Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/KSDXhKgWWVEkkC6NVIKBP_o1Rpo.roa
File: KSDXhKgWWVEkkC6NVIKBP_o1Rpo.roa (raw, json)
Hash identifier: jVQCkscbVa1q5LANqcaP37lQjUSQCWfQx/8k3fovaCg=
Subject key identifier: 29:20:D7:84:A8:16:59:51:24:90:2E:8D:54:82:81:3F:FA:35:46:9A
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 01981EDDBF61B9D4CBD44001C1E2A1D167B0
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/KSDXhKgWWVEkkC6NVIKBP_o1Rpo.roa
Signing time: Fri 18 Jul 2025 18:48:25 +0000
ROA not before: Fri 18 Jul 2025 18:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:1482::/32 maxlen: 32
2a11:1f06::/32 maxlen: 32
2a11:6307::/32 maxlen: 32
2a11:9385::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:dd:bf:61:b9:d4:cb:d4:40:01:c1:e2:a1:d1:67:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jul 18 18:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2920d784a816595124902e8d5482813ffa35469a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:fa:78:93:0e:22:87:0b:fc:a7:58:d6:f9:
9c:bc:4d:83:0f:de:f5:2a:51:26:5b:90:b6:e7:21:
d2:14:c0:d1:b2:66:0d:75:8e:19:65:2d:cd:99:4d:
81:1c:ef:df:89:0b:7a:9a:bf:2a:9a:1e:55:dd:da:
5e:ec:d1:18:db:2c:a0:e7:e5:08:20:4f:b1:03:31:
ca:42:27:e4:f2:5c:7c:b1:91:23:b5:ed:b9:bb:bf:
fe:c5:3b:dc:55:04:a7:11:3e:b7:f4:8c:3a:30:15:
a8:43:f3:38:0b:07:62:ee:28:58:26:e5:9f:87:bb:
cb:75:ea:18:fd:04:73:07:22:70:6c:03:f1:fd:05:
ff:73:04:5d:18:23:92:98:83:3e:d2:73:5a:8e:cf:
f0:49:a8:90:3e:6d:d2:49:cb:5e:62:38:df:15:97:
cf:a5:98:70:9f:07:8b:4c:90:cd:01:be:a7:0f:5f:
ea:b4:e2:61:52:f0:50:ca:10:f5:67:46:ca:74:c3:
d0:df:08:e1:34:08:ee:ef:5b:ce:b2:25:9c:07:15:
43:29:63:e4:a1:01:73:92:8e:2a:a8:ab:29:c3:82:
0f:02:a5:aa:b6:34:f6:cd:36:bc:f1:53:d1:46:e0:
71:07:e3:12:db:db:2c:75:90:c6:39:7d:f2:d0:98:
fc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:D7:84:A8:16:59:51:24:90:2E:8D:54:82:81:3F:FA:35:46:9A
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/KSDXhKgWWVEkkC6NVIKBP_o1Rpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1482::/32
2a11:1f06::/32
2a11:6307::/32
2a11:9385::/32
Signature Algorithm: sha256WithRSAEncryption
2a:4c:fe:91:7b:52:65:be:12:98:aa:8a:72:19:bd:67:54:61:
a6:d9:98:be:52:cd:4d:0c:29:21:5d:aa:68:09:95:64:45:b0:
3d:49:2b:a9:b0:ae:b4:af:46:4f:59:58:fe:9e:59:88:91:43:
ac:13:7c:10:94:2d:87:dd:f8:62:42:00:56:fe:49:c8:8b:c2:
c5:42:d0:34:02:d5:f5:00:97:36:b5:23:39:6b:ac:47:c9:1e:
5d:f1:e4:e1:ef:44:0e:ac:3c:e8:cc:48:df:ed:c7:22:74:d8:
40:f4:0a:bb:e1:24:91:7a:a0:8d:2e:61:7a:92:19:81:be:6a:
f5:e9:2f:23:e3:09:cd:96:9d:f8:2b:4a:7f:fc:2c:e4:b3:ec:
01:4b:21:21:b2:20:11:46:d0:f8:34:11:a2:9f:eb:3d:08:74:
5e:2f:53:51:7b:63:24:d0:d1:7c:d8:47:c8:4f:f4:ea:db:e9:
80:97:ca:0b:1d:83:83:54:48:f5:52:7d:00:e4:a4:3e:51:0b:
08:b9:b6:35:e8:08:89:cc:39:47:66:ef:82:64:46:3a:2a:5d:
9b:19:ca:ce:50:fc:28:ae:73:d1:4d:88:86:cb:64:53:aa:ad:
53:5c:4d:71:6b:29:4a:66:d6:a0:58:93:84:28:d5:ee:02:a5:
c5:7e:9a:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZge3b9hudTL1EABweKh0WewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwNzE4MTg0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIwZDc4NGE4MTY1OTUxMjQ5MDJlOGQ1NDgyODEzZmZhMzU0NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PL6eJMOIocL/KdY1vmcvE2DD971
KlEmW5C25yHSFMDRsmYNdY4ZZS3NmU2BHO/fiQt6mr8qmh5V3dpe7NEY2yyg5+UI
IE+xAzHKQifk8lx8sZEjte25u7/+xTvcVQSnET639Iw6MBWoQ/M4Cwdi7ihYJuWf
h7vLdeoY/QRzByJwbAPx/QX/cwRdGCOSmIM+0nNajs/wSaiQPm3SScteYjjfFZfP
pZhwnweLTJDNAb6nD1/qtOJhUvBQyhD1Z0bKdMPQ3wjhNAju71vOsiWcBxVDKWPk
oQFzko4qqKspw4IPAqWqtjT2zTa88VPRRuBxB+MS29ssdZDGOX3y0Jj80QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCkg14SoFllRJJAujVSCgT/6NUaaMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvS1NEWGhLZ1dXVkVra0M2TlZJS0JQX28xUnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEUggMF
ACoRHwYDBQAqEWMHAwUAKhGThTANBgkqhkiG9w0BAQsFAAOCAQEAKkz+kXtSZb4S
mKqKchm9Z1RhptmYvlLNTQwpIV2qaAmVZEWwPUkrqbCutK9GT1lY/p5ZiJFDrBN8
EJQth934YkIAVv5JyIvCxULQNALV9QCXNrUjOWusR8keXfHk4e9EDqw86MxI3+3H
InTYQPQKu+EkkXqgjS5hepIZgb5q9ekvI+MJzZad+CtKf/ws5LPsAUshIbIgEUbQ
+DQRop/rPQh0Xi9TUXtjJNDRfNhHyE/06tvpgJfKCx2Dg1RI9VJ9AOSkPlELCLm2
NegIicw5R2bvgmRGOipdmxnKzlD8KK5z0U2IhstkU6qtU1xNcWspSmbWoFiThCjV
7gKlxX6aeA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 17:11:42 2025 by rpki-client