Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/btENirTzGa5hCRjGIIwG3_NDN14.roa
File: btENirTzGa5hCRjGIIwG3_NDN14.roa (raw, json)
Hash identifier: Qc+DpFa+WQ/w1YZM6JMB5sciL2uYCIYPxJnwDj9/83A=
Subject key identifier: 6E:D1:0D:8A:B4:F3:19:AE:61:09:18:C6:20:8C:06:DF:F3:43:37:5E
Certificate issuer: /CN=7e3150f8c67063121027328954968d08d4cf329a
Certificate serial: 01980DE8F906C941735BB47E8FC661AD9012
Authority key identifier: 7E:31:50:F8:C6:70:63:12:10:27:32:89:54:96:8D:08:D4:CF:32:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/btENirTzGa5hCRjGIIwG3_NDN14.roa
Signing time: Tue 15 Jul 2025 11:47:08 +0000
ROA not before: Tue 15 Jul 2025 11:47:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203062
IP address blocks: 2a06:2c80::/36 maxlen: 48
2a06:2c80:1000::/36 maxlen: 48
2a06:2c80:4000::/36 maxlen: 48
2a06:2c87:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:e8:f9:06:c9:41:73:5b:b4:7e:8f:c6:61:ad:90:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e3150f8c67063121027328954968d08d4cf329a
Validity
Not Before: Jul 15 11:47:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ed10d8ab4f319ae610918c6208c06dff343375e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:2e:e8:33:ca:77:f6:c2:4e:7c:4b:62:c6:
7b:81:fb:23:35:25:16:02:83:17:de:81:d6:1f:0b:
73:73:11:4b:6e:37:7e:2c:82:9e:10:e7:1f:29:07:
12:a1:a3:39:60:e2:45:cc:52:ea:08:43:d2:76:c2:
a5:1c:25:23:2a:c7:f4:cd:8c:4b:ee:2e:db:97:3d:
11:4d:40:2f:1a:21:e4:ea:3c:f3:4b:5e:e0:65:e3:
9f:bd:fe:b9:91:48:42:42:c2:70:f7:0a:2b:47:41:
b5:8e:9f:43:14:cd:bc:1d:a7:a9:bd:b5:7c:f4:bb:
01:59:ab:34:e3:5e:a6:0b:df:74:c4:49:8b:31:77:
30:55:01:68:c7:3c:bb:b5:d3:37:e0:dd:42:eb:22:
b2:18:98:3e:f7:67:9b:64:ca:ed:88:f3:b6:82:62:
08:c1:fc:74:e8:2c:ab:e7:4d:d3:41:ad:ea:b2:23:
ee:af:7e:ea:10:57:59:ae:cf:17:79:f9:bb:25:53:
21:07:86:3e:d7:d5:d0:d8:ac:97:25:c3:2e:84:01:
a5:1e:a7:f8:c0:92:52:18:2a:a2:1c:06:82:b8:06:
c3:70:e6:4c:d0:aa:17:aa:dc:24:0e:41:9e:2a:95:
7d:7e:d3:50:df:97:f1:bb:80:68:85:a1:10:e1:f9:
db:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D1:0D:8A:B4:F3:19:AE:61:09:18:C6:20:8C:06:DF:F3:43:37:5E
X509v3 Authority Key Identifier:
keyid:7E:31:50:F8:C6:70:63:12:10:27:32:89:54:96:8D:08:D4:CF:32:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/btENirTzGa5hCRjGIIwG3_NDN14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:2c80::/35
2a06:2c80:4000::/36
2a06:2c87:e000::/36
Signature Algorithm: sha256WithRSAEncryption
01:99:30:05:4d:50:01:7a:1c:08:d9:b9:38:5f:ea:b0:28:be:
