Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G2JqLvLiV-exLmgO0OTqocgCrtw.roa
File: G2JqLvLiV-exLmgO0OTqocgCrtw.roa (raw, json)
Hash identifier: C1DpPYo67LALHP84pgha2o0W4RZ8+VmV0J/ocwfryig=
Subject key identifier: 1B:62:6A:2E:F2:E2:57:E7:B1:2E:68:0E:D0:E4:EA:A1:C8:02:AE:DC
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01980D9DE6E933369617F42BD51F0F2A809C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G2JqLvLiV-exLmgO0OTqocgCrtw.roa
Signing time: Tue 15 Jul 2025 10:25:08 +0000
ROA not before: Tue 15 Jul 2025 10:25:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.9.5.0/24 maxlen: 24
2a06:e5c0::/29 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a13:4bc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:9d:e6:e9:33:36:96:17:f4:2b:d5:1f:0f:2a:80:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 15 10:25:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b626a2ef2e257e7b12e680ed0e4eaa1c802aedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:df:e9:a7:cc:a3:f8:4e:6f:10:36:cd:e0:
ce:64:fc:f7:94:97:79:e1:31:b8:52:48:5b:60:4c:
1d:0b:cd:99:d9:15:17:02:01:a2:75:90:93:d2:b9:
18:7a:a4:ed:88:c6:7f:9a:05:49:22:34:91:75:87:
fa:ee:32:08:c0:10:01:da:16:55:48:44:50:cc:26:
32:4c:d5:fd:a5:3f:e8:fd:f2:78:98:58:f5:5d:81:
21:4e:49:79:d5:f2:42:97:bc:c8:f0:29:0f:ec:14:
58:d1:95:76:f7:85:66:c9:4e:eb:aa:d2:6a:aa:cc:
e4:20:f0:22:8c:e4:8e:d1:c2:e1:91:e7:a6:f5:e8:
20:01:bd:59:ed:ae:e9:c7:52:d3:32:59:eb:c5:3c:
02:ef:e9:53:69:4b:65:3a:d4:d5:d8:1a:9b:70:4d:
93:f9:b5:70:9d:24:3a:a1:2a:ef:84:9d:a9:62:40:
22:a8:1e:5a:83:7c:22:53:79:3b:e1:54:06:04:d8:
ea:89:30:20:28:14:bd:d8:c0:9a:d8:39:b5:fe:31:
23:dd:31:1d:3c:9b:27:47:ed:bb:90:0d:fd:a8:7e:
2f:88:d1:42:6d:53:5c:75:ff:4e:6f:66:61:30:37:
fc:9f:95:c7:c4:f4:b4:0c:f4:28:0c:ee:74:4e:b2:
7f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:62:6A:2E:F2:E2:57:E7:B1:2E:68:0E:D0:E4:EA:A1:C8:02:AE:DC
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G2JqLvLiV-exLmgO0OTqocgCrtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.5.0/24
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
05:39:19:20:e1:01:2d:41:6d:77:d9:42:f9:fb:44:c9:df:57:
59:56:01:6c:18:e7:50:b7:37:ef:ff:24:11:9e:6b:22:54:e7:
6d:2c:35:e8:99:8b:83:df:37:db:4f:dc:b0:72:e4:eb:0a:a6:
bb:46:b2:42:57:f0:0d:26:59:9c:3b:c0:62:d1:c6:17:5d:b5:
7f:da:44:9f:16:2e:1f:f7:84:67:47:2d:ef:e5:7b:a8:72:f3:
6c:21:f9:07:96:d7:a4:7d:51:9e:0c:b8:4e:64:07:6c:4a:10:
47:a9:88:76:49:e5:ca:d1:1e:56:31:ec:06:ae:97:2f:39:7e:
0a:a4:4b:f2:89:d4:6a:d5:f2:dd:06:13:14:05:24:da:c1:2a:
50:44:05:66:f8:4e:1e:16:ff:ef:ca:22:e5:05:5a:08:d4:ab:
91:6f:83:83:68:cf:6f:41:e7:c1:08:01:d5:02:24:02:1e:07:
5b:d4:3a:bb:b7:f9:88:fd:a7:12:63:5b:53:67:16:97:72:2c:
1e:b0:dc:cc:c2:a7:4f:6b:dd:1a:e1:18:c0:ec:7d:f9:eb:cb:
fd:bb:9c:93:8d:a3:b2:da:9e:9a:df:ba:0f:cb:29:1b:b6:99:
75:e5:64:ba:4d:e2:75:29:d2:ef:98:b5:e1:57:da:e4:e2:3b:
2b:20:13:14
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZgNnebpMzaWF/Qr1R8PKoCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNzE1MTAyNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYyNmEyZWYyZTI1N2U3YjEyZTY4MGVkMGU0ZWFhMWM4MDJhZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL7f6afMo/hObxA2zeDOZPz3lJd5
4TG4UkhbYEwdC82Z2RUXAgGidZCT0rkYeqTtiMZ/mgVJIjSRdYf67jIIwBAB2hZV
SERQzCYyTNX9pT/o/fJ4mFj1XYEhTkl51fJCl7zI8CkP7BRY0ZV294VmyU7rqtJq
qszkIPAijOSO0cLhkeem9eggAb1Z7a7px1LTMlnrxTwC7+lTaUtlOtTV2BqbcE2T
+bVwnSQ6oSrvhJ2pYkAiqB5ag3wiU3k74VQGBNjqiTAgKBS92MCa2Dm1/jEj3TEd
PJsnR+27kA39qH4viNFCbVNcdf9Ob2ZhMDf8n5XHxPS0DPQoDO50TrJ/ewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBtiai7y4lfnsS5oDtDk6qHIAq7cMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRzJKcUx2TGlWLWV4TG1nTzBPVHFvY2dDcnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAMBAIAATAGAwQALQkFMCsE
AgACMCUDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqE0vAMA0GCSqG
SIb3DQEBCwUAA4IBAQAFORkg4QEtQW132UL5+0TJ31dZVgFsGOdQtzfv/yQRnmsi
VOdtLDXomYuD3zfbT9ywcuTrCqa7RrJCV/ANJlmcO8Bi0cYXXbV/2kSfFi4f94Rn
Ry3v5XuocvNsIfkHltekfVGeDLhOZAdsShBHqYh2SeXK0R5WMewGrpcvOX4KpEvy
idRq1fLdBhMUBSTawSpQRAVm+E4eFv/vyiLlBVoI1KuRb4ODaM9vQefBCAHVAiQC
Hgdb1Dq7t/mI/acSY1tTZxaXciwesNzMwqdPa90a4RjA7H3568v9u5yTjaOy2p6a
37oPyykbtpl15WS6TeJ1KdLvmLXhV9rk4jsrIBMU
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:59:49 2025 by rpki-client