Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/st2R6UDstypnu9vIQLLlpbnSv18.roa
File: st2R6UDstypnu9vIQLLlpbnSv18.roa (raw, json)
Hash identifier: P+mJfsmOpGeEumbqHyKL+jhvhwVwst2VMwXBGl94NcA=
Subject key identifier: B2:DD:91:E9:40:EC:B7:2A:67:BB:DB:C8:40:B2:E5:A5:B9:D2:BF:5F
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019830CFDDA611D1B41739E986B140D89C34
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/st2R6UDstypnu9vIQLLlpbnSv18.roa
Signing time: Tue 22 Jul 2025 06:26:25 +0000
ROA not before: Tue 22 Jul 2025 06:26:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214477
IP address blocks: 2a11:2f40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:f240::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:30:cf:dd:a6:11:d1:b4:17:39:e9:86:b1:40:d8:9c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 22 06:26:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2dd91e940ecb72a67bbdbc840b2e5a5b9d2bf5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:b9:ac:57:b4:60:09:5e:43:9e:3b:26:05:
3d:e1:50:52:81:bc:37:9a:62:ec:80:5d:e3:21:1d:
a2:61:f3:93:4f:b0:23:39:a2:75:82:61:b3:e8:53:
03:6d:cf:2c:f5:5e:87:1c:67:45:24:d3:52:1d:db:
36:10:d0:b7:28:38:29:33:f9:bc:6c:f4:e5:ba:c0:
bb:c8:e9:7a:e3:b0:a8:d3:21:b2:6a:f3:e4:72:86:
c9:9f:56:66:07:9e:74:1f:b0:f7:a4:9e:5d:d6:70:
c0:6a:7a:68:98:51:32:c5:22:70:4f:d7:db:1c:77:
85:e8:3f:3b:eb:46:08:8a:e2:ae:42:ed:d0:29:64:
0b:49:06:a2:82:e5:f5:41:71:71:81:8a:11:52:17:
14:57:35:02:60:f7:3a:72:e8:5a:b7:db:3e:43:73:
4d:9d:a0:85:84:ef:70:76:ea:45:e9:26:28:1d:34:
c5:10:f9:c7:fa:9b:9a:49:43:a1:41:2e:43:c7:30:
be:08:f3:c4:6a:73:68:1c:0a:bc:d4:7d:60:f1:35:
3d:04:1f:a5:93:8c:3a:6e:a4:08:88:2f:23:f0:27:
47:f1:15:24:66:d0:45:3b:e0:74:df:97:16:45:df:
cf:e8:ba:6b:f2:ac:fb:70:ba:b9:18:e6:ea:8e:e8:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DD:91:E9:40:EC:B7:2A:67:BB:DB:C8:40:B2:E5:A5:B9:D2:BF:5F
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/st2R6UDstypnu9vIQLLlpbnSv18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2f40::/29
2a11:7240::/29
2a11:f240::/29
2a12:6f40::/29
2a12:7740::/29
Signature Algorithm: sha256WithRSAEncryption
6f:7d:8c:7c:bc:de:9a:e5:f2:22:0c:f2:eb:6c:41:bc:38:f7:
5d:e3:8c:62:a6:6e:19:15:f8:8e:30:cd:e1:36:67:d9:6d:1d:
4f:79:e7:88:91:41:ca:8a:1d:b1:48:f5:a8:e4:d0:7b:2d:fb:
f2:dd:72:cc:c4:29:68:cb:70:47:5c:37:58:2d:5f:f5:9e:21:
53:1f:64:06:c9:08:1a:79:0f:87:13:d1:8b:fc:a2:8a:ee:15:
b0:cf:01:1f:d8:09:a5:61:87:6d:ec:d5:8e:13:f4:c4:49:b0:
36:76:b6:85:b9:2e:ec:8a:c3:90:b2:ec:16:00:8e:9d:c8:fe:
a8:c4:53:3a:98:92:34:46:c1:fb:28:16:37:ad:7e:4b:0f:21:
e1:37:21:18:03:0a:89:ab:dd:c6:86:23:c0:ad:c0:93:87:e8:
8a:79:69:e3:d3:dc:d0:8a:03:b1:d8:45:f7:0a:19:9a:cf:e1:
d5:6f:76:c6:31:e3:a7:11:72:0c:f7:a0:cd:1b:08:5e:97:27:
78:6b:58:7e:85:dc:51:6f:5d:4b:54:bd:3f:a8:9f:f2:79:2b:
95:3e:de:a2:7f:c6:7a:e7:79:ac:a6:6a:1b:4a:c4:bd:62:6f:
c1:90:e5:0c:87:77:d0:ab:65:dd:ff:63:e0:00:34:b4:12:61:
ef:36:75:a9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZgwz92mEdG0FznphrFA2Jw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNzIyMDYyNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRkOTFlOTQwZWNiNzJhNjdiYmRiYzg0MGIyZTVhNWI5ZDJiZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLO5rFe0YAleQ547JgU94VBSgbw3
mmLsgF3jIR2iYfOTT7AjOaJ1gmGz6FMDbc8s9V6HHGdFJNNSHds2ENC3KDgpM/m8
bPTlusC7yOl647Co0yGyavPkcobJn1ZmB550H7D3pJ5d1nDAanpomFEyxSJwT9fb
HHeF6D8760YIiuKuQu3QKWQLSQaiguX1QXFxgYoRUhcUVzUCYPc6cuhat9s+Q3NN
naCFhO9wdupF6SYoHTTFEPnH+puaSUOhQS5DxzC+CPPEanNoHAq81H1g8TU9BB+l
k4w6bqQIiC8j8CdH8RUkZtBFO+B035cWRd/P6Lpr8qz7cLq5GObqjug01wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLLdkelA7LcqZ7vbyECy5aW50r9fMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvc3QyUjZVRHN0eXBudTl2SVFMTGxwYm5TdjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhEvQAMF
AyoRckADBQMqEfJAAwUDKhJvQAMFAyoSd0AwDQYJKoZIhvcNAQELBQADggEBAG99
jHy83prl8iIM8utsQbw4913jjGKmbhkV+I4wzeE2Z9ltHU9554iRQcqKHbFI9ajk
0Hst+/LdcszEKWjLcEdcN1gtX/WeIVMfZAbJCBp5D4cT0Yv8ooruFbDPAR/YCaVh
h23s1Y4T9MRJsDZ2toW5LuyKw5Cy7BYAjp3I/qjEUzqYkjRGwfsoFjetfksPIeE3
IRgDComr3caGI8CtwJOH6Ip5aePT3NCKA7HYRfcKGZrP4dVvdsYx46cRcgz3oM0b
CF6XJ3hrWH6F3FFvXUtUvT+on/J5K5U+3qJ/xnrneaymahtKxL1ib8GQ5QyHd9Cr
Zd3/Y+AANLQSYe82dak=
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:46:49 2025 by rpki-client