Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/kPwbkEdWtW3oHjMcm6HoAoktglw.roa
File: kPwbkEdWtW3oHjMcm6HoAoktglw.roa (raw, json)
Hash identifier: f7J8PYacDR6ERvzPBTS31NFGOxGEHO5Zm7rwEwz5mF4=
Subject key identifier: 90:FC:1B:90:47:56:B5:6D:E8:1E:33:1C:9B:A1:E8:02:89:2D:82:5C
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 01983C4B4F19F57F07CE96A578726DEC4B07
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/kPwbkEdWtW3oHjMcm6HoAoktglw.roa
Signing time: Thu 24 Jul 2025 11:57:05 +0000
ROA not before: Thu 24 Jul 2025 11:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206224
IP address blocks: 170.168.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:4b:4f:19:f5:7f:07:ce:96:a5:78:72:6d:ec:4b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Jul 24 11:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90fc1b904756b56de81e331c9ba1e802892d825c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:86:0b:3c:ac:0f:c3:b3:13:36:ea:fa:2f:
ab:1c:b2:d3:3e:a6:ee:41:fa:ca:4e:98:a8:a5:ef:
f0:2a:61:1d:94:7d:52:d5:0a:85:64:14:7d:18:db:
04:06:24:c4:88:b6:dc:8b:76:23:37:95:82:ae:14:
cb:82:6f:c4:0e:62:e4:f5:a7:2f:2a:22:f0:3e:47:
a6:b2:af:e5:77:ce:19:cb:0d:5c:49:93:76:2b:4a:
c7:93:2d:c2:45:f0:72:10:15:86:ec:9c:03:8e:ab:
cc:61:1c:41:e9:51:fa:12:a6:70:10:da:bc:46:5b:
5b:55:5b:a2:e4:e5:25:b4:c1:35:c4:8b:33:cc:a3:
1c:36:0e:3d:7b:f7:e1:0a:68:af:7f:2a:67:a9:55:
a9:9f:a3:1a:d3:49:26:dd:9e:e3:a9:8e:92:92:6d:
56:e7:dc:b8:f9:ce:c7:f4:5b:cb:93:8d:bb:65:e2:
12:c2:43:8b:3a:5d:0f:db:bb:79:4a:18:3d:64:5f:
ba:5a:df:14:29:4a:16:72:1b:e0:fb:22:61:3f:e3:
6c:f9:2c:99:c8:82:6c:cd:8a:a7:38:3e:31:e4:b1:
3f:e0:19:d5:ef:ef:d8:9b:eb:b8:cb:98:84:b1:8e:
b7:2e:c3:6b:c7:dc:ab:4b:37:d9:bf:d8:8f:e1:e3:
0d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FC:1B:90:47:56:B5:6D:E8:1E:33:1C:9B:A1:E8:02:89:2D:82:5C
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/kPwbkEdWtW3oHjMcm6HoAoktglw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.12.0/24
Signature Algorithm: sha256WithRSAEncryption
02:4f:ba:6c:7e:23:03:9b:c9:f9:c0:2e:5e:4c:0e:ae:20:34:
18:7c:61:c0:5b:a7:7b:aa:ac:2b:63:78:1b:01:18:47:f2:76:
cc:35:d0:91:7c:9a:9a:06:ea:1e:c2:c6:d0:ac:c3:ac:34:85:
d3:b0:e8:81:40:d1:4b:b3:47:61:47:d0:6c:90:c1:56:9d:29:
e0:fb:37:56:35:44:c8:db:aa:42:07:32:b5:a0:1f:f9:14:31:
87:74:87:cd:55:05:e5:35:a7:2c:ee:86:2e:e9:45:58:30:63:
a5:fb:39:fb:f0:f7:ce:3a:1d:49:74:39:a2:7d:21:aa:d8:33:
19:33:ee:6c:01:18:a0:79:e3:15:ac:c4:52:62:81:57:42:80:
00:1e:3c:28:ad:ef:78:10:4c:0f:42:4a:dc:fa:5c:b8:d4:46:
e1:03:be:be:e0:b5:10:4a:53:66:a3:b4:6f:d3:6e:a1:e0:b1:
6c:5b:4b:bf:10:d2:45:82:49:ed:c0:d1:1b:fc:a8:25:2a:c6:
6f:cc:6a:5b:61:51:23:3d:63:ea:de:74:ee:00:72:ac:b0:9d:
91:b5:a3:08:ed:c0:eb:39:d8:c4:42:b7:cd:57:02:72:73:c0:
b3:bf:92:bc:e4:02:a1:32:fb:a7:be:eb:c1:8d:37:17:35:01:
02:87:6c:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZg8S08Z9X8HzpaleHJt7EsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwNzI0MTE1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZjMWI5MDQ3NTZiNTZkZTgxZTMzMWM5YmExZTgwMjg5MmQ4MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIWGCzysD8OzEzbq+i+rHLLTPqbu
QfrKTpiope/wKmEdlH1S1QqFZBR9GNsEBiTEiLbci3YjN5WCrhTLgm/EDmLk9acv
KiLwPkemsq/ld84Zyw1cSZN2K0rHky3CRfByEBWG7JwDjqvMYRxB6VH6EqZwENq8
RltbVVui5OUltME1xIszzKMcNg49e/fhCmivfypnqVWpn6Ma00km3Z7jqY6Skm1W
59y4+c7H9FvLk427ZeISwkOLOl0P27t5Shg9ZF+6Wt8UKUoWchvg+yJhP+Ns+SyZ
yIJszYqnOD4x5LE/4BnV7+/Ym+u4y5iEsY63LsNrx9yrSzfZv9iP4eMNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJD8G5BHVrVt6B4zHJuh6AKJLYJcMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEva1B3YmtFZFd0VzNvSGpNY202SG9Bb2t0Z2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqgMMA0G
CSqGSIb3DQEBCwUAA4IBAQACT7psfiMDm8n5wC5eTA6uIDQYfGHAW6d7qqwrY3gb
ARhH8nbMNdCRfJqaBuoewsbQrMOsNIXTsOiBQNFLs0dhR9BskMFWnSng+zdWNUTI
26pCBzK1oB/5FDGHdIfNVQXlNacs7oYu6UVYMGOl+zn78PfOOh1JdDmifSGq2DMZ
M+5sARigeeMVrMRSYoFXQoAAHjwore94EEwPQkrc+ly41EbhA76+4LUQSlNmo7Rv
026h4LFsW0u/ENJFgkntwNEb/KglKsZvzGpbYVEjPWPq3nTuAHKssJ2RtaMI7cDr
OdjEQrfNVwJyc8Czv5K85AKhMvunvuvBjTcXNQECh2w/
-----END CERTIFICATE-----
Generated at Sat Jul 26 04:02:07 2025 by rpki-client