Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/oQkeKuCNYYhtIVvVtY9bHW8pNwA.roa
File: oQkeKuCNYYhtIVvVtY9bHW8pNwA.roa (raw, json)
Hash identifier: 0K0xoNqxLDuZubebOCg8Xa7Zpz+/co5/ESuCrauBj1s=
Subject key identifier: A1:09:1E:2A:E0:8D:61:88:6D:21:5B:D5:B5:8F:5B:1D:6F:29:37:00
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0198347788E7D881AF6881F85E1A62C0BF8F
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/oQkeKuCNYYhtIVvVtY9bHW8pNwA.roa
Signing time: Tue 22 Jul 2025 23:28:25 +0000
ROA not before: Tue 22 Jul 2025 23:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 2a03:efc0:4900::/40 maxlen: 40
2a03:efc0:4920::/43 maxlen: 43
2a03:efc0:4940::/43 maxlen: 43
2a03:efc0:4960::/43 maxlen: 43
2a03:efc0:4980::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:34:77:88:e7:d8:81:af:68:81:f8:5e:1a:62:c0:bf:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 22 23:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1091e2ae08d61886d215bd5b58f5b1d6f293700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ca:46:79:de:7b:c3:da:c6:be:3d:aa:4a:db:
a5:f8:04:bb:de:13:a7:ed:7e:68:c5:4d:82:d6:5e:
25:75:13:a3:ee:80:3d:f3:88:08:b6:b4:e9:70:f4:
87:6c:11:ae:ea:3c:a9:f6:3a:e8:c8:4a:ee:61:c3:
e8:c1:a4:47:46:66:a4:e2:ed:18:9c:ee:4c:f4:14:
c3:47:77:4a:12:c4:89:99:98:ca:bf:f7:bd:e6:dc:
c2:cd:f0:33:4b:8b:81:50:2d:f2:99:b3:8b:99:74:
1e:d7:96:6f:ff:40:8b:c1:68:e8:e6:1b:53:d7:4d:
be:80:aa:d7:72:85:78:85:71:5e:56:a3:c0:df:54:
fb:55:d4:4d:e2:c8:6a:87:57:2d:1b:2f:cc:02:11:
7e:bc:07:1d:1b:ad:a4:05:a3:ae:66:9c:1c:23:6d:
da:15:67:77:92:53:4c:be:3d:96:b4:59:ea:f8:64:
8c:28:72:50:fe:52:34:9e:3f:b6:1e:0b:79:9d:a8:
66:19:ac:3f:52:0f:e4:33:c5:b8:e8:a8:da:98:0f:
72:3c:c0:f2:ff:5b:be:f8:e2:85:b2:8a:05:1e:42:
be:33:fa:3f:69:45:c8:3f:51:de:32:65:5b:50:91:
2d:86:ad:2d:01:da:e8:1f:73:07:89:f2:df:29:0c:
bb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:09:1E:2A:E0:8D:61:88:6D:21:5B:D5:B5:8F:5B:1D:6F:29:37:00
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/oQkeKuCNYYhtIVvVtY9bHW8pNwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:4900::/40
Signature Algorithm: sha256WithRSAEncryption
a3:9f:65:e9:6e:74:a8:9f:a7:5b:fc:1c:ea:a0:2c:3c:2a:1b:
a4:d5:56:89:fe:5f:69:7e:f6:4e:09:96:82:9d:5a:9a:96:a6:
49:b7:68:46:7c:db:c2:09:5e:a6:98:c2:89:49:01:3e:35:7b:
6f:23:25:f0:05:52:b2:f3:ac:50:29:6e:a0:d4:69:a4:b2:83:
bd:d9:22:ba:4e:ea:7b:e2:e6:75:47:12:79:3b:31:70:54:a1:
a6:de:9a:cf:60:aa:c9:f8:c1:47:fe:48:91:bb:ff:0c:87:26:
dc:18:de:ac:e4:f1:af:30:9c:31:f0:13:4e:49:3d:67:dc:e7:
3d:ab:2e:5e:73:04:15:1e:5a:c5:05:1c:51:95:8b:87:16:0a:
64:9b:a6:7b:e3:1b:7d:03:b2:a6:25:43:f3:2d:73:ff:2e:62:
5a:82:89:bb:3b:24:9e:31:b1:3e:8c:d3:41:a4:92:d9:cc:34:
ce:cd:cb:98:8d:6f:7c:cc:cc:c6:7c:c5:bf:c3:98:8f:88:94:
fc:d6:61:c0:1b:76:34:ed:27:1b:0f:62:4e:31:b8:33:8e:24:
99:9b:f5:16:37:66:1c:48:59:c5:f2:ff:75:4c:80:66:3d:79:
f7:9a:ec:5d:1e:79:40:13:53:87:90:76:f3:99:29:d7:e8:b6:
04:3f:fd:74
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZg0d4jn2IGvaIH4XhpiwL+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjUwNzIyMjMyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA5MWUyYWUwOGQ2MTg4NmQyMTViZDViNThmNWIxZDZmMjkzNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MpGed57w9rGvj2qStul+AS73hOn
7X5oxU2C1l4ldROj7oA984gItrTpcPSHbBGu6jyp9jroyEruYcPowaRHRmak4u0Y
nO5M9BTDR3dKEsSJmZjKv/e95tzCzfAzS4uBUC3ymbOLmXQe15Zv/0CLwWjo5htT
102+gKrXcoV4hXFeVqPA31T7VdRN4shqh1ctGy/MAhF+vAcdG62kBaOuZpwcI23a
FWd3klNMvj2WtFnq+GSMKHJQ/lI0nj+2Hgt5nahmGaw/Ug/kM8W46KjamA9yPMDy
/1u++OKFsooFHkK+M/o/aUXIP1HeMmVbUJEthq0tAdroH3MHifLfKQy7QQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKEJHirgjWGIbSFb1bWPWx1vKTcAMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvb1FrZUt1Q05ZWWh0SVZ2VnRZOWJIVzhwTndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgPvwEkw
DQYJKoZIhvcNAQELBQADggEBAKOfZeludKifp1v8HOqgLDwqG6TVVon+X2l+9k4J
loKdWpqWpkm3aEZ828IJXqaYwolJAT41e28jJfAFUrLzrFApbqDUaaSyg73ZIrpO
6nvi5nVHEnk7MXBUoabems9gqsn4wUf+SJG7/wyHJtwY3qzk8a8wnDHwE05JPWfc
5z2rLl5zBBUeWsUFHFGVi4cWCmSbpnvjG30DsqYlQ/Mtc/8uYlqCibs7JJ4xsT6M
00GkktnMNM7Ny5iNb3zMzMZ8xb/DmI+IlPzWYcAbdjTtJxsPYk4xuDOOJJmb9RY3
ZhxIWcXy/3VMgGY9efea7F0eeUATU4eQdvOZKdfotgQ//XQ=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:45:52 2025 by rpki-client