Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/C1IKxnjlR28wnMEF22N-kvWgw30.roa
File: C1IKxnjlR28wnMEF22N-kvWgw30.roa (raw, json)
Hash identifier: 1QRMyJin+M5+1jDxtaaq4FBo3IvkxVBvd1tnt0kM8lw=
Subject key identifier: 0B:52:0A:C6:78:E5:47:6F:30:9C:C1:05:DB:63:7E:92:F5:A0:C3:7D
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0197D6C065421444E9B285AF6DE14BE94731
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/C1IKxnjlR28wnMEF22N-kvWgw30.roa
Signing time: Fri 04 Jul 2025 18:43:42 +0000
ROA not before: Fri 04 Jul 2025 18:43:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a0e:a781::/36 maxlen: 36
2a10:6c40::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:8000::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:c0:65:42:14:44:e9:b2:85:af:6d:e1:4b:e9:47:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jul 4 18:43:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b520ac678e5476f309cc105db637e92f5a0c37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:b3:d5:4d:5d:5f:48:63:bf:bf:89:e2:c7:
35:01:11:2a:dd:c3:a9:05:57:90:fc:e4:a8:7c:91:
61:7a:f8:26:57:d1:d0:35:ad:ea:00:77:98:b7:4f:
f9:4b:a0:71:a0:15:65:9b:f9:cd:d0:49:31:b5:69:
33:4d:05:67:e8:44:0f:d0:6f:00:54:76:c7:59:11:
a9:e7:81:b9:09:bc:52:f9:e1:09:48:ce:0b:82:5e:
b1:9c:86:13:27:3b:94:7d:ca:10:0b:f7:18:23:d1:
ff:e6:ce:56:ea:b6:ba:45:23:f2:25:3e:57:e5:a0:
42:eb:c6:f6:53:52:3a:4c:45:75:6a:1e:9d:ce:40:
cc:72:10:66:a9:91:aa:13:0f:28:dc:d1:9d:36:7a:
0e:08:89:a1:2b:6c:be:2c:62:f3:bd:1c:41:bf:bf:
4e:e3:3e:62:21:aa:69:11:59:68:08:62:0d:5f:11:
97:cf:c4:05:4a:c8:a5:97:1f:aa:c0:11:34:f1:e8:
a2:aa:37:03:13:71:fe:c1:45:78:78:50:b2:7c:20:
0c:72:cc:15:d8:31:cb:3f:ff:15:1b:c9:6b:13:ab:
fd:66:1e:09:3e:40:4c:15:85:2e:e3:b2:52:bf:14:
66:0b:c9:f9:2c:6b:89:8e:6b:90:bb:97:eb:71:c7:
3a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:52:0A:C6:78:E5:47:6F:30:9C:C1:05:DB:63:7E:92:F5:A0:C3:7D
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/C1IKxnjlR28wnMEF22N-kvWgw30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0b:3e00::/29
2a0c:8340::/29
2a0e:a781::/36
2a10:6c40::/29
2a10:9600::/29
2a13:8000::/29
2a13:b840::/29
2a13:ddc0::/29
2a13:de40::/29
2a14:35c0::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:28:6b:42:7c:a9:2a:bf:d0:e9:5a:eb:c2:66:ad:09:44:07:
f0:ff:1b:d5:eb:9b:c8:d4:74:2a:9f:f2:f8:a0:3b:2f:18:d1:
86:d0:47:ea:9d:56:05:49:f5:34:38:98:f6:c1:3c:5d:dd:26:
9a:3f:cb:ee:f2:1f:ab:2d:c1:ff:05:ef:b7:c8:3d:d9:5c:f4:
82:86:3f:fc:79:60:8a:8d:b3:c8:96:17:f7:50:a5:33:7a:4e:
de:17:e2:15:e3:35:cd:d0:d6:45:e3:95:cd:f0:7e:da:3f:b4:
f6:f4:eb:b7:5e:16:cd:02:5c:f5:38:43:9a:17:a1:e3:e5:8c:
d5:5b:e0:91:93:8a:f1:71:50:6a:63:53:3f:ee:2d:97:4b:6c:
a6:79:1c:46:45:d4:26:c7:2b:66:7e:74:08:ce:53:87:5a:cd:
06:fc:c4:55:9e:79:fa:20:30:32:84:54:8e:13:9f:61:88:9a:
c1:85:fa:ba:0b:03:23:94:14:b4:c3:d0:0a:bf:9a:d8:83:22:
f1:59:d5:4d:5f:f1:0f:ea:20:dc:e8:e3:eb:c7:9e:23:4f:e3:
33:fa:c7:8d:4a:60:ac:c6:b0:30:e1:8d:4d:1d:2d:a0:65:3e:
dd:ef:46:78:ac:f0:fd:88:6f:2c:13:d4:ad:0d:2b:d2:13:92:
a6:df:5e:89
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZfWwGVCFETpsoWvbeFL6UcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNzA0MTg0MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUyMGFjNjc4ZTU0NzZmMzA5Y2MxMDVkYjYzN2U5MmY1YTBjMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshyz1U1dX0hjv7+J4sc1AREq3cOp
BVeQ/OSofJFhevgmV9HQNa3qAHeYt0/5S6BxoBVlm/nN0EkxtWkzTQVn6EQP0G8A
VHbHWRGp54G5CbxS+eEJSM4Lgl6xnIYTJzuUfcoQC/cYI9H/5s5W6ra6RSPyJT5X
5aBC68b2U1I6TEV1ah6dzkDMchBmqZGqEw8o3NGdNnoOCImhK2y+LGLzvRxBv79O
4z5iIappEVloCGINXxGXz8QFSsillx+qwBE08eiiqjcDE3H+wUV4eFCyfCAMcswV
2DHLP/8VG8lrE6v9Zh4JPkBMFYUu47JSvxRmC8n5LGuJjmuQu5frccc6jwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFAtSCsZ45UdvMJzBBdtjfpL1oMN9MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvQzFJS3huamxSMjh3bk1FRjIyTi1rdldndzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAAjBVAwUDIAEwgAMF
AyoLPgADBQMqDINAAwYEKg6ngQADBQMqEGxAAwUDKhCWAAMFAyoTgAADBQMqE7hA
AwUDKhPdwAMFAyoT3kADBQMqFDXAAwUDKhRywDANBgkqhkiG9w0BAQsFAAOCAQEA
CyhrQnypKr/Q6VrrwmatCUQH8P8b1eubyNR0Kp/y+KA7LxjRhtBH6p1WBUn1NDiY
9sE8Xd0mmj/L7vIfqy3B/wXvt8g92Vz0goY//Hlgio2zyJYX91ClM3pO3hfiFeM1
zdDWReOVzfB+2j+09vTrt14WzQJc9ThDmheh4+WM1VvgkZOK8XFQamNTP+4tl0ts
pnkcRkXUJscrZn50CM5Th1rNBvzEVZ55+iAwMoRUjhOfYYiawYX6ugsDI5QUtMPQ
Cr+a2IMi8VnVTV/xD+og3Ojj68eeI0/jM/rHjUpgrMawMOGNTR0toGU+3e9GeKzw
/YhvLBPUrQ0r0hOSpt9eiQ==
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:45:20 2025 by rpki-client