Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0zLUnkE_JkgrxOIVDLuU6Lb7ThU.roa
File: 0zLUnkE_JkgrxOIVDLuU6Lb7ThU.roa (raw, json)
Hash identifier: nvV0MD8JcncS7i7FBOBWsJRsDoIMoI4u5lt7KTJYKcM=
Subject key identifier: D3:32:D4:9E:41:3F:26:48:2B:C4:E2:15:0C:BB:94:E8:B6:FB:4E:15
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019828B54A19A415094C7D636284EF815307
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0zLUnkE_JkgrxOIVDLuU6Lb7ThU.roa
Signing time: Sun 20 Jul 2025 16:40:26 +0000
ROA not before: Sun 20 Jul 2025 16:40:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207994
IP address blocks: 2a10:ccc2:a0::/44 maxlen: 48
2a10:ccc2:a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:28:b5:4a:19:a4:15:09:4c:7d:63:62:84:ef:81:53:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 20 16:40:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d332d49e413f26482bc4e2150cbb94e8b6fb4e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ba:ab:82:ed:9a:44:54:86:97:75:40:e9:7e:
03:d7:62:5e:d8:cc:2a:d5:a2:1d:ce:2d:82:b0:68:
5e:8c:a8:56:1a:19:c0:cb:53:3f:86:2f:17:23:35:
5d:f4:fa:a3:d6:9d:ea:3a:05:5a:e5:bb:18:28:fb:
da:25:fe:a3:05:21:97:56:9e:43:c7:af:d8:86:24:
f4:14:74:ec:78:da:2d:be:fc:2d:0c:1c:4e:17:ec:
5b:2a:8f:2e:5b:c5:11:5b:d1:7c:ba:7a:24:ae:d7:
78:f4:a7:d6:44:10:7d:57:32:fb:4d:6e:2a:44:72:
c7:1e:09:09:82:3e:96:60:10:4e:6b:4a:cb:b8:0f:
b3:cd:0b:2a:71:11:0f:b5:91:86:27:ad:2a:52:04:
9d:5c:66:33:95:cc:52:8e:33:0c:c0:ba:cd:08:c5:
b7:51:f8:44:04:82:e1:d8:48:89:f2:31:3f:1f:39:
0c:32:2a:cc:d5:ea:3b:9e:ad:0c:ea:ce:cc:93:69:
50:c0:2b:af:97:9a:9c:70:d7:93:8f:89:8c:80:b5:
92:12:53:46:f5:79:f0:fc:0d:fe:0b:c2:49:0d:bb:
3f:6c:bc:c2:3d:ef:35:eb:77:23:19:2e:7b:58:17:
0c:e3:3e:dc:4c:b2:1a:cb:9d:41:95:46:97:9e:4b:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:32:D4:9E:41:3F:26:48:2B:C4:E2:15:0C:BB:94:E8:B6:FB:4E:15
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0zLUnkE_JkgrxOIVDLuU6Lb7ThU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc2:a0::/44
Signature Algorithm: sha256WithRSAEncryption
62:06:e7:90:03:03:2f:8c:d5:32:9e:db:66:da:86:76:f9:8a:
09:7b:30:ff:1b:d5:aa:5c:3b:41:98:be:b4:db:49:fd:81:48:
87:9c:3e:e0:f1:3a:e2:34:a7:90:67:4f:5a:2b:eb:7b:74:de:
7c:12:ec:33:c1:93:24:6e:66:c9:2b:87:0c:3e:59:5a:12:40:
df:3c:1a:03:ce:37:e3:6d:77:3d:5e:fb:59:05:dd:46:75:c6:
d4:d9:a4:93:05:34:64:a3:89:38:bd:fe:95:ef:3c:71:c7:0f:
c8:6f:f1:15:6f:64:e2:73:be:d7:1a:91:2d:dc:e0:55:7d:22:
bc:78:b5:fa:14:06:26:40:6a:ad:34:8e:c4:f9:c2:ff:70:e7:
a5:66:4f:8a:2a:e6:57:36:cb:1e:a2:b2:a6:24:da:f8:a2:d9:
cc:b8:4d:ba:c2:45:e9:1c:38:15:36:1a:ab:5b:7c:93:00:c1:
80:5c:6a:60:c3:2d:14:a0:e9:b0:4e:46:90:f0:f5:6d:a1:02:
a1:e8:5c:1a:2e:1d:d2:d5:7a:63:76:37:3b:db:95:53:e3:8c:
91:63:68:42:46:4a:92:cf:1b:e6:7e:6d:10:09:c6:50:03:8e:
17:f9:a9:2d:a7:5d:2d:d1:ff:08:e0:cc:23:09:61:5c:05:b4:
71:a7:65:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZgotUoZpBUJTH1jYoTvgVMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNzIwMTY0MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzMyZDQ5ZTQxM2YyNjQ4MmJjNGUyMTUwY2JiOTRlOGI2ZmI0ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrqrgu2aRFSGl3VA6X4D12Je2Mwq
1aIdzi2CsGhejKhWGhnAy1M/hi8XIzVd9Pqj1p3qOgVa5bsYKPvaJf6jBSGXVp5D
x6/YhiT0FHTseNotvvwtDBxOF+xbKo8uW8URW9F8unokrtd49KfWRBB9VzL7TW4q
RHLHHgkJgj6WYBBOa0rLuA+zzQsqcREPtZGGJ60qUgSdXGYzlcxSjjMMwLrNCMW3
UfhEBILh2EiJ8jE/HzkMMirM1eo7nq0M6s7Mk2lQwCuvl5qccNeTj4mMgLWSElNG
9Xnw/A3+C8JJDbs/bLzCPe8163cjGS57WBcM4z7cTLIay51BlUaXnksAdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNMy1J5BPyZIK8TiFQy7lOi2+04VMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMHpMVW5rRV9Ka2dyeE9JVkRMdVU2TGI3VGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMwgCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBiBueQAwMvjNUynttm2oZ2+YoJezD/G9WqXDtB
mL6020n9gUiHnD7g8TriNKeQZ09aK+t7dN58EuwzwZMkbmbJK4cMPllaEkDfPBoD
zjfjbXc9XvtZBd1GdcbU2aSTBTRko4k4vf6V7zxxxw/Ib/EVb2Tic77XGpEt3OBV
fSK8eLX6FAYmQGqtNI7E+cL/cOelZk+KKuZXNsseorKmJNr4otnMuE26wkXpHDgV
NhqrW3yTAMGAXGpgwy0UoOmwTkaQ8PVtoQKh6FwaLh3S1Xpjdjc725VT44yRY2hC
RkqSzxvmfm0QCcZQA44X+aktp10t0f8I4MwjCWFcBbRxp2XG
-----END CERTIFICATE-----
Generated at Sat Jul 26 13:14:19 2025 by rpki-client