Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/ttIMVm2Qx6d-SaNfus5CP2PiSww.roa
File: ttIMVm2Qx6d-SaNfus5CP2PiSww.roa (raw, json)
Hash identifier: GIzKFX6ewkeY9UKKD+c3WgJblzIfMp9efYS5dFXHsaQ=
Subject key identifier: B6:D2:0C:56:6D:90:C7:A7:7E:49:A3:5F:BA:CE:42:3F:63:E2:4B:0C
Certificate issuer: /CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
Certificate serial: 01983B61D8BA94C1A2361F48101C1070EC20
Authority key identifier: 54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/ttIMVm2Qx6d-SaNfus5CP2PiSww.roa
Signing time: Thu 24 Jul 2025 07:42:04 +0000
ROA not before: Thu 24 Jul 2025 07:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a13:b580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:61:d8:ba:94:c1:a2:36:1f:48:10:1c:10:70:ec:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
Validity
Not Before: Jul 24 07:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6d20c566d90c7a77e49a35fbace423f63e24b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:ca:18:77:d3:94:31:01:9b:7d:8c:fc:af:
cd:b9:bb:44:80:47:b1:ea:05:8f:41:77:1a:dc:8a:
1b:6d:c7:c1:e8:37:eb:b2:4d:d9:b1:79:35:8a:d7:
cc:e1:24:f1:07:3f:7d:2b:2f:64:33:c5:c7:65:b3:
ca:87:12:8c:4d:32:0d:8e:d6:6a:86:70:f2:1c:b6:
ea:62:c5:26:94:8c:70:35:53:19:39:58:85:8b:86:
21:04:f2:2d:99:28:fd:0d:a5:9e:40:6b:bb:8b:87:
7a:e4:73:1a:ea:cb:b2:2e:96:27:86:33:35:5e:ce:
a3:25:83:46:01:88:43:ce:b3:6e:b8:0a:74:b4:b6:
54:5a:95:0b:1d:bc:8a:f7:44:6d:66:3c:b8:ab:51:
ca:7b:57:83:5a:d0:aa:a3:48:03:0c:ec:b1:1b:bd:
d5:2c:55:ad:cb:81:c9:a2:e4:b3:7e:87:96:38:43:
3a:f9:57:f1:e0:9a:55:8f:ee:c7:2a:0a:2d:b0:90:
a6:e1:a1:dd:b8:34:3d:d8:62:22:04:fd:de:e7:35:
98:35:61:51:e7:77:af:c5:5f:5d:4c:e9:7e:7c:1e:
96:f6:a7:68:18:be:3e:c3:53:ae:9e:17:e4:85:78:
96:a6:a4:32:b4:84:c2:45:a5:49:ab:e7:ed:a3:b9:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D2:0C:56:6D:90:C7:A7:7E:49:A3:5F:BA:CE:42:3F:63:E2:4B:0C
X509v3 Authority Key Identifier:
keyid:54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/ttIMVm2Qx6d-SaNfus5CP2PiSww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b580::/29
Signature Algorithm: sha256WithRSAEncryption
3a:f2:01:22:7b:32:2f:1f:bb:59:f5:90:97:da:47:2d:da:b5:
fb:27:4a:37:bd:cf:4e:8f:bf:75:c5:5f:51:df:0a:6a:21:8e:
78:88:91:ed:5f:d8:44:df:f2:86:ad:04:5b:96:cf:7f:b7:24:
d5:ae:a7:50:d6:32:19:36:40:aa:de:d5:cd:78:97:28:36:d4:
2a:ca:d0:a6:24:20:85:da:94:e7:cb:39:0e:54:5c:09:ea:08:
19:15:f4:05:12:32:4f:5f:ac:8d:1b:24:03:71:de:c1:ae:ca:
b1:f4:ed:86:b5:a7:4b:c6:c4:2a:ca:d1:02:35:9d:3e:1f:f4:
7b:1a:6a:f8:1f:53:3f:62:3d:85:a0:12:e0:74:8d:0b:aa:56:
d7:e3:d5:34:04:e6:ac:e8:a1:1f:28:b1:6c:8c:57:9c:5c:53:
b3:24:13:61:6e:40:ca:fe:32:a7:2d:56:2b:08:21:7c:06:de:
d1:fa:db:61:1c:da:5f:d2:3b:4c:fb:5c:de:e0:4b:00:b4:1f:
85:9a:6d:02:30:dd:da:c9:6a:35:e2:22:c1:d5:bd:7d:50:b1:
53:c8:5c:bc:ab:62:c8:b8:ff:57:58:a9:eb:33:00:78:52:04:
39:81:6c:e5:e9:73:c8:f0:a1:ae:c1:cd:78:5f:4e:58:af:44:
03:54:c2:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZg7Ydi6lMGiNh9IEBwQcOwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDQxOTQxYjE0NTBkNmI5NWI1OGNhM2YwNzdjZTIwOGRm
ZGZiNGIwHhcNMjUwNzI0MDc0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQyMGM1NjZkOTBjN2E3N2U0OWEzNWZiYWNlNDIzZjYzZTI0YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg3KGHfTlDEBm32M/K/NubtEgEex
6gWPQXca3IobbcfB6Dfrsk3ZsXk1itfM4STxBz99Ky9kM8XHZbPKhxKMTTINjtZq
hnDyHLbqYsUmlIxwNVMZOViFi4YhBPItmSj9DaWeQGu7i4d65HMa6suyLpYnhjM1
Xs6jJYNGAYhDzrNuuAp0tLZUWpULHbyK90RtZjy4q1HKe1eDWtCqo0gDDOyxG73V
LFWty4HJouSzfoeWOEM6+Vfx4JpVj+7HKgotsJCm4aHduDQ92GIiBP3e5zWYNWFR
53evxV9dTOl+fB6W9qdoGL4+w1OunhfkhXiWpqQytITCRaVJq+fto7mDxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLbSDFZtkMenfkmjX7rOQj9j4ksMMB8GA1UdIwQY
MBaAFFQEGUGxRQ1rlbWMo/B3ziCN/ftLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMt
MWU4OWY5Njk1ZDFiLzEvdHRJTVZtMlF4NmQtU2FOZnVzNUNQMlBpU3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMtMWU4OWY5Njk1ZDFi
LzEvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO1gDAN
BgkqhkiG9w0BAQsFAAOCAQEAOvIBInsyLx+7WfWQl9pHLdq1+ydKN73PTo+/dcVf
Ud8KaiGOeIiR7V/YRN/yhq0EW5bPf7ck1a6nUNYyGTZAqt7VzXiXKDbUKsrQpiQg
hdqU58s5DlRcCeoIGRX0BRIyT1+sjRskA3Hewa7KsfTthrWnS8bEKsrRAjWdPh/0
expq+B9TP2I9haAS4HSNC6pW1+PVNATmrOihHyixbIxXnFxTsyQTYW5Ayv4ypy1W
KwghfAbe0frbYRzaX9I7TPtc3uBLALQfhZptAjDd2slqNeIiwdW9fVCxU8hcvKti
yLj/V1ip6zMAeFIEOYFs5elzyPChrsHNeF9OWK9EA1TCZw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 10:34:26 2025 by rpki-client