Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/j3Ptqby32qT75eey4SmrtVS5UGY.roa
File: j3Ptqby32qT75eey4SmrtVS5UGY.roa (raw, json)
Hash identifier: tbC4b9hbySMoKM3B3guWgAqJSnSfoMlB2VYMhfTqDik=
Subject key identifier: 8F:73:ED:A9:BC:B7:DA:A4:FB:E5:E7:B2:E1:29:AB:B5:54:B9:50:66
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 01981EDF9437B47AA0B1989331E26E744882
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/j3Ptqby32qT75eey4SmrtVS5UGY.roa
Signing time: Fri 18 Jul 2025 18:50:25 +0000
ROA not before: Fri 18 Jul 2025 18:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a11:1485::/32 maxlen: 32
2a11:1f02::/32 maxlen: 32
2a11:6301::/32 maxlen: 32
2a11:9387::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 22:13:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:df:94:37:b4:7a:a0:b1:98:93:31:e2:6e:74:48:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jul 18 18:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f73eda9bcb7daa4fbe5e7b2e129abb554b95066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:58:0d:a5:9a:57:f2:d1:b5:d3:b4:35:6d:
a6:90:e9:56:8e:1f:38:62:1a:e6:af:fe:44:25:95:
95:6a:5b:f4:3f:df:58:c5:cc:11:56:56:e9:50:92:
9a:f9:bf:1e:c2:b9:f8:43:54:9d:9f:0b:5c:c5:f4:
72:ce:70:57:e1:1f:a6:83:bc:3d:1c:0f:ed:fe:43:
5d:96:d1:1a:77:c9:7e:cb:7f:5b:bc:dc:c3:73:a9:
d9:af:95:8b:8f:7e:92:f0:44:73:f4:bc:9f:2e:00:
35:f1:7b:35:17:c4:c2:3d:2e:eb:88:3d:9c:fb:7c:
ed:b7:1c:89:28:da:6c:c0:e4:af:c5:72:55:e4:56:
1b:04:72:66:42:8b:ea:89:de:35:94:b9:f4:3a:29:
45:3b:87:29:18:d5:07:4b:1c:04:e2:3a:0d:c5:ac:
d2:55:59:00:19:a6:68:85:f3:f2:28:a0:92:ca:89:
59:6b:93:d9:1f:8d:78:95:d5:89:64:66:3a:e4:d6:
89:66:d2:6d:2d:f2:53:98:77:ae:57:13:5f:fb:39:
f8:d8:3e:84:45:48:3f:61:65:b3:da:e3:4c:e7:6d:
4e:2a:8e:49:6b:7d:d3:72:7b:b7:bf:75:7e:89:b5:
b7:2c:25:fe:06:e5:d9:8c:a6:76:d3:45:9d:28:84:
97:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:ED:A9:BC:B7:DA:A4:FB:E5:E7:B2:E1:29:AB:B5:54:B9:50:66
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/j3Ptqby32qT75eey4SmrtVS5UGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1485::/32
2a11:1f02::/32
2a11:6301::/32
2a11:9387::/32
Signature Algorithm: sha256WithRSAEncryption
4a:fc:cc:46:18:eb:66:c9:90:50:9e:5f:8b:f5:02:4c:d3:06:
91:a7:5a:17:1e:8b:e8:f9:98:c8:fd:1f:22:60:51:71:8e:41:
ee:34:5e:82:b1:b5:45:fc:4d:27:60:db:d3:3b:d8:1b:09:90:
09:46:b3:9b:f7:f3:79:12:84:d8:c6:a7:ec:f7:28:3e:dd:af:
fb:58:99:5c:87:8e:88:c0:c1:e0:41:d0:f1:55:4b:aa:ab:48:
08:ce:08:84:9d:bd:7a:ab:12:ab:3c:e0:7f:f1:21:e1:45:dc:
de:cd:ac:a5:e4:69:8f:f8:bf:f6:18:e7:77:18:a5:bb:0a:d2:
6f:41:96:fa:4a:7d:57:28:33:08:38:45:f4:17:6c:98:e7:50:
07:78:e0:d0:59:7a:ff:a0:b6:db:d0:fa:57:2c:b8:e1:a6:11:
07:b2:38:b7:88:3c:d7:0f:a7:aa:bb:50:cc:1f:c9:8a:3f:9e:
4b:a8:35:a7:1e:57:50:32:56:df:0d:3d:30:36:24:43:d2:c2:
08:13:9a:33:13:f5:d9:de:1f:91:90:02:00:14:df:44:4b:fc:
83:44:2e:f5:0d:ad:44:6d:40:38:b3:69:44:1e:2a:93:42:a9:
e3:aa:5c:20:3d:7b:40:6b:2f:f7:c6:47:00:c5:12:c4:89:f9:
a6:66:2e:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZge35Q3tHqgsZiTMeJudEiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwNzE4MTg1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjczZWRhOWJjYjdkYWE0ZmJlNWU3YjJlMTI5YWJiNTU0Yjk1MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfZYDaWaV/LRtdO0NW2mkOlWjh84
Yhrmr/5EJZWValv0P99YxcwRVlbpUJKa+b8ewrn4Q1SdnwtcxfRyznBX4R+mg7w9
HA/t/kNdltEad8l+y39bvNzDc6nZr5WLj36S8ERz9LyfLgA18Xs1F8TCPS7riD2c
+3zttxyJKNpswOSvxXJV5FYbBHJmQovqid41lLn0OilFO4cpGNUHSxwE4joNxazS
VVkAGaZohfPyKKCSyolZa5PZH414ldWJZGY65NaJZtJtLfJTmHeuVxNf+zn42D6E
RUg/YWWz2uNM521OKo5Ja33Tcnu3v3V+ibW3LCX+BuXZjKZ200WdKISX1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI9z7am8t9qk++XnsuEpq7VUuVBmMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvajNQdHFieTMycVQ3NWVleTRTbXJ0VlM1VUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEUhQMF
ACoRHwIDBQAqEWMBAwUAKhGThzANBgkqhkiG9w0BAQsFAAOCAQEASvzMRhjrZsmQ
UJ5fi/UCTNMGkadaFx6L6PmYyP0fImBRcY5B7jRegrG1RfxNJ2Db0zvYGwmQCUaz
m/fzeRKE2Man7PcoPt2v+1iZXIeOiMDB4EHQ8VVLqqtICM4IhJ29eqsSqzzgf/Eh
4UXc3s2speRpj/i/9hjndxiluwrSb0GW+kp9VygzCDhF9BdsmOdQB3jg0Fl6/6C2
29D6Vyy44aYRB7I4t4g81w+nqrtQzB/Jij+eS6g1px5XUDJW3w09MDYkQ9LCCBOa
MxP12d4fkZACABTfREv8g0Qu9Q2tRG1AOLNpRB4qk0Kp46pcID17QGsv98ZHAMUS
xIn5pmYuTA==
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:27:44 2025 by rpki-client