Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/uIkKwjG2twOViGp17wpnhdGS0f8.roa
File: uIkKwjG2twOViGp17wpnhdGS0f8.roa (raw, json)
Hash identifier: KUTc2v5amDNaiFPOvtELgWr2ld1vskAlxP4zl0K8QqQ=
Subject key identifier: B8:89:0A:C2:31:B6:B7:03:95:88:6A:75:EF:0A:67:85:D1:92:D1:FF
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01982D71716C6A25D0A722D8EDD63C5B968A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/uIkKwjG2twOViGp17wpnhdGS0f8.roa
Signing time: Mon 21 Jul 2025 14:44:25 +0000
ROA not before: Mon 21 Jul 2025 14:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215681
IP address blocks: 2a0e:8f02:2070::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:71:71:6c:6a:25:d0:a7:22:d8:ed:d6:3c:5b:96:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jul 21 14:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8890ac231b6b70395886a75ef0a6785d192d1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3f:95:12:71:79:bf:21:7f:7c:e3:1c:04:7d:
44:61:78:13:0e:61:6d:1e:af:7a:3d:ef:bc:05:d4:
14:62:53:01:1c:c7:e8:0a:ea:09:3d:c9:90:f7:9d:
f5:34:b4:73:81:ac:6f:92:15:3f:d7:6f:d4:94:80:
d0:52:0d:4b:82:dc:23:33:38:fd:04:1c:17:42:48:
db:a8:91:ca:62:6d:9c:2e:f7:02:cf:8e:76:ed:3c:
9c:94:58:0d:8a:b8:47:3d:07:88:f8:7a:63:42:79:
00:8c:02:66:8b:99:f6:b7:14:4f:ef:fc:13:99:5e:
5b:f7:8b:b2:d1:4b:84:32:71:aa:48:79:21:f7:98:
72:90:88:91:09:bf:d2:16:13:21:69:8a:af:28:d4:
97:cf:ef:ac:65:3b:90:f3:30:5e:3f:75:cc:39:3d:
87:ae:b7:d2:cd:2c:c9:da:96:38:b4:7c:63:17:b5:
6f:f5:4e:b0:4f:d6:60:7b:f0:db:0e:54:1e:ca:42:
30:11:93:e7:44:d3:3f:2b:8d:d6:50:48:1f:b0:5f:
de:92:59:c4:61:b2:d7:f4:f5:92:db:95:84:1d:44:
bd:fa:18:31:71:55:36:e6:ee:f5:40:d1:32:2d:40:
c4:bd:d9:d3:e3:92:1a:3b:2b:62:d6:13:d7:53:03:
c9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:89:0A:C2:31:B6:B7:03:95:88:6A:75:EF:0A:67:85:D1:92:D1:FF
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/uIkKwjG2twOViGp17wpnhdGS0f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2070::/44
Signature Algorithm: sha256WithRSAEncryption
3c:db:6f:b7:91:0b:17:aa:9a:80:51:dc:4c:df:b5:c0:65:a8:
3e:2e:28:87:02:53:bc:6c:d5:cf:b8:8b:77:dd:c1:76:b8:bc:
ce:f0:86:93:04:b5:72:b3:ed:cd:b0:af:21:5e:a8:ce:7f:dd:
e8:d0:bc:e1:07:d5:03:42:28:f1:c6:08:4c:0d:0f:05:4b:91:
af:56:bc:39:09:d3:cb:3a:8e:01:09:c6:60:77:4d:0d:a6:dd:
01:ad:37:aa:6b:6e:25:df:a5:0c:52:ec:f8:2a:b8:1f:2a:f9:
0d:92:b8:39:17:37:76:b9:32:ec:fc:34:e1:10:97:ec:b5:61:
50:b3:21:c4:ab:46:8c:3e:8b:16:65:18:14:ac:78:91:67:57:
39:e9:bc:d3:57:b5:2b:59:37:2c:82:fd:73:11:d4:b4:7e:36:
e0:b2:93:17:74:5a:ca:94:c0:64:7e:3d:5e:a8:1d:22:09:3d:
fd:a3:5b:53:5a:14:85:5f:7e:08:e6:78:26:05:95:1f:94:f3:
92:4f:b6:e9:ca:61:cc:d7:ca:77:12:7f:5d:70:38:91:11:8f:
4a:b8:b3:c8:e1:7b:b1:cb:b0:be:18:f5:44:d7:7e:c5:7b:d0:
bd:12:45:73:63:d6:0e:cb:02:c4:b3:9e:24:e8:ef:9a:5c:fd:
2f:1d:ce:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZgtcXFsaiXQpyLY7dY8W5aKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwNzIxMTQ0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg5MGFjMjMxYjZiNzAzOTU4ODZhNzVlZjBhNjc4NWQxOTJkMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T+VEnF5vyF/fOMcBH1EYXgTDmFt
Hq96Pe+8BdQUYlMBHMfoCuoJPcmQ9531NLRzgaxvkhU/12/UlIDQUg1LgtwjMzj9
BBwXQkjbqJHKYm2cLvcCz4527TyclFgNirhHPQeI+HpjQnkAjAJmi5n2txRP7/wT
mV5b94uy0UuEMnGqSHkh95hykIiRCb/SFhMhaYqvKNSXz++sZTuQ8zBeP3XMOT2H
rrfSzSzJ2pY4tHxjF7Vv9U6wT9Zge/DbDlQeykIwEZPnRNM/K43WUEgfsF/eklnE
YbLX9PWS25WEHUS9+hgxcVU25u71QNEyLUDEvdnT45IaOyti1hPXUwPJ6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLiJCsIxtrcDlYhqde8KZ4XRktH/MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdUlrS3dqRzJ0d09WaUdwMTd3cG5oZEdTMGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiBw
MA0GCSqGSIb3DQEBCwUAA4IBAQA822+3kQsXqpqAUdxM37XAZag+LiiHAlO8bNXP
uIt33cF2uLzO8IaTBLVys+3NsK8hXqjOf93o0LzhB9UDQijxxghMDQ8FS5GvVrw5
CdPLOo4BCcZgd00Npt0BrTeqa24l36UMUuz4KrgfKvkNkrg5Fzd2uTLs/DThEJfs
tWFQsyHEq0aMPosWZRgUrHiRZ1c56bzTV7UrWTcsgv1zEdS0fjbgspMXdFrKlMBk
fj1eqB0iCT39o1tTWhSFX34I5ngmBZUflPOST7bpymHM18p3En9dcDiREY9KuLPI
4Xuxy7C+GPVE137Fe9C9EkVzY9YOywLEs54k6O+aXP0vHc41
-----END CERTIFICATE-----
Generated at Wed Jul 23 06:22:53 2025 by rpki-client