2b:e6:ab:9f:2f:e2:b6:97:bf:fe:c8:44:31:72:f2:c3:68:ca:
01:7a:73:55:cb:25:0e:d8:cf:54:b1:a7:75:04:a9:ee:2d:86:
62:0a:27:40:0e:64:6f:34:35:5a:20:2a:89:47:58:56:f3:11:
71:9a:56:07:c4:41:99:c9:c4:c5:68:50:91:6d:d0:ea:47:ac:
05:8f:1e:58:75:80:ad:64:83:f0:11:5e:64:ba:38:28:9c:21:
e3:2f:2e:9b:3d:1c:1f:9f:d8:49:c3:c9:4d:71:60:5e:2c:be:
9c:f6:06:47:89:d0:02:49:00:fa:b9:f2:f7:07:1e:43:b5:28:
95:66:6d:91:0b:1d:5c:0f:23:17:ac:cd:22:3d:6c:93:08:9f:
11:73:fb:97:91:40:18:21:ac:89:36:2f:ab:50:0f:d8:33:07:
59:95:a0:6b:fa:8b:d5:e8:92:55:65:5e:bf:d6:56:a3:0c:90:
64:50:aa:df:e5:45:35:bf:6c:cd:ce:46:89:43:7b:53:42:ec:
38:17:5f:06:bf:0a:a1:c8:fd:a5:1c:ad:3d:a3:e4:4c:c9:e8:
15:b5:42:fb:09:a0:23:9f:01:b7:e5:ce:82:cc:e8:e6:5b:fa:
d1:1d:ee:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgN6PkGyUFzW7R+j8ZhrZASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMzE1MGY4YzY3MDYzMTIxMDI3MzI4OTU0OTY4ZDA4ZDRj
ZjMyOWEwHhcNMjUwNzE1MTE0NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQxMGQ4YWI0ZjMxOWFlNjEwOTE4YzYyMDhjMDZkZmYzNDMzNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q0u6DPKd/bCTnxLYsZ7gfsjNSUW
AoMX3oHWHwtzcxFLbjd+LIKeEOcfKQcSoaM5YOJFzFLqCEPSdsKlHCUjKsf0zYxL
7i7blz0RTUAvGiHk6jzzS17gZeOfvf65kUhCQsJw9worR0G1jp9DFM28HaepvbV8
9LsBWas0416mC990xEmLMXcwVQFoxzy7tdM34N1C6yKyGJg+92ebZMrtiPO2gmII
wfx06Cyr503TQa3qsiPur37qEFdZrs8Xefm7JVMhB4Y+19XQ2KyXJcMuhAGlHqf4
wJJSGCqiHAaCuAbDcOZM0KoXqtwkDkGeKpV9ftNQ35fxu4BohaEQ4fnbEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG7RDYq08xmuYQkYxiCMBt/zQzdeMB8GA1UdIwQY
MBaAFH4xUPjGcGMSECcyiVSWjQjUzzKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmpGUS1NWndZeElRSnpLSlZKYU5DTlRQTXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YmNmZDctZjZkMy00MzJhLWI1ZjAt
OTM1ZTQxOGJkYmU3LzEvYnRFTmlyVHpHYTVoQ1JqR0lJd0czX05ETjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YmNmZDctZjZkMy00MzJhLWI1ZjAtOTM1ZTQxOGJkYmU3
LzEvZmpGUS1NWndZeElRSnpLSlZKYU5DTlRQTXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYFKgYsgAAD
BgQqBiyAQAMGBCoGLIfgMA0GCSqGSIb3DQEBCwUAA4IBAQABmTAFTVABehwI2bk4
X+qwKL4r5qufL+K2l7/+yEQxcvLDaMoBenNVyyUO2M9Usad1BKnuLYZiCidADmRv
NDVaICqJR1hW8xFxmlYHxEGZycTFaFCRbdDqR6wFjx5YdYCtZIPwEV5kujgonCHj
Ly6bPRwfn9hJw8lNcWBeLL6c9gZHidACSQD6ufL3Bx5DtSiVZm2RCx1cDyMXrM0i
PWyTCJ8Rc/uXkUAYIayJNi+rUA/YMwdZlaBr+ovV6JJVZV6/1lajDJBkUKrf5UU1
v2zNzkaJQ3tTQuw4F18GvwqhyP2lHK09o+RMyegVtUL7CaAjnwG35c6CzOjmW/rR
He7l
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:10:18 2025 by rpki-client