Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/m_jEoHWJbta9is-AzcdhwUERKto.roa
File: m_jEoHWJbta9is-AzcdhwUERKto.roa (raw, json)
Hash identifier: OUSBXe2Xjqul4mAO6ULMOzemPtQGXHMBNnF23Ns7ycA=
Subject key identifier: 9B:F8:C4:A0:75:89:6E:D6:BD:8A:CF:80:CD:C7:61:C1:41:11:2A:DA
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 019842FB583B42F4AB86FE7164B7FCDA0030
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/m_jEoHWJbta9is-AzcdhwUERKto.roa
Signing time: Fri 25 Jul 2025 19:07:05 +0000
ROA not before: Fri 25 Jul 2025 19:07:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a11:1483::/32 maxlen: 32
2a11:1f01::/32 maxlen: 32
2a11:6302::/32 maxlen: 32
2a11:9384::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:42:fb:58:3b:42:f4:ab:86:fe:71:64:b7:fc:da:00:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jul 25 19:07:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bf8c4a075896ed6bd8acf80cdc761c141112ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7b:8a:03:8c:22:48:62:62:5d:ac:9f:ed:54:
4a:8d:11:6a:2c:0d:c8:90:c0:e4:80:5e:e4:97:65:
a2:24:be:97:7b:84:7b:78:d7:38:44:b8:d5:0d:12:
d7:b9:59:7f:ea:3a:bf:90:dc:7a:61:e8:38:20:06:
34:c1:ec:9e:ce:60:89:36:e0:17:98:f7:3d:35:c8:
96:b7:4f:26:c2:c8:f7:02:7e:8c:5b:42:c1:5f:f6:
f1:30:78:31:0c:27:a4:73:2d:51:55:70:58:d1:8c:
cb:a9:c0:b2:1c:5a:3e:86:1b:da:19:d2:50:68:73:
c9:fb:82:98:53:0b:88:dd:6e:12:5a:ce:fe:6e:31:
a9:b9:d4:5f:dc:7d:82:86:ba:67:b7:be:e1:78:70:
15:3a:fc:cd:a3:19:ea:48:d7:1a:db:ca:cf:15:b9:
3c:86:86:12:f3:7b:e6:59:74:d9:22:4d:91:c6:7a:
0c:bb:65:2d:12:44:4e:64:3a:a7:dc:c3:b3:09:d3:
35:33:a9:17:82:bd:62:a4:f4:da:c1:45:dd:17:4e:
b6:de:71:a3:b9:57:4b:7e:00:7a:2a:5b:f6:03:ac:
44:7f:4a:11:ed:19:fa:b0:0f:7a:dd:ad:c9:17:ba:
7f:20:2d:33:c9:20:42:db:41:58:e5:df:a1:fc:1e:
99:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F8:C4:A0:75:89:6E:D6:BD:8A:CF:80:CD:C7:61:C1:41:11:2A:DA
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/m_jEoHWJbta9is-AzcdhwUERKto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1483::/32
2a11:1f01::/32
2a11:6302::/32
2a11:9384::/32
Signature Algorithm: sha256WithRSAEncryption
3e:bc:e7:b9:a1:46:7b:c4:ba:e6:6e:13:18:5d:5c:5a:d7:57:
b5:86:38:9c:f7:b9:a4:3f:e6:32:13:eb:64:95:fb:b0:b0:94:
fc:58:18:67:a7:ac:2d:d5:ec:41:bd:b0:86:d7:df:3a:ba:f0:
8f:f5:35:80:02:39:3b:c1:1b:d8:a2:8d:a4:5c:1b:ab:f4:2d:
5a:d8:b1:8a:9d:cd:05:16:b6:0c:cf:6a:b8:d7:f3:81:3d:69:
6f:5c:0d:87:6e:4e:a3:b4:c7:11:ad:27:94:46:44:20:ed:35:
b2:45:a6:04:c8:dd:b1:6a:35:90:67:a3:23:aa:ed:14:5d:86:
07:44:30:68:2f:95:c7:52:0c:30:40:a9:b7:3e:52:f9:bd:67:
8b:d8:7c:e1:11:c6:1e:a4:72:37:9b:8f:ad:12:07:56:50:3f:
1e:dc:e3:35:26:34:38:ae:11:f6:94:56:51:c9:23:8f:a9:76:
00:db:84:f7:e9:fa:cd:2e:8d:59:9a:23:41:f7:a1:36:77:da:
2c:dd:e2:e7:a7:1a:05:04:02:94:1d:3d:e4:ea:29:cf:d4:35:
f6:ce:30:db:07:1d:30:58:5b:5e:c7:03:5c:54:8c:3a:d4:57:
16:1e:e5:eb:82:54:76:1c:07:2d:b2:86:69:fa:a9:e6:42:97:
ba:33:b7:66
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZhC+1g7QvSrhv5xZLf82gAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwNzI1MTkwNzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmY4YzRhMDc1ODk2ZWQ2YmQ4YWNmODBjZGM3NjFjMTQxMTEyYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XuKA4wiSGJiXayf7VRKjRFqLA3I
kMDkgF7kl2WiJL6Xe4R7eNc4RLjVDRLXuVl/6jq/kNx6Yeg4IAY0weyezmCJNuAX
mPc9NciWt08mwsj3An6MW0LBX/bxMHgxDCekcy1RVXBY0YzLqcCyHFo+hhvaGdJQ
aHPJ+4KYUwuI3W4SWs7+bjGpudRf3H2Chrpnt77heHAVOvzNoxnqSNca28rPFbk8
hoYS83vmWXTZIk2RxnoMu2UtEkROZDqn3MOzCdM1M6kXgr1ipPTawUXdF0623nGj
uVdLfgB6Klv2A6xEf0oR7Rn6sA963a3JF7p/IC0zySBC20FY5d+h/B6ZewIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJv4xKB1iW7WvYrPgM3HYcFBESraMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvbV9qRW9IV0pidGE5aXMtQXpjZGh3VUVSS3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEUgwMF
ACoRHwEDBQAqEWMCAwUAKhGThDANBgkqhkiG9w0BAQsFAAOCAQEAPrznuaFGe8S6
5m4TGF1cWtdXtYY4nPe5pD/mMhPrZJX7sLCU/FgYZ6esLdXsQb2whtffOrrwj/U1
gAI5O8Eb2KKNpFwbq/QtWtixip3NBRa2DM9quNfzgT1pb1wNh25Oo7THEa0nlEZE
IO01skWmBMjdsWo1kGejI6rtFF2GB0QwaC+Vx1IMMECptz5S+b1ni9h84RHGHqRy
N5uPrRIHVlA/HtzjNSY0OK4R9pRWUckjj6l2ANuE9+n6zS6NWZojQfehNnfaLN3i
56caBQQClB095Oopz9Q19s4w2wcdMFhbXscDXFSMOtRXFh7l64JUdhwHLbKGafqp
5kKXujO3Zg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:13:17 2025 by rpki-client