Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/MPjhVZku2dANONdNrD591bF4Ulo.roa
File: MPjhVZku2dANONdNrD591bF4Ulo.roa (raw, json)
Hash identifier: KBy8kNQ2V6Ah7/kkipiLoSRVFGDyOFsy7aM2W6LyEXM=
Subject key identifier: 30:F8:E1:55:99:2E:D9:D0:0D:38:D7:4D:AC:3E:7D:D5:B1:78:52:5A
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 01983DB2329A2300439128AF2FE73AE7F82E
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/MPjhVZku2dANONdNrD591bF4Ulo.roa
Signing time: Thu 24 Jul 2025 18:29:05 +0000
ROA not before: Thu 24 Jul 2025 18:29:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211009
IP address blocks: 2a09:a802::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3d:b2:32:9a:23:00:43:91:28:af:2f:e7:3a:e7:f8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Jul 24 18:29:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f8e155992ed9d00d38d74dac3e7dd5b178525a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dc:68:7a:ac:2f:54:60:7f:36:7c:2a:66:6d:
9c:1e:6a:78:5f:00:09:20:25:a6:e6:4d:41:55:56:
29:20:43:eb:d5:bd:b8:49:5e:18:9e:a4:a2:f7:4c:
f0:97:6f:7c:d8:9f:08:f9:d4:0b:c5:28:78:00:8f:
0d:92:3f:e9:87:d4:fd:bd:14:27:b0:07:6e:60:ea:
69:b5:0c:e2:8c:07:ff:e2:02:af:f9:84:73:ae:68:
39:08:3d:4c:b4:c0:ed:26:8c:1e:7e:82:87:b0:a7:
a5:8b:17:44:8d:73:94:e7:e7:9f:b1:4a:9e:1a:e3:
a6:7d:5a:8c:ce:f7:83:1d:39:fc:f6:e4:11:3b:3b:
ae:75:3c:38:ae:5b:53:0a:a9:a4:48:84:b0:70:a4:
65:43:27:54:59:63:8e:0f:cb:45:52:f2:99:e2:94:
15:53:a1:90:a4:2b:b9:dc:80:6c:14:c6:3e:58:49:
d8:04:06:70:95:f3:6f:56:5a:f0:9d:01:34:43:1d:
39:a8:e5:e2:04:92:bd:c2:09:eb:91:0f:5d:a6:9d:
c0:30:28:4e:dd:67:16:5a:06:f7:18:7c:24:77:d9:
20:98:f0:7e:9e:48:a5:01:98:9a:a5:41:e2:60:1a:
91:33:6e:00:5a:98:25:ab:c1:05:46:d6:aa:9a:87:
dc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F8:E1:55:99:2E:D9:D0:0D:38:D7:4D:AC:3E:7D:D5:B1:78:52:5A
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/MPjhVZku2dANONdNrD591bF4Ulo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a802::/32
Signature Algorithm: sha256WithRSAEncryption
76:e9:0d:b7:cf:3c:5b:6d:a3:16:21:c5:c8:71:64:37:b5:8a:
e9:16:ec:a3:f0:1c:62:b2:dc:65:0e:46:f2:b4:ec:a5:df:6c:
2a:3c:78:9b:e2:0c:aa:b0:61:e6:4a:0c:a8:01:fd:21:11:e0:
8b:19:4a:44:33:7c:e5:53:db:72:f3:4a:74:95:b1:3c:a6:65:
3f:dd:1c:2a:6b:8b:ac:09:c1:20:a5:ca:09:26:04:5d:29:a1:
eb:f8:f7:3c:9d:58:ba:2e:7f:5a:37:3f:14:01:50:7b:11:95:
28:b8:4a:b9:b0:84:5e:1e:44:69:3e:ae:3a:f9:b1:6e:f3:31:
12:36:32:8d:f0:5c:1f:16:39:d8:df:18:29:58:29:d3:2f:6d:
ba:b4:ac:20:86:2f:e6:56:d8:e2:a2:07:b5:34:e7:db:e5:19:
56:63:52:f8:53:9b:a8:9d:39:fe:f7:d0:11:64:9b:b2:f3:c4:
6a:19:41:27:8a:41:a3:c8:c0:05:fc:03:e5:43:23:45:1b:1f:
21:3f:54:e0:76:25:31:60:31:45:7b:e6:9d:7b:36:31:9c:9d:
8c:10:c3:ba:76:01:c8:de:3b:93:93:77:cb:a9:12:b9:61:5c:
7d:ec:be:02:95:80:4b:2d:df:99:6b:41:ff:d6:3b:f6:97:e4:
c8:fa:03:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZg9sjKaIwBDkSivL+c65/guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwNzI0MTgyOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY4ZTE1NTk5MmVkOWQwMGQzOGQ3NGRhYzNlN2RkNWIxNzg1MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9xoeqwvVGB/NnwqZm2cHmp4XwAJ
ICWm5k1BVVYpIEPr1b24SV4YnqSi90zwl2982J8I+dQLxSh4AI8Nkj/ph9T9vRQn
sAduYOpptQzijAf/4gKv+YRzrmg5CD1MtMDtJowefoKHsKelixdEjXOU5+efsUqe
GuOmfVqMzveDHTn89uQROzuudTw4rltTCqmkSISwcKRlQydUWWOOD8tFUvKZ4pQV
U6GQpCu53IBsFMY+WEnYBAZwlfNvVlrwnQE0Qx05qOXiBJK9wgnrkQ9dpp3AMChO
3WcWWgb3GHwkd9kgmPB+nkilAZiapUHiYBqRM24AWpglq8EFRtaqmofc2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDD44VWZLtnQDTjXTaw+fdWxeFJaMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvTVBqaFZaa3UyZEFOT05kTnJENTkxYkY0VWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmoAjAN
BgkqhkiG9w0BAQsFAAOCAQEAdukNt888W22jFiHFyHFkN7WK6Rbso/AcYrLcZQ5G
8rTspd9sKjx4m+IMqrBh5koMqAH9IRHgixlKRDN85VPbcvNKdJWxPKZlP90cKmuL
rAnBIKXKCSYEXSmh6/j3PJ1Yui5/Wjc/FAFQexGVKLhKubCEXh5EaT6uOvmxbvMx
EjYyjfBcHxY52N8YKVgp0y9turSsIIYv5lbY4qIHtTTn2+UZVmNS+FObqJ05/vfQ
EWSbsvPEahlBJ4pBo8jABfwD5UMjRRsfIT9U4HYlMWAxRXvmnXs2MZydjBDDunYB
yN47k5N3y6kSuWFcfey+ApWASy3fmWtB/9Y79pfkyPoDjw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:56:20 2025 by rpki-client