj8KhPv3FMhliFKt55S6dH2nyAsDvvGC0VRA5wxf
OxT98ktJlS/s/HBJX8bIyLrVTefQHCb9EBbp6c42gF/UajqOFPMJ1mgKRQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAkkDndSL7Ku0mrjdfiMD1Es2JuPMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvQ1NRT2QxSXZzcTdTYXVOMS1Jd1BVU3pZbTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQALh0kMC4E
AgACMCgwEgMHACoT0EAAAQMHAioT0EAAADASAwcEKhPQQAAQAwcCKhPQQAAoMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ+E6ujNhnRkxPza3WhOTO4JeJ9DlE2I9jJeDvB16r
E2q6N69dujhu6cqDX73ZQf00svj2prvKE+iJiJXpV6QJ7Bna2swUYpr/iFUQdOU3
Azqxfo4HlINmDZu2kxTaXBAuvL2jcD/80Iyq5ETIckFQKg7kVjq1JvnasYpCGco0
eDr8FpaHnb5m8v8v9mmT7WSZ4XP4fQ+Lf10SPHyIwgJs6YHEiHbRbgL7UX5z8m/n
ZC+4ekBz0Rsbt3ZkTIj4AQHBWXkceJkKoDHIaNltNh4oy+dHEtARtfxbeD9UZEyq
wX8hAVWHnpVQmdeDuu928gmKaYDP8PoHpUSUlfOpk5dj
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:25:09 2025 by rpki-client