Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/Km7FDUhJOLtJnUHUZ1hsKdvct1E.roa
File: Km7FDUhJOLtJnUHUZ1hsKdvct1E.roa (raw, json)
Hash identifier: mG4Y5bCGqndxIxdpHjOAwcjek5v8RqIziI+r4Q7yxMo=
Subject key identifier: 2A:6E:C5:0D:48:49:38:BB:49:9D:41:D4:67:58:6C:29:DB:DC:B7:51
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 01983305AA65ADE2498976645ECC5521F5C1
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/Km7FDUhJOLtJnUHUZ1hsKdvct1E.roa
Signing time: Tue 22 Jul 2025 16:44:26 +0000
ROA not before: Tue 22 Jul 2025 16:44:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215210
IP address blocks: 2a14:c380:250::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:33:05:aa:65:ad:e2:49:89:76:64:5e:cc:55:21:f5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Jul 22 16:44:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a6ec50d484938bb499d41d467586c29dbdcb751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:63:34:ea:a5:f7:0d:81:28:33:69:12:25:41:
8c:99:40:68:c0:38:49:77:87:cb:12:7b:a7:1a:d6:
1a:25:cd:e2:2d:79:f5:4e:b2:4d:2e:5b:5b:27:e5:
da:64:88:8f:b0:d0:38:68:25:a0:a3:12:e3:72:3a:
20:08:d3:d8:4b:ec:b7:17:92:b7:51:99:7c:92:80:
5d:e0:76:fc:43:e8:a8:f0:8d:dc:64:96:e1:6d:90:
3f:86:0c:26:41:92:ad:62:a6:b9:bd:88:b1:17:5f:
2e:69:ac:34:78:5e:09:1e:de:cc:e7:f9:a2:98:5d:
b1:21:bb:5a:9b:d2:a2:c4:5a:2f:83:2d:9d:53:54:
36:2a:e7:1c:3a:41:ee:84:42:e3:92:6e:1a:a3:65:
8d:69:55:ea:aa:2a:9d:ec:2b:19:70:a5:93:c1:ed:
58:78:61:00:f0:5f:bd:d2:42:28:85:54:bf:85:56:
c2:0c:ae:20:92:81:39:e4:17:81:57:35:76:2b:e0:
25:0a:2b:01:c1:13:bf:14:87:f0:c3:c7:88:ac:08:
5f:94:f4:c2:63:17:56:19:f4:a0:67:a3:31:30:f2:
ed:a0:a9:59:62:a6:8d:61:8b:94:0a:8a:aa:a5:46:
c6:00:0f:41:b3:fb:a1:60:32:06:3a:25:7d:34:05:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6E:C5:0D:48:49:38:BB:49:9D:41:D4:67:58:6C:29:DB:DC:B7:51
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/Km7FDUhJOLtJnUHUZ1hsKdvct1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:250::/44
Signature Algorithm: sha256WithRSAEncryption
76:1c:e4:4d:10:03:23:8b:af:9d:8d:cf:d8:5c:3e:85:a5:3b:
08:da:03:54:c9:96:58:37:4f:fc:96:a4:63:44:10:a2:f3:76:
31:37:d5:de:3b:56:c5:b9:ec:2f:1d:53:25:d0:be:59:4c:79:
ea:d9:1e:17:e5:15:40:66:e3:49:ba:9a:a9:a6:56:0b:17:23:
ef:6c:f9:02:d9:73:44:55:c0:7a:ef:57:74:39:97:6d:4c:aa:
87:7e:fb:4a:67:56:94:9a:41:e9:1a:f7:d3:95:07:3c:03:db:
09:5b:f7:9e:22:30:51:56:06:6c:63:f1:3e:fa:d4:f6:b1:37:
4a:a7:11:87:b8:2e:68:42:1d:7e:4e:2c:d3:68:90:31:70:e4:
83:9f:e0:d3:ae:00:5f:6c:f2:c7:18:9b:83:12:73:18:87:27:
51:64:94:59:c4:6a:a1:dd:f2:34:64:3a:49:09:34:9c:26:9d:
89:01:60:c6:60:f6:7c:8f:27:ff:b5:1d:20:4c:99:63:56:a9:
71:71:56:e6:ac:cf:c7:98:64:76:d3:32:bf:24:37:ad:ad:a7:
69:df:fd:ae:5c:dc:34:2c:d7:18:bd:10:06:26:49:a3:61:da:
3d:57:43:12:ec:c3:2a:48:23:6b:b2:3d:42:e2:2c:40:ee:9a:
cd:21:e1:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZgzBaplreJJiXZkXsxVIfXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwNzIyMTY0NDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZlYzUwZDQ4NDkzOGJiNDk5ZDQxZDQ2NzU4NmMyOWRiZGNiNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WM06qX3DYEoM2kSJUGMmUBowDhJ
d4fLEnunGtYaJc3iLXn1TrJNLltbJ+XaZIiPsNA4aCWgoxLjcjogCNPYS+y3F5K3
UZl8koBd4Hb8Q+io8I3cZJbhbZA/hgwmQZKtYqa5vYixF18uaaw0eF4JHt7M5/mi
mF2xIbtam9KixFovgy2dU1Q2KuccOkHuhELjkm4ao2WNaVXqqiqd7CsZcKWTwe1Y
eGEA8F+90kIohVS/hVbCDK4gkoE55BeBVzV2K+AlCisBwRO/FIfww8eIrAhflPTC
YxdWGfSgZ6MxMPLtoKlZYqaNYYuUCoqqpUbGAA9Bs/uhYDIGOiV9NAU7WQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCpuxQ1ISTi7SZ1B1GdYbCnb3LdRMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvS203RkRVaEpPTHRKblVIVVoxaHNLZHZjdDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhTDgAJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB2HORNEAMji6+djc/YXD6FpTsI2gNUyZZYN0/8
lqRjRBCi83YxN9XeO1bFuewvHVMl0L5ZTHnq2R4X5RVAZuNJupqpplYLFyPvbPkC
2XNEVcB671d0OZdtTKqHfvtKZ1aUmkHpGvfTlQc8A9sJW/eeIjBRVgZsY/E++tT2
sTdKpxGHuC5oQh1+TizTaJAxcOSDn+DTrgBfbPLHGJuDEnMYhydRZJRZxGqh3fI0
ZDpJCTScJp2JAWDGYPZ8jyf/tR0gTJljVqlxcVbmrM/HmGR20zK/JDetradp3/2u
XNw0LNcYvRAGJkmjYdo9V0MS7MMqSCNrsj1C4ixA7prNIeHr
-----END CERTIFICATE-----
Generated at Sat Jul 26 15:50:34 2025 by rpki-client