Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oAnccdGkA_z_gZDw-uOkFyw2uIk.roa
File: oAnccdGkA_z_gZDw-uOkFyw2uIk.roa (raw, json)
Hash identifier: P1jxXn4NK5dJCCmR4qw0ybk9n+dD+NVb4lKqB/aXfQc=
Subject key identifier: A0:09:DC:71:D1:A4:03:FC:FF:81:90:F0:FA:E3:A4:17:2C:36:B8:89
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0198195AED613DC7C57B4FE824EFEB53EC8C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oAnccdGkA_z_gZDw-uOkFyw2uIk.roa
Signing time: Thu 17 Jul 2025 17:07:26 +0000
ROA not before: Thu 17 Jul 2025 17:07:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:e8c0::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:19:5a:ed:61:3d:c7:c5:7b:4f:e8:24:ef:eb:53:ec:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jul 17 17:07:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a009dc71d1a403fcff8190f0fae3a4172c36b889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:19:39:c6:ba:c3:4b:2b:9f:9c:5d:1b:eb:
7e:e1:66:e0:30:d0:b3:a3:17:90:c8:ae:ad:40:de:
50:86:54:a1:0b:ec:96:60:16:ed:ee:b2:7e:ca:27:
e8:c9:d5:13:17:74:ac:e8:85:61:be:f1:5b:41:6b:
b5:cd:a2:1b:b5:f1:48:66:d1:76:66:93:9b:c2:f4:
32:1c:eb:5f:de:30:94:98:ac:88:16:e4:03:e4:b0:
1d:2b:43:4b:98:bf:76:ff:88:4e:fe:ec:a3:83:43:
68:ed:c6:e7:19:e2:cd:8c:52:bc:5a:0e:14:f5:fb:
c7:36:59:f7:73:d7:a5:c2:39:8a:f4:5d:b2:b2:3f:
a8:00:a0:7b:98:c1:0b:05:35:b5:18:1c:aa:45:33:
92:2b:4a:55:0e:8b:fd:1a:b3:cc:e2:58:52:90:c6:
ba:4e:52:d5:f5:73:4d:d6:28:9d:ba:57:e0:8d:95:
73:c0:ba:79:07:ad:23:c6:1f:cf:56:92:14:bc:5d:
11:2e:e7:ad:98:cc:13:2e:7b:0d:10:d0:14:54:db:
c0:de:3b:26:be:2f:62:9d:71:c1:a1:04:4b:62:7b:
e0:31:12:3b:a9:8a:a3:85:e5:62:4a:a9:5f:76:76:
d2:09:7d:4f:6d:bc:c2:66:37:ef:f6:00:11:04:44:
05:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:09:DC:71:D1:A4:03:FC:FF:81:90:F0:FA:E3:A4:17:2C:36:B8:89
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oAnccdGkA_z_gZDw-uOkFyw2uIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e8c0::/29
2a11:ff40::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:8a00::/29
2a12:d080::/29
Signature Algorithm: sha256WithRSAEncryption
8d:0a:66:2e:be:7e:51:e7:71:b9:6f:00:e9:c4:5b:e9:c7:81:
48:ef:20:39:f9:7b:84:20:c8:a8:83:ad:18:cf:db:ac:24:bd:
83:59:de:75:a2:ce:cc:5e:f1:c2:92:18:4d:d9:bd:67:3d:35:
0a:74:b4:9f:e9:3f:19:6c:e3:be:c5:8f:28:b6:1b:d8:de:11:
32:bd:63:a1:3c:f6:ef:eb:4c:c5:d4:a8:8c:6a:f6:aa:1a:a1:
29:3f:02:24:83:ae:aa:cc:ca:16:9c:10:da:90:08:75:0a:78:
49:21:37:f5:67:5a:ca:1a:da:1c:0b:d2:64:1b:09:cf:fe:ef:
e7:4d:14:c6:18:ff:86:5f:9d:dc:5b:40:98:76:89:1d:f3:29:
74:74:95:09:d6:30:f1:08:1b:75:25:c9:33:0d:4e:27:20:3a:
38:d9:4b:b3:c5:de:59:84:7c:3a:52:73:22:15:04:dd:15:28:
84:79:ef:89:a7:f4:e2:40:df:99:d3:b2:9c:f3:b0:b7:65:c4:
44:78:02:21:bb:30:80:48:0f:0e:ca:e3:f0:52:a1:7a:d7:55:
7d:c0:b5:de:cd:8f:f1:a6:1a:43:f4:ca:4a:2d:21:61:84:67:
3b:d4:5a:01:df:00:21:8f:73:96:03:73:86:1f:e0:ff:e0:49:
1e:48:a7:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgZWu1hPcfFe0/oJO/rU+yMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNzE3MTcwNzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA5ZGM3MWQxYTQwM2ZjZmY4MTkwZjBmYWUzYTQxNzJjMzZiODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwwZOca6w0srn5xdG+t+4WbgMNCz
oxeQyK6tQN5QhlShC+yWYBbt7rJ+yifoydUTF3Ss6IVhvvFbQWu1zaIbtfFIZtF2
ZpObwvQyHOtf3jCUmKyIFuQD5LAdK0NLmL92/4hO/uyjg0No7cbnGeLNjFK8Wg4U
9fvHNln3c9elwjmK9F2ysj+oAKB7mMELBTW1GByqRTOSK0pVDov9GrPM4lhSkMa6
TlLV9XNN1iidulfgjZVzwLp5B60jxh/PVpIUvF0RLuetmMwTLnsNENAUVNvA3jsm
vi9inXHBoQRLYnvgMRI7qYqjheViSqlfdnbSCX1PbbzCZjfv9gARBEQFBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKAJ3HHRpAP8/4GQ8PrjpBcsNriJMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvb0FuY2NkR2tBX3pfZ1pEdy11T2tGeXcydUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhHowAMF
AyoR/0ADBQMqEi6AAwUDKhI8AAMFAyoSigADBQMqEtCAMA0GCSqGSIb3DQEBCwUA
A4IBAQCNCmYuvn5R53G5bwDpxFvpx4FI7yA5+XuEIMiog60Yz9usJL2DWd51os7M
XvHCkhhN2b1nPTUKdLSf6T8ZbOO+xY8othvY3hEyvWOhPPbv60zF1KiMavaqGqEp
PwIkg66qzMoWnBDakAh1CnhJITf1Z1rKGtocC9JkGwnP/u/nTRTGGP+GX53cW0CY
dokd8yl0dJUJ1jDxCBt1JckzDU4nIDo42Uuzxd5ZhHw6UnMiFQTdFSiEee+Jp/Ti
QN+Z07Kc87C3ZcREeAIhuzCASA8OyuPwUqF611V9wLXezY/xphpD9MpKLSFhhGc7
1FoB3wAhj3OWA3OGH+D/4EkeSKcH
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:04:04 2025 by rpki-client