Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/m_f2g9VM8Woj_8yK0kHANOc_IOQ.roa
File: m_f2g9VM8Woj_8yK0kHANOc_IOQ.roa (raw, json)
Hash identifier: p9y3pqM07SUbuDjnmPHX9A9nDVq4TjsTrM2GPGk7adc=
Subject key identifier: 9B:F7:F6:83:D5:4C:F1:6A:23:FF:CC:8A:D2:41:C0:34:E7:3F:20:E4
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0197D6C5E3AF70F8B7988AF43D26B8051C3C
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/m_f2g9VM8Woj_8yK0kHANOc_IOQ.roa
Signing time: Fri 04 Jul 2025 18:49:42 +0000
ROA not before: Fri 04 Jul 2025 18:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:c5:e3:af:70:f8:b7:98:8a:f4:3d:26:b8:05:1c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jul 4 18:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bf7f683d54cf16a23ffcc8ad241c034e73f20e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c2:e2:d0:c5:ba:fb:d3:55:cf:bc:65:32:4f:
61:bd:88:93:1a:7e:f4:fd:53:8a:a4:90:49:62:6c:
50:c8:f7:9b:24:01:da:d6:32:42:83:f9:90:70:5a:
e9:b6:c7:62:df:1e:b3:7a:9e:22:0c:f4:98:f0:2e:
41:d9:7e:27:a7:7a:9b:b5:52:54:0d:4a:27:2e:6b:
14:df:5b:c6:dd:c4:86:9d:d0:f3:47:f9:e6:19:eb:
94:a1:d2:04:47:42:00:3e:a9:44:d0:10:17:c8:f1:
71:3f:eb:10:cc:da:03:16:21:5a:67:26:47:e4:59:
cd:b2:0a:d6:1d:e5:ad:35:5e:6f:71:f7:3e:b0:a0:
db:6c:e5:c6:a0:ee:35:32:6e:38:86:dc:8d:af:cf:
21:c2:be:df:80:06:85:2e:9e:16:7c:a6:bd:4b:e8:
ff:ce:f1:72:d7:08:fd:3a:79:61:51:88:95:69:bd:
a3:01:a0:c0:f7:b8:71:f3:47:46:8d:2e:95:08:97:
d4:1e:57:55:36:e0:6c:b8:3e:73:b3:7e:b3:1b:2c:
ce:0a:df:0c:9a:bf:57:85:52:4e:20:65:9f:04:b0:
75:cc:33:f5:3b:9d:ed:b5:2f:f7:1f:68:0c:04:ba:
2f:cf:1d:a6:cc:e4:1d:35:47:56:0c:ef:c3:e7:17:
8d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F7:F6:83:D5:4C:F1:6A:23:FF:CC:8A:D2:41:C0:34:E7:3F:20:E4
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/m_f2g9VM8Woj_8yK0kHANOc_IOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
27:50:2d:34:a6:c8:a6:0e:ef:84:51:e7:fa:44:5b:b2:f5:d7:
32:ff:90:30:5d:2c:49:84:21:82:3c:1a:bd:85:88:ba:d7:8f:
d9:36:90:2b:b4:51:f4:01:46:d9:8a:25:aa:ea:6a:2d:3e:75:
e6:55:2a:c6:10:1d:e2:93:62:57:a9:2c:49:b8:d5:73:2d:b9:
e0:30:9d:58:55:c3:98:e4:c0:c0:37:f1:d0:da:28:c6:62:bf:
8e:b5:67:2c:5b:96:b1:c1:fc:35:8c:cf:14:ad:85:9f:36:dc:
4c:a6:2b:4a:4c:69:43:b9:62:9a:44:00:47:d0:01:29:a8:e7:
e8:ab:4c:ba:e6:df:15:0b:7b:12:bb:92:25:ab:74:22:4c:90:
db:55:c4:ab:b1:1e:7d:4f:fc:13:2f:fe:80:d2:ad:06:df:f7:
67:ad:02:34:18:df:32:0a:6e:cf:0b:88:c3:24:6b:6d:6f:8f:
bc:0f:13:f7:2e:30:95:93:b4:3c:0f:b2:6c:42:e2:02:8d:0c:
ba:79:e0:92:77:e4:66:7e:79:72:2d:c5:26:29:ac:af:4d:ee:
31:06:ab:fa:14:28:c4:5f:27:16:bb:32:11:cc:6a:b1:48:6a:
25:a8:b9:b9:2b:35:f9:48:87:7c:4a:fa:cd:49:63:f6:52:dd:
b2:b0:1c:5e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZfWxeOvcPi3mIr0PSa4BRw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNzA0MTg0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmY3ZjY4M2Q1NGNmMTZhMjNmZmNjOGFkMjQxYzAzNGU3M2YyMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsLi0MW6+9NVz7xlMk9hvYiTGn70
/VOKpJBJYmxQyPebJAHa1jJCg/mQcFrptsdi3x6zep4iDPSY8C5B2X4np3qbtVJU
DUonLmsU31vG3cSGndDzR/nmGeuUodIER0IAPqlE0BAXyPFxP+sQzNoDFiFaZyZH
5FnNsgrWHeWtNV5vcfc+sKDbbOXGoO41Mm44htyNr88hwr7fgAaFLp4WfKa9S+j/
zvFy1wj9OnlhUYiVab2jAaDA97hx80dGjS6VCJfUHldVNuBsuD5zs36zGyzOCt8M
mr9XhVJOIGWfBLB1zDP1O53ttS/3H2gMBLovzx2mzOQdNUdWDO/D5xeNxQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJv39oPVTPFqI//MitJBwDTnPyDkMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvbV9mMmc5Vk04V29qXzh5SzBrSEFOT2NfSU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgu0gAMF
AyoQqcADBQMqE1BAAwUDKhO+wDANBgkqhkiG9w0BAQsFAAOCAQEAJ1AtNKbIpg7v
hFHn+kRbsvXXMv+QMF0sSYQhgjwavYWIuteP2TaQK7RR9AFG2YolqupqLT515lUq
xhAd4pNiV6ksSbjVcy254DCdWFXDmOTAwDfx0NooxmK/jrVnLFuWscH8NYzPFK2F
nzbcTKYrSkxpQ7limkQAR9ABKajn6KtMuubfFQt7EruSJat0IkyQ21XEq7EefU/8
Ey/+gNKtBt/3Z60CNBjfMgpuzwuIwyRrbW+PvA8T9y4wlZO0PA+ybELiAo0Munng
knfkZn55ci3FJimsr03uMQar+hQoxF8nFrsyEcxqsUhqJai5uSs1+UiHfEr6zUlj
9lLdsrAcXg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:05:42 2025 by rpki-client