Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKnw-L5JAMuLVLW_rPUfl50hgHY.roa
File: PKnw-L5JAMuLVLW_rPUfl50hgHY.roa (raw, json)
Hash identifier: Byni1NysoU1wt70wQe2A3ExqD7CHoo8EoSDduRrEOLI=
Subject key identifier: 3C:A9:F0:F8:BE:49:00:CB:8B:54:B5:BF:AC:F5:1F:97:9D:21:80:76
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019845E83F913D1B8706F3156643DD369D03
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKnw-L5JAMuLVLW_rPUfl50hgHY.roa
Signing time: Sat 26 Jul 2025 08:45:05 +0000
ROA not before: Sat 26 Jul 2025 08:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 2a00:15c8::/29 maxlen: 29
2a00:15c8:1083::/48 maxlen: 48
2a00:15c9::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:45:e8:3f:91:3d:1b:87:06:f3:15:66:43:dd:36:9d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jul 26 08:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca9f0f8be4900cb8b54b5bfacf51f979d218076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:6c:34:6e:9f:77:43:c6:bf:b9:61:95:c1:
0a:cc:78:07:46:c2:c5:ff:55:69:52:02:f3:19:bc:
ff:5a:4b:6a:4d:2c:f1:14:f9:0c:ea:43:65:37:bc:
17:02:82:82:87:41:84:2b:8e:ae:e7:a5:c3:e8:e5:
33:a6:7f:09:0b:fa:10:ab:0a:53:a1:38:9b:05:2b:
03:ab:8c:be:76:0c:4d:87:49:da:5b:83:c4:0b:81:
93:cc:aa:61:8b:31:30:c9:27:ed:53:5b:b7:b7:f3:
3f:eb:29:3c:37:58:00:c0:fc:76:25:25:9f:3a:08:
f5:79:0c:6c:22:aa:f5:47:81:34:3d:e3:55:64:dc:
30:3b:db:27:ed:81:97:68:29:29:15:b7:1e:ba:7c:
70:3f:91:c6:2b:3d:77:6a:23:2a:8d:c6:f4:00:a8:
a6:3f:8f:ca:03:ed:f3:8d:65:7d:ad:c0:dc:e1:b2:
31:45:60:54:d9:97:b2:78:79:0e:8b:3e:0f:b5:77:
f5:2c:ee:c0:ba:ae:c2:3c:57:5d:94:60:ef:eb:aa:
80:ee:db:52:f1:0c:fc:46:be:93:dd:f3:2c:a8:a3:
6e:3b:bf:6a:10:7a:a1:e3:cb:14:ea:56:c4:cd:63:
76:7f:75:00:a5:c8:aa:4a:da:e7:d8:ac:1f:7d:ed:
fd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:F0:F8:BE:49:00:CB:8B:54:B5:BF:AC:F5:1F:97:9D:21:80:76
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKnw-L5JAMuLVLW_rPUfl50hgHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:15c8::/29
Signature Algorithm: sha256WithRSAEncryption
52:96:75:36:7c:9d:3a:16:a2:c9:13:4c:2e:45:eb:d7:b4:06:
c9:dc:83:d8:77:c6:41:5a:69:bc:ec:6c:52:76:da:c8:db:3e:
b2:eb:bd:d3:ef:42:bf:da:29:07:d7:ee:5a:e4:bd:22:35:bf:
5c:6e:36:91:d7:b2:0d:9f:4e:f4:38:b9:14:18:39:c8:bc:94:
48:97:7f:9f:a2:d9:79:14:a8:02:9c:7d:1b:f0:43:d7:39:ef:
a4:c2:ab:1e:bb:e4:6c:2f:f6:52:d0:7a:30:4b:a2:66:01:b6:
77:ae:70:e1:f5:2d:b5:78:aa:e2:12:89:ff:b3:f5:45:0f:7e:
fc:1b:6b:3b:a9:d6:5b:f1:e8:05:ca:d9:3b:70:49:e4:cc:0f:
1e:f1:b6:f8:bd:59:ed:b4:4c:62:b8:6a:4e:71:59:85:4f:1d:
96:f4:2f:21:c3:f9:6e:11:4b:de:60:c9:f2:43:be:c9:f5:99:
dd:cf:c4:d9:d7:39:4b:8d:2c:da:d0:3d:b8:00:83:2d:3f:83:
38:68:0d:12:d2:a2:37:da:4d:ed:56:d4:23:40:26:fb:df:f7:
dc:3f:a3:3f:cd:6d:2f:bb:11:33:fe:a8:e0:83:20:18:65:db:
7b:83:a8:85:a8:05:3d:ac:e5:39:6a:e9:71:9a:56:01:7b:ae:
cf:65:d3:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZhF6D+RPRuHBvMVZkPdNp0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwNzI2MDg0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E5ZjBmOGJlNDkwMGNiOGI1NGI1YmZhY2Y1MWY5NzlkMjE4MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvpsNG6fd0PGv7lhlcEKzHgHRsLF
/1VpUgLzGbz/WktqTSzxFPkM6kNlN7wXAoKCh0GEK46u56XD6OUzpn8JC/oQqwpT
oTibBSsDq4y+dgxNh0naW4PEC4GTzKphizEwySftU1u3t/M/6yk8N1gAwPx2JSWf
Ogj1eQxsIqr1R4E0PeNVZNwwO9sn7YGXaCkpFbceunxwP5HGKz13aiMqjcb0AKim
P4/KA+3zjWV9rcDc4bIxRWBU2ZeyeHkOiz4PtXf1LO7Auq7CPFddlGDv66qA7ttS
8Qz8Rr6T3fMsqKNuO79qEHqh48sU6lbEzWN2f3UApciqStrn2Kwffe396wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDyp8Pi+SQDLi1S1v6z1H5edIYB2MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvUEtudy1MNUpBTXVMVkxXX3JQVWZsNTBoZ0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgAVyDAN
BgkqhkiG9w0BAQsFAAOCAQEAUpZ1NnydOhaiyRNMLkXr17QGydyD2HfGQVppvOxs
UnbayNs+suu90+9Cv9opB9fuWuS9IjW/XG42kdeyDZ9O9Di5FBg5yLyUSJd/n6LZ
eRSoApx9G/BD1znvpMKrHrvkbC/2UtB6MEuiZgG2d65w4fUttXiq4hKJ/7P1RQ9+
/BtrO6nWW/HoBcrZO3BJ5MwPHvG2+L1Z7bRMYrhqTnFZhU8dlvQvIcP5bhFL3mDJ
8kO+yfWZ3c/E2dc5S40s2tA9uACDLT+DOGgNEtKiN9pN7VbUI0Am+9/33D+jP81t
L7sRM/6o4IMgGGXbe4OohagFPazlOWrpcZpWAXuuz2XT4g==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:49:45 2025 by rpki-client