Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/PQXaxHl_x5hCLUsVIoHDCNRTgCQ.roa
File: PQXaxHl_x5hCLUsVIoHDCNRTgCQ.roa (raw, json)
Hash identifier: 92Bl42I20RnqTYIC6hXMCEhevLacaiZKxk7OT2RhVWs=
Subject key identifier: 3D:05:DA:C4:79:7F:C7:98:42:2D:4B:15:22:81:C3:08:D4:53:80:24
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 0197D44392F12F6CBCE94F69BD95FF47FD13
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/PQXaxHl_x5hCLUsVIoHDCNRTgCQ.roa
Signing time: Fri 04 Jul 2025 07:08:07 +0000
ROA not before: Fri 04 Jul 2025 07:08:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41289
IP address blocks: 2a02:11f8:80::/48 maxlen: 48
2a02:11f8:90::/48 maxlen: 48
2a02:11f8:a0::/48 maxlen: 48
2a02:11f8:b0::/48 maxlen: 48
2a02:11f8:c0::/48 maxlen: 48
2a02:11f8:d0::/48 maxlen: 48
2a02:11f8:f0::/48 maxlen: 48
2a02:11f8:110::/48 maxlen: 48
2a02:11f8:120::/48 maxlen: 48
2a02:11f8:130::/48 maxlen: 48
2a02:11f8:140::/48 maxlen: 48
2a02:11f8:150::/48 maxlen: 48
2a02:11f8:160::/47 maxlen: 47
2a02:11f8:1b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:43:92:f1:2f:6c:bc:e9:4f:69:bd:95:ff:47:fd:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Jul 4 07:08:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d05dac4797fc798422d4b152281c308d4538024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b2:d3:2c:9b:81:89:0e:51:75:f2:b4:a1:bf:
df:c1:bf:71:12:35:66:c1:1b:9f:66:ee:87:a5:58:
92:2b:a4:6b:f4:1d:66:61:02:45:86:29:5a:93:96:
57:41:05:77:99:f9:c2:28:a2:6d:4f:5a:7f:ca:ba:
9e:3c:bf:31:0f:41:8f:35:b3:d0:9a:39:f3:f2:09:
64:68:e6:45:45:b8:4f:90:7b:34:02:07:06:08:88:
d7:13:9f:4c:40:45:1b:b8:12:a3:40:dc:a8:fe:85:
ba:c8:3a:03:bd:91:fb:16:72:c5:ca:2b:56:c1:94:
80:8b:65:ec:f3:be:79:8d:67:fb:ac:cc:9b:f8:61:
c7:77:f2:26:ea:d2:2f:32:99:23:05:ef:6b:8c:a1:
2c:0c:d7:3b:11:38:a4:59:7f:bf:eb:f6:e4:dd:59:
bb:5e:c8:9e:21:23:8c:6e:ec:fc:31:bf:a6:9d:94:
54:bc:4d:a5:57:1f:d0:df:47:06:0f:b8:a9:41:b2:
9d:1c:81:02:80:c2:c0:b4:56:ff:1e:9a:df:7b:d1:
1f:f8:7d:30:37:1c:84:84:ba:eb:c2:f0:44:a5:43:
81:e1:db:47:a2:ad:6c:b7:2b:53:a6:9e:db:04:a6:
4f:ea:83:90:47:34:c8:10:56:7b:50:74:40:20:1e:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:05:DA:C4:79:7F:C7:98:42:2D:4B:15:22:81:C3:08:D4:53:80:24
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/PQXaxHl_x5hCLUsVIoHDCNRTgCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11f8:80::/48
2a02:11f8:90::/48
2a02:11f8:a0::/48
2a02:11f8:b0::/48
2a02:11f8:c0::/48
2a02:11f8:d0::/48
2a02:11f8:f0::/48
