Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/v7n-0r9KgIhGKTchu2jwbHB0z74.roa
File: v7n-0r9KgIhGKTchu2jwbHB0z74.roa (raw, json)
Hash identifier: Uqi7ReaJs7BBVFTKxxZ3ijn7JitQR2P+yiINISqSbUc=
Subject key identifier: BF:B9:FE:D2:BF:4A:80:88:46:29:37:21:BB:68:F0:6C:70:74:CF:BE
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 01982CA4ACD0B0182427A267617645197BE8
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/v7n-0r9KgIhGKTchu2jwbHB0z74.roa
Signing time: Mon 21 Jul 2025 11:00:46 +0000
ROA not before: Mon 21 Jul 2025 11:00:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a02:3040:43:ff00::/56 maxlen: 56
2a02:3040:4d::/48 maxlen: 48
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:4f:8000::/50 maxlen: 50
2a02:3040:4f:c000::/50 maxlen: 50
2a02:3040:50::/48 maxlen: 48
2a02:3040:51::/48 maxlen: 48
2a02:3040:58::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:a4:ac:d0:b0:18:24:27:a2:67:61:76:45:19:7b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jul 21 11:00:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfb9fed2bf4a808846293721bb68f06c7074cfbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:c9:14:26:79:07:60:b7:36:09:94:b8:fd:
ae:ea:a3:5a:73:16:e1:51:3a:5a:e5:25:1f:6c:60:
73:ad:15:26:64:88:ee:f6:24:9e:28:15:36:50:eb:
95:38:78:d2:3a:15:1c:cb:63:b6:3b:56:46:eb:be:
9a:8d:a2:21:26:2f:27:2e:c1:17:84:69:7c:d7:cd:
83:d6:2a:99:46:51:1c:3a:9f:6b:df:ff:ca:58:f5:
1d:e3:b6:62:72:a9:f3:56:5c:7a:de:9d:c2:2f:1d:
7f:c6:1f:8e:c3:cd:5f:92:3f:a0:10:39:e9:74:98:
3b:18:41:c5:fe:c4:04:d7:a4:09:18:2c:17:f3:49:
a9:57:4f:7e:10:bb:c6:70:ca:b0:13:44:af:f3:e4:
0e:3a:e1:d3:86:2a:1e:99:d0:fd:69:b5:ae:af:7d:
ab:37:9c:aa:61:f7:46:05:9a:7a:b2:c9:b7:c2:0a:
04:9e:8c:53:9f:f6:d7:67:46:58:7a:0f:6c:4b:4f:
68:fc:98:c4:90:83:cd:3a:cd:6a:d5:24:06:da:5f:
67:9d:e3:81:e3:2b:32:55:87:2b:7d:2f:e4:08:bb:
db:96:e2:eb:60:4f:5a:ce:bd:7b:93:f0:91:39:fa:
b3:c7:a4:c8:0e:1b:57:22:bf:8c:1e:23:07:4b:bf:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B9:FE:D2:BF:4A:80:88:46:29:37:21:BB:68:F0:6C:70:74:CF:BE
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/v7n-0r9KgIhGKTchu2jwbHB0z74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4d::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:4f:8000::-2a02:3040:51:ffff:ffff:ffff:ffff:ffff
2a02:3040:58::/48
Signature Algorithm: sha256WithRSAEncryption
80:c3:d5:ae:af:0c:17:cd:4c:91:bc:7b:4d:49:95:23:1d:e5:
bb:9c:59:19:8d:fc:31:96:12:b7:42:13:50:f7:f1:50:03:ad:
89:e9:8e:91:49:25:60:9e:23:a4:f0:a5:90:92:58:f0:94:19:
66:da:f3:b3:dc:ee:87:5d:a9:7f:19:2d:a4:a9:93:19:84:a6:
99:fe:d5:46:f5:e9:b4:97:aa:28:3c:b8:72:71:f5:a0:2d:93:
2c:bb:b3:fa:04:3c:86:34:f9:2d:83:f6:15:b0:46:fb:c3:ee:
65:26:b9:e8:d9:45:e4:da:75:a7:49:84:bb:54:4c:c5:a6:3b:
31:f0:44:3f:c1:a9:a1:fd:1e:8b:b6:24:58:b9:e2:c8:73:62:
86:7e:a4:92:16:36:7d:35:72:9c:b5:73:72:9b:68:e2:93:62:
c9:2f:e1:67:cb:b3:b5:46:bf:31:32:ba:47:44:51:64:e6:ab:
21:60:93:ce:24:27:03:26:f5:40:d1:e8:06:71:fe:86:b5:39:
2f:1b:1c:3b:3c:8b:ab:43:80:e9:d0:47:3a:09:2e:a6:4d:8b:
6e:34:d4:e9:03:47:8a:73:68:77:52:69:09:9b:68:a9:d7:13:
51:2c:3d:3a:e2:d2:73:11:f9:59:2d:b4:78:d0:2a:a0:eb:85:
46:38:de:05
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZgspKzQsBgkJ6JnYXZFGXvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjUwNzIxMTEwMDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmI5ZmVkMmJmNGE4MDg4NDYyOTM3MjFiYjY4ZjA2YzcwNzRjZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLrJFCZ5B2C3NgmUuP2u6qNacxbh
UTpa5SUfbGBzrRUmZIju9iSeKBU2UOuVOHjSOhUcy2O2O1ZG676ajaIhJi8nLsEX
hGl8182D1iqZRlEcOp9r3//KWPUd47ZicqnzVlx63p3CLx1/xh+Ow81fkj+gEDnp
dJg7GEHF/sQE16QJGCwX80mpV09+ELvGcMqwE0Sv8+QOOuHThioemdD9abWur32r
N5yqYfdGBZp6ssm3wgoEnoxTn/bXZ0ZYeg9sS09o/JjEkIPNOs1q1SQG2l9nneOB
4ysyVYcrfS/kCLvbluLrYE9azr17k/CROfqzx6TIDhtXIr+MHiMHS79VjQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFL+5/tK/SoCIRik3Ibto8GxwdM++MB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvdjduLTByOUtnSWhHS1RjaHUyandiSEIwejc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAAjA9AwgAKgIwQABD
/zATAwcAKgIwQABNAwgGKgIwQABPADATAwgHKgIwQABPgAMHASoCMEAAUAMHACoC
MEAAWDANBgkqhkiG9w0BAQsFAAOCAQEAgMPVrq8MF81Mkbx7TUmVIx3lu5xZGY38
MZYSt0ITUPfxUAOtiemOkUklYJ4jpPClkJJY8JQZZtrzs9zuh12pfxktpKmTGYSm
mf7VRvXptJeqKDy4cnH1oC2TLLuz+gQ8hjT5LYP2FbBG+8PuZSa56NlF5Np1p0mE
u1RMxaY7MfBEP8Gpof0ei7YkWLniyHNihn6kkhY2fTVynLVzcpto4pNiyS/hZ8uz
tUa/MTK6R0RRZOarIWCTziQnAyb1QNHoBnH+hrU5LxscOzyLq0OA6dBHOgkupk2L
bjTU6QNHinNod1JpCZtoqdcTUSw9OuLScxH5WS20eNAqoOuFRjjeBQ==
-----END CERTIFICATE-----
Generated at Tue Jul 29 01:58:35 2025 by rpki-client