
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/23cjywgox101LeW5GrrQWi4IHG0.roa
File: 23cjywgox101LeW5GrrQWi4IHG0.roa (raw, json)
Hash identifier: uYyFedbey5ChPUlaasPp5Y63DNZ1EjHPXUKggcmyWcA=
Subject key identifier: DB:77:23:CB:08:28:C7:5D:35:2D:E5:B9:1A:BA:D0:5A:2E:08:1C:6D
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 01982D8A27ED861593093FC77AEF6A0CB0D2
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/23cjywgox101LeW5GrrQWi4IHG0.roa
Signing time: Mon 21 Jul 2025 15:11:25 +0000
ROA not before: Mon 21 Jul 2025 15:11:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a12:3f80::/29 maxlen: 29
2a12:6d80::/29 maxlen: 29
2a13:c540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:8a:27:ed:86:15:93:09:3f:c7:7a:ef:6a:0c:b0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jul 21 15:11:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db7723cb0828c75d352de5b91abad05a2e081c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:64:ac:bf:29:31:c2:62:82:4f:3e:90:19:fe:
eb:cb:e8:cd:31:68:ed:e5:9f:d1:a1:e9:a8:0e:dc:
25:e0:fd:c4:c1:f7:21:eb:39:89:03:c8:b6:ff:d4:
99:7a:b1:e5:75:51:ec:28:8a:fd:63:2e:cf:71:23:
10:4a:47:e8:77:72:ca:b6:0d:c4:21:e8:4c:3c:f2:
95:4c:93:4c:9c:a2:ca:79:6f:23:43:43:3a:a8:36:
c1:c1:8c:a5:72:7f:d3:76:7b:12:45:7c:c7:d7:75:
8b:35:d3:7b:22:eb:a9:dd:4f:1c:b8:60:4a:1e:95:
10:5c:7c:eb:54:86:a4:b7:ce:3a:22:98:74:f4:9b:
9e:32:53:49:f1:8f:56:22:55:07:46:42:c8:84:84:
9d:e7:90:fd:ef:34:ea:1a:34:90:80:48:cc:b2:90:
b3:15:a0:d7:d0:5b:90:49:6c:1f:f9:36:c0:20:e7:
f1:b5:34:39:ca:bb:fa:5a:66:28:b2:23:7a:c3:fe:
4e:3d:a6:2a:d7:75:6f:be:ee:7b:fe:38:cb:22:dc:
b0:ef:86:f1:f2:da:ee:a0:fe:c3:e7:9e:73:50:8e:
c4:40:a4:7a:af:f6:b1:af:3c:02:c8:1c:32:19:a5:
aa:68:12:68:a6:a0:56:53:5f:ec:fd:c4:7e:26:d7:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:77:23:CB:08:28:C7:5D:35:2D:E5:B9:1A:BA:D0:5A:2E:08:1C:6D
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/23cjywgox101LeW5GrrQWi4IHG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3f80::/29
2a12:6d80::/29
2a13:c540::/29
Signature Algorithm: sha256WithRSAEncryption
6a:45:c5:74:2c:ab:a4:fc:54:c0:23:23:53:68:3f:ef:1b:d3:
f6:50:21:04:0c:1e:59:f4:49:a2:cc:75:9b:21:42:c8:a7:f5:
a6:cd:16:e6:7d:c1:ab:fb:3f:18:51:06:67:33:cf:f8:e5:ea:
79:81:69:cf:bc:ff:b5:4c:b9:88:8e:b7:5a:c1:53:33:4e:69:
a0:45:23:a1:1d:dd:ab:ba:ec:80:46:b2:11:b7:8f:39:cf:ac:
2d:d5:19:98:42:68:62:dd:63:05:21:9a:a7:79:5e:ca:ee:fa:
39:2b:61:af:54:56:18:9b:73:5e:3c:54:83:4d:2a:04:83:79:
fa:d7:05:f1:4a:5d:07:d1:a2:44:15:81:bd:25:14:b3:13:eb:
b9:91:20:47:5a:a8:b2:65:02:3d:95:d8:53:d5:a5:5e:6b:bf:
32:42:7a:7a:ba:75:5c:11:77:8a:d5:ce:22:dc:94:a0:8f:c5:
91:c9:44:05:42:08:3a:38:4d:e6:6c:77:35:f3:af:52:06:f4:
27:1b:2a:8a:70:e7:6a:d7:b9:b3:13:f9:cd:03:17:b3:47:a7:
79:4c:1e:30:a9:8f:dd:ef:53:ca:f1:0c:9d:cd:aa:12:82:a4:
e6:00:18:57:47:5b:19:3b:de:e0:e6:65:48:cb:b7:2b:47:de:
ca:21:5b:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgtiifthhWTCT/Heu9qDLDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjUwNzIxMTUxMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc3MjNjYjA4MjhjNzVkMzUyZGU1YjkxYWJhZDA1YTJlMDgxYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWSsvykxwmKCTz6QGf7ry+jNMWjt
5Z/RoemoDtwl4P3Ewfch6zmJA8i2/9SZerHldVHsKIr9Yy7PcSMQSkfod3LKtg3E
IehMPPKVTJNMnKLKeW8jQ0M6qDbBwYylcn/TdnsSRXzH13WLNdN7Iuup3U8cuGBK
HpUQXHzrVIakt846Iph09JueMlNJ8Y9WIlUHRkLIhISd55D97zTqGjSQgEjMspCz
FaDX0FuQSWwf+TbAIOfxtTQ5yrv6WmYosiN6w/5OPaYq13Vvvu57/jjLItyw74bx
8truoP7D555zUI7EQKR6r/axrzwCyBwyGaWqaBJopqBWU1/s/cR+JtecVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNt3I8sIKMddNS3luRq60FouCBxtMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvMjNjanl3Z294MTAxTGVXNUdyclFXaTRJSEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhI/gAMF
AyoSbYADBQMqE8VAMA0GCSqGSIb3DQEBCwUAA4IBAQBqRcV0LKuk/FTAIyNTaD/v
G9P2UCEEDB5Z9EmizHWbIULIp/WmzRbmfcGr+z8YUQZnM8/45ep5gWnPvP+1TLmI
jrdawVMzTmmgRSOhHd2ruuyARrIRt485z6wt1RmYQmhi3WMFIZqneV7K7vo5K2Gv
VFYYm3NePFSDTSoEg3n61wXxSl0H0aJEFYG9JRSzE+u5kSBHWqiyZQI9ldhT1aVe
a78yQnp6unVcEXeK1c4i3JSgj8WRyUQFQgg6OE3mbHc1869SBvQnGyqKcOdq17mz
E/nNAxezR6d5TB4wqY/d71PK8QydzaoSgqTmABhXR1sZO97g5mVIy7crR97KIVtC
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:11:45 2025 by rpki-client