Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/_8xWW646uQQvbZ9SEyDVTcAaOaY.roa
File: _8xWW646uQQvbZ9SEyDVTcAaOaY.roa (raw, json)
Hash identifier: bN3+hP/aUgGI73tV5kSDjG+kB9Edlf94lhkN0wuQ7O0=
Subject key identifier: FF:CC:56:5B:AE:3A:B9:04:2F:6D:9F:52:13:20:D5:4D:C0:1A:39:A6
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 01981EFB0BA5ACA5C005E6F7B51E80DF9B86
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/_8xWW646uQQvbZ9SEyDVTcAaOaY.roa
Signing time: Fri 18 Jul 2025 19:20:25 +0000
ROA not before: Fri 18 Jul 2025 19:20:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a09:a801::/32 maxlen: 32
2a09:af80::/32 maxlen: 32
2a09:d701::/32 maxlen: 32
2a0a:b383::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 03:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:fb:0b:a5:ac:a5:c0:05:e6:f7:b5:1e:80:df:9b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Jul 18 19:20:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffcc565bae3ab9042f6d9f521320d54dc01a39a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6c:c7:3e:77:e8:9e:55:06:b2:86:38:9e:80:
ec:e8:52:e7:12:67:6a:43:fa:9f:96:37:fe:67:e0:
2b:48:c2:0d:99:d7:9e:f4:cd:fd:ff:f7:d8:83:df:
89:67:18:c1:ad:27:7d:93:bd:af:18:35:a3:09:ff:
b8:8d:77:0a:79:96:fd:28:03:72:dc:93:b0:0c:93:
09:2d:79:ec:d2:84:9a:b2:c4:8a:2a:c8:59:c7:7e:
83:eb:82:46:cb:c0:b2:8a:cb:e3:42:30:94:bc:8c:
41:90:38:14:65:83:3a:9b:44:4c:0c:43:2a:3e:2f:
d4:fa:67:c1:cb:9f:10:49:a6:3d:5e:5b:3c:40:93:
88:1f:de:28:5e:48:d6:47:a7:f9:ae:32:18:a3:5a:
89:25:c0:bb:a4:15:fc:5f:0e:3c:06:c9:b4:70:54:
ac:d4:6d:34:77:15:cf:e2:a7:5a:78:c0:32:41:a8:
0d:38:27:7e:ca:e8:ec:58:a8:11:7a:f2:15:19:a9:
4a:22:2a:b4:d4:06:53:b9:01:28:8d:fa:59:51:45:
95:ea:76:33:d1:0c:53:35:fc:20:10:4b:42:02:b3:
74:3d:9e:ad:1b:d5:f4:dd:1d:8b:36:46:e0:46:2c:
c6:5a:e5:ce:01:6c:27:d5:42:5f:cf:d1:db:ba:37:
f3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CC:56:5B:AE:3A:B9:04:2F:6D:9F:52:13:20:D5:4D:C0:1A:39:A6
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/_8xWW646uQQvbZ9SEyDVTcAaOaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a801::/32
2a09:af80::/32
2a09:d701::/32
2a0a:b383::/32
Signature Algorithm: sha256WithRSAEncryption
39:65:74:e5:12:df:f9:92:3e:8f:b9:b4:a1:b6:2c:c5:58:7a:
c2:d5:de:64:4e:d1:38:31:25:6a:50:b1:55:fd:25:3d:5b:1f:
17:02:e0:ee:f9:e1:86:a3:bf:0e:cb:e7:c3:91:5c:60:68:13:
36:ef:23:4e:fa:30:22:82:2f:c6:02:dd:56:d6:10:31:5b:ec:
4a:80:a5:41:67:9e:24:86:36:d2:47:cf:0c:35:ac:7f:c2:90:
c8:48:7b:1e:d9:57:21:14:09:9a:74:b7:6b:2b:24:23:7f:e4:
ac:7a:fe:66:89:8c:7f:51:28:f4:d7:03:20:0a:16:19:94:b5:
2b:42:d7:ba:e6:8a:de:59:63:45:f0:91:42:92:54:7f:0b:6d:
68:ae:a2:fd:22:99:30:8d:4a:1b:00:a7:79:76:18:5e:f0:51:
4e:4e:23:76:cd:cc:79:24:8a:44:de:18:72:59:e4:c0:65:6e:
3b:d5:49:4d:9e:9a:23:ed:84:d5:cc:b1:bc:76:da:d3:48:bc:
66:54:e7:3c:04:ef:06:ff:8f:df:a5:0c:ae:7d:0d:d9:90:ed:
ff:d9:78:4b:a3:10:a9:70:2c:c4:b2:5c:50:c2:8c:b3:96:b7:
c9:c0:7b:31:61:58:83:df:17:c7:28:3b:5b:00:1b:1d:97:98:
e4:01:d4:54
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZge+wulrKXABeb3tR6A35uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwNzE4MTkyMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNjNTY1YmFlM2FiOTA0MmY2ZDlmNTIxMzIwZDU0ZGMwMWEzOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGzHPnfonlUGsoY4noDs6FLnEmdq
Q/qfljf+Z+ArSMINmdee9M39//fYg9+JZxjBrSd9k72vGDWjCf+4jXcKeZb9KANy
3JOwDJMJLXns0oSassSKKshZx36D64JGy8CyisvjQjCUvIxBkDgUZYM6m0RMDEMq
Pi/U+mfBy58QSaY9Xls8QJOIH94oXkjWR6f5rjIYo1qJJcC7pBX8Xw48Bsm0cFSs
1G00dxXP4qdaeMAyQagNOCd+yujsWKgRevIVGalKIiq01AZTuQEojfpZUUWV6nYz
0QxTNfwgEEtCArN0PZ6tG9X03R2LNkbgRizGWuXOAWwn1UJfz9HbujfzkQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP/MVluuOrkEL22fUhMg1U3AGjmmMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvXzh4V1c2NDZ1UVF2Ylo5U0V5RFZUY0FhT2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgmoAQMF
ACoJr4ADBQAqCdcBAwUAKgqzgzANBgkqhkiG9w0BAQsFAAOCAQEAOWV05RLf+ZI+
j7m0obYsxVh6wtXeZE7RODElalCxVf0lPVsfFwLg7vnhhqO/Dsvnw5FcYGgTNu8j
TvowIoIvxgLdVtYQMVvsSoClQWeeJIY20kfPDDWsf8KQyEh7HtlXIRQJmnS3aysk
I3/krHr+ZomMf1Eo9NcDIAoWGZS1K0LXuuaK3lljRfCRQpJUfwttaK6i/SKZMI1K
GwCneXYYXvBRTk4jds3MeSSKRN4YclnkwGVuO9VJTZ6aI+2E1cyxvHba00i8ZlTn
PATvBv+P36UMrn0N2ZDt/9l4S6MQqXAsxLJcUMKMs5a3ycB7MWFYg98Xxyg7WwAb
HZeY5AHUVA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:10:42 2025 by rpki-client