Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mxAMRSbkDznTEbPF5N19qenDsU8.roa
File: mxAMRSbkDznTEbPF5N19qenDsU8.roa (raw, json)
Hash identifier: ur7W44S4TLVAof77kuSb6v12hJqMvOyziCVMGbKEYDc=
Subject key identifier: 9B:10:0C:45:26:E4:0F:39:D3:11:B3:C5:E4:DD:7D:A9:E9:C3:B1:4F
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 01981D884368A1EB0C92A3A7A31FF4C99544
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mxAMRSbkDznTEbPF5N19qenDsU8.roa
Signing time: Fri 18 Jul 2025 12:35:26 +0000
ROA not before: Fri 18 Jul 2025 12:35:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206938
IP address blocks: 2a07:4a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:88:43:68:a1:eb:0c:92:a3:a7:a3:1f:f4:c9:95:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Jul 18 12:35:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b100c4526e40f39d311b3c5e4dd7da9e9c3b14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:80:2f:63:b7:79:d5:44:61:e3:c3:e8:f4:
ba:19:e4:9e:39:96:e4:59:42:e5:ff:f7:d8:bf:92:
19:8f:71:a6:e3:2d:b0:af:3c:42:3a:6e:a2:06:23:
08:76:6a:5a:5d:5e:c3:a7:4d:08:5e:a6:c5:2a:1f:
28:e5:40:41:68:c8:05:7e:a7:8d:81:48:ae:9e:a6:
1a:5b:87:a4:33:e2:97:8f:01:32:e0:a3:f4:58:d6:
31:28:dc:c8:ea:aa:7b:28:cb:13:f6:22:32:2d:63:
45:44:a8:95:6e:48:28:97:b0:10:fc:16:cb:1a:dc:
45:f2:bd:da:e3:80:0a:94:61:eb:b7:8f:53:57:78:
9f:34:ce:94:7d:a7:da:d6:69:f9:a5:7a:35:45:b8:
ed:73:c9:74:49:56:c1:2e:45:1c:4b:78:94:c8:28:
15:a4:96:0c:a4:e1:c4:6e:8f:52:f8:f3:58:89:49:
61:16:97:6c:49:e8:31:0d:9a:60:c4:a5:5b:0f:8b:
d6:60:52:af:15:39:f0:b4:93:5d:99:66:c5:69:3d:
a3:5c:8a:7f:68:94:b2:02:39:fa:05:14:28:bc:de:
fc:02:4e:2b:f1:ef:9c:c5:7f:7a:90:e3:64:23:d4:
3f:99:ee:70:62:91:9b:43:c6:57:93:67:41:ff:da:
22:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:10:0C:45:26:E4:0F:39:D3:11:B3:C5:E4:DD:7D:A9:E9:C3:B1:4F
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mxAMRSbkDznTEbPF5N19qenDsU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
29:74:cd:1e:34:e4:6e:dd:39:e4:cc:3c:32:6c:53:50:c5:e1:
bd:6a:56:58:f0:67:6f:d3:1c:32:68:f9:ca:f8:5e:0a:d6:79:
76:34:4a:7a:fa:bb:59:cb:db:d3:61:a7:52:75:b7:e3:a2:c9:
4a:75:9e:ff:f4:13:2c:97:34:32:f8:37:bd:99:70:6d:50:30:
5c:17:b8:9e:55:f1:82:25:fe:40:e6:6d:2f:7a:95:09:be:ac:
47:6d:57:5c:85:3a:19:89:bc:52:0f:7d:9a:7e:66:95:66:28:
8b:e1:bd:ae:a2:da:99:ae:da:8c:2f:d7:3b:e6:93:4f:a0:3c:
1b:84:98:d0:97:88:c0:ff:b3:e4:8d:66:bf:36:a8:29:f3:3f:
55:83:11:b8:93:10:20:31:9f:8d:ca:98:69:5a:83:14:4c:c1:
ff:fa:5d:a3:f9:3b:51:e3:98:a0:ae:8f:66:d8:15:44:27:fc:
88:a5:29:b9:54:f3:44:6f:ad:b0:ae:3a:96:22:4f:f2:da:28:
41:6b:a3:02:5f:0d:1c:90:44:0f:9b:4e:e0:5a:cd:83:30:06:
81:d7:1e:5e:29:3b:69:e7:84:b7:ed:a6:e9:c9:07:4d:60:6b:
97:3e:21:44:69:f6:47:e8:26:66:02:80:07:9b:cd:57:2e:6c:
7e:c7:c9:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZgdiENooesMkqOnox/0yZVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjUwNzE4MTIzNTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjEwMGM0NTI2ZTQwZjM5ZDMxMWIzYzVlNGRkN2RhOWU5YzNiMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZuAL2O3edVEYePD6PS6GeSeOZbk
WULl//fYv5IZj3Gm4y2wrzxCOm6iBiMIdmpaXV7Dp00IXqbFKh8o5UBBaMgFfqeN
gUiunqYaW4ekM+KXjwEy4KP0WNYxKNzI6qp7KMsT9iIyLWNFRKiVbkgol7AQ/BbL
GtxF8r3a44AKlGHrt49TV3ifNM6Ufafa1mn5pXo1Rbjtc8l0SVbBLkUcS3iUyCgV
pJYMpOHEbo9S+PNYiUlhFpdsSegxDZpgxKVbD4vWYFKvFTnwtJNdmWbFaT2jXIp/
aJSyAjn6BRQovN78Ak4r8e+cxX96kONkI9Q/me5wYpGbQ8ZXk2dB/9oi2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJsQDEUm5A850xGzxeTdfanpw7FPMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvbXhBTVJTYmtEem5URWJQRjVOMTlxZW5Ec1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgdKADAN
BgkqhkiG9w0BAQsFAAOCAQEAKXTNHjTkbt055Mw8MmxTUMXhvWpWWPBnb9McMmj5
yvheCtZ5djRKevq7Wcvb02GnUnW346LJSnWe//QTLJc0Mvg3vZlwbVAwXBe4nlXx
giX+QOZtL3qVCb6sR21XXIU6GYm8Ug99mn5mlWYoi+G9rqLama7ajC/XO+aTT6A8
G4SY0JeIwP+z5I1mvzaoKfM/VYMRuJMQIDGfjcqYaVqDFEzB//pdo/k7UeOYoK6P
ZtgVRCf8iKUpuVTzRG+tsK46liJP8tooQWujAl8NHJBED5tO4FrNgzAGgdceXik7
aeeEt+2m6ckHTWBrlz4hRGn2R+gmZgKAB5vNVy5sfsfJNg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:27:53 2025 by rpki-client