Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/XebRYOITfzcAbcv2WQiIUJzp9IY.roa
File: XebRYOITfzcAbcv2WQiIUJzp9IY.roa (raw, json)
Hash identifier: /LlV1c2jBHdUzm3m7BbrQfvi7DnfI/2A+wzHJz5/0Eg=
Subject key identifier: 5D:E6:D1:60:E2:13:7F:37:00:6D:CB:F6:59:08:88:50:9C:E9:F4:86
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 0197E9C013B28231A88E1F4AB6A9EF513DA6
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/XebRYOITfzcAbcv2WQiIUJzp9IY.roa
Signing time: Tue 08 Jul 2025 11:16:08 +0000
ROA not before: Tue 08 Jul 2025 11:16:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207879
IP address blocks: 2a0b:b147::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:c0:13:b2:82:31:a8:8e:1f:4a:b6:a9:ef:51:3d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jul 8 11:16:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5de6d160e2137f37006dcbf6590888509ce9f486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:65:2e:8b:41:1c:d6:88:44:50:6e:60:19:
a5:5f:3a:6f:d8:7e:c9:4a:8d:2b:b2:3c:fe:66:b8:
96:aa:dd:d7:a3:77:2a:3f:65:7c:29:5e:9e:a6:1e:
32:3e:03:ff:fb:14:94:f4:7d:4d:5f:fe:cb:2d:13:
69:d3:9e:ca:ac:8e:1f:f4:b5:d3:7f:15:b7:8e:eb:
94:10:dc:65:ad:4d:fc:d7:0c:42:42:a8:9b:25:3b:
c5:3c:a1:b5:2f:44:14:d3:da:4f:f5:20:3f:84:62:
56:95:ea:a0:35:a4:67:d1:c1:a7:03:bb:af:ec:84:
3a:96:3a:92:9a:cd:6c:6e:81:7c:a1:74:7e:c7:86:
70:2a:70:d5:d4:a3:0a:38:48:db:f4:61:d8:1f:af:
df:44:16:9a:34:e4:79:de:b2:cf:bf:df:69:70:c1:
95:2e:d9:77:2c:eb:b8:4c:6b:3d:20:5a:89:02:cd:
63:ba:3d:ae:4a:70:f4:36:e1:ee:b2:63:c0:57:fb:
48:61:6e:08:29:92:0c:d9:34:ec:74:28:d4:48:53:
b9:8a:9a:cc:b0:f9:77:fd:b5:18:f4:95:ff:09:56:
10:df:53:9d:9a:3a:87:1c:c1:47:07:fa:03:d8:ca:
b4:b0:ff:c3:03:e5:44:24:d8:71:0e:27:21:48:d3:
5d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E6:D1:60:E2:13:7F:37:00:6D:CB:F6:59:08:88:50:9C:E9:F4:86
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/XebRYOITfzcAbcv2WQiIUJzp9IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b147::/32
Signature Algorithm: sha256WithRSAEncryption
1a:03:e2:8d:17:04:c6:af:1f:fa:d3:0f:36:82:1b:d9:94:f3:
0a:ea:c3:e4:59:4f:53:d5:92:d2:12:1e:a3:9c:4a:2a:4e:a1:
be:e5:32:7a:4a:1e:4e:11:ad:0e:80:6b:b3:8d:41:af:54:2a:
a2:6c:a0:c3:58:7a:5f:e0:f8:65:40:26:96:86:46:03:6f:db:
d1:16:27:e4:1f:5a:65:3e:2c:7d:3c:0f:a7:7c:5e:79:40:78:
1e:99:92:f1:40:05:91:3c:dc:27:35:ce:0e:4b:c9:96:95:75:
76:5b:21:c9:eb:8e:9a:e7:d2:3f:6f:05:7c:f6:66:18:c1:a3:
e9:ad:d2:74:32:77:80:77:49:85:1c:a8:19:27:df:b5:33:94:
3b:f3:8a:ed:eb:ff:1f:d6:60:88:25:a5:1e:9b:15:91:08:bf:
21:df:85:ad:c9:10:ce:4c:ed:a6:c9:0e:a1:86:e9:4b:7d:8f:
9f:2e:32:be:8d:4c:bc:97:89:a3:5b:81:8f:21:c0:29:45:23:
4f:64:08:cc:2d:b5:54:f0:be:5a:e2:3e:84:a4:c8:29:5b:de:
cd:c7:54:25:d1:56:39:a7:11:5b:c6:49:50:3a:1d:1b:5e:dd:
d9:eb:dd:8e:12:14:99:1c:12:ae:cb:9a:b1:7f:fb:99:c8:21:
76:3e:27:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZfpwBOygjGojh9KtqnvUT2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjUwNzA4MTExNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU2ZDE2MGUyMTM3ZjM3MDA2ZGNiZjY1OTA4ODg1MDljZTlmNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwVlLotBHNaIRFBuYBmlXzpv2H7J
So0rsjz+ZriWqt3Xo3cqP2V8KV6eph4yPgP/+xSU9H1NX/7LLRNp057KrI4f9LXT
fxW3juuUENxlrU381wxCQqibJTvFPKG1L0QU09pP9SA/hGJWleqgNaRn0cGnA7uv
7IQ6ljqSms1sboF8oXR+x4ZwKnDV1KMKOEjb9GHYH6/fRBaaNOR53rLPv99pcMGV
Ltl3LOu4TGs9IFqJAs1juj2uSnD0NuHusmPAV/tIYW4IKZIM2TTsdCjUSFO5iprM
sPl3/bUY9JX/CVYQ31OdmjqHHMFHB/oD2Mq0sP/DA+VEJNhxDichSNNd/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF3m0WDiE383AG3L9lkIiFCc6fSGMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvWGViUllPSVRmemNBYmN2MldRaUlVSnpwOUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKguxRzAN
BgkqhkiG9w0BAQsFAAOCAQEAGgPijRcExq8f+tMPNoIb2ZTzCurD5FlPU9WS0hIe
o5xKKk6hvuUyekoeThGtDoBrs41Br1Qqomygw1h6X+D4ZUAmloZGA2/b0RYn5B9a
ZT4sfTwPp3xeeUB4HpmS8UAFkTzcJzXODkvJlpV1dlshyeuOmufSP28FfPZmGMGj
6a3SdDJ3gHdJhRyoGSfftTOUO/OK7ev/H9ZgiCWlHpsVkQi/Id+FrckQzkztpskO
oYbpS32Pny4yvo1MvJeJo1uBjyHAKUUjT2QIzC21VPC+WuI+hKTIKVvezcdUJdFW
OacRW8ZJUDodG17d2evdjhIUmRwSrsuasX/7mcghdj4ndQ==
-----END CERTIFICATE-----
Generated at Fri Jul 25 23:53:07 2025 by rpki-client