2a02:11f8:110::/48
2a02:11f8:120::/48
2a02:11f8:130::/48
2a02:11f8:140::/48
2a02:11f8:150::/48
2a02:11f8:160::/47
2a02:11f8:1b0::/48
Signature Algorithm: sha256WithRSAEncryption
35:e1:03:72:88:f4:40:2d:70:43:95:92:36:0e:ea:a9:b7:0c:
15:68:23:f6:48:e7:5b:69:5f:89:8f:74:02:46:63:29:2a:8a:
23:d1:85:9d:f9:a7:42:16:a2:f4:df:f1:61:89:fe:ef:ba:e0:
9c:6c:23:fd:40:b2:73:fc:51:3c:7e:f1:3e:87:22:6a:67:ad:
af:fb:17:4b:ed:58:e0:fb:99:70:00:e0:1d:94:7e:ab:e8:4f:
43:6e:67:fc:35:a8:87:ce:1a:ca:02:5a:6d:83:c1:7c:6a:73:
3c:35:8d:e9:e5:df:85:3e:ba:0c:b0:70:cf:2a:a3:e4:16:8d:
6e:71:fb:dc:d1:05:57:eb:3a:a2:12:44:a2:51:10:bb:d9:22:
44:9f:7d:03:e5:29:4b:45:06:bc:fb:86:92:a7:77:4c:f3:2c:
37:b2:90:72:ff:9d:82:89:1a:a2:33:34:fc:53:dd:72:db:c4:
c2:da:02:9c:64:67:f8:e7:f7:5a:7b:63:43:3b:b0:a4:63:85:
b4:94:bb:fb:4e:6f:02:cf:b9:29:ca:e2:8f:a7:d1:ed:ca:e1:
7e:2b:a4:2e:08:93:d3:44:e0:57:85:59:50:5b:77:90:dd:27:
91:9c:d2:9e:cb:1d:f6:90:71:ec:b7:34:79:e3:57:48:60:41:
82:41:13:55
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZfUQ5LxL2y86U9pvZX/R/0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwNzA0MDcwODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA1ZGFjNDc5N2ZjNzk4NDIyZDRiMTUyMjgxYzMwOGQ0NTM4MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrLTLJuBiQ5RdfK0ob/fwb9xEjVm
wRufZu6HpViSK6Rr9B1mYQJFhilak5ZXQQV3mfnCKKJtT1p/yrqePL8xD0GPNbPQ
mjnz8glkaOZFRbhPkHs0AgcGCIjXE59MQEUbuBKjQNyo/oW6yDoDvZH7FnLFyitW
wZSAi2Xs8755jWf7rMyb+GHHd/Im6tIvMpkjBe9rjKEsDNc7ETikWX+/6/bk3Vm7
XsieISOMbuz8Mb+mnZRUvE2lVx/Q30cGD7ipQbKdHIECgMLAtFb/Hprfe9Ef+H0w
NxyEhLrrwvBEpUOB4dtHoq1stytTpp7bBKZP6oOQRzTIEFZ7UHRAIB6cwwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFD0F2sR5f8eYQi1LFSKBwwjUU4AkMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvUFFYYXhIbF94NWhDTFVzVklvSERDTlJUZ0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMHACoC
EfgAgAMHACoCEfgAkAMHACoCEfgAoAMHACoCEfgAsAMHACoCEfgAwAMHACoCEfgA
0AMHACoCEfgA8AMHACoCEfgBEAMHACoCEfgBIAMHACoCEfgBMAMHACoCEfgBQAMH
ACoCEfgBUAMHASoCEfgBYAMHACoCEfgBsDANBgkqhkiG9w0BAQsFAAOCAQEANeED
coj0QC1wQ5WSNg7qqbcMFWgj9kjnW2lfiY90AkZjKSqKI9GFnfmnQhai9N/xYYn+
77rgnGwj/UCyc/xRPH7xPociametr/sXS+1Y4PuZcADgHZR+q+hPQ25n/DWoh84a
ygJabYPBfGpzPDWN6eXfhT66DLBwzyqj5BaNbnH73NEFV+s6ohJEolEQu9kiRJ99
A+UpS0UGvPuGkqd3TPMsN7KQcv+dgokaojM0/FPdctvEwtoCnGRn+Of3WntjQzuw
pGOFtJS7+05vAs+5Kcrij6fR7crhfiukLgiT00TgV4VZUFt3kN0nkZzSnssd9pBx
7Lc0eeNXSGBBgkETVQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:29:06 2025 by rpki-client