Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/GElfZUdAswtbdoNaPOGRm8XpaWY.roa
File: GElfZUdAswtbdoNaPOGRm8XpaWY.roa (raw, json)
Hash identifier: b5qfHhhZZHZGLXy+05lWxwTJ5wt7TeKlj7sc65TvLms=
Subject key identifier: 18:49:5F:65:47:40:B3:0B:5B:76:83:5A:3C:E1:91:9B:C5:E9:69:66
Certificate issuer: /CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Certificate serial: 01984166AE0D5CDB9E283D5D81A73A48B4A3
Authority key identifier: 53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/GElfZUdAswtbdoNaPOGRm8XpaWY.roa
Signing time: Fri 25 Jul 2025 11:45:04 +0000
ROA not before: Fri 25 Jul 2025 11:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214670
IP address blocks: 2a06:8181::/32 maxlen: 32
2a06:8184::/32 maxlen: 32
2a06:8184:ff00::/40 maxlen: 40
2a06:8184:ff00::/45 maxlen: 48
2a06:8184:ff00::/48 maxlen: 48
2a06:8184:ff01::/48 maxlen: 48
2a06:8184:ff02::/48 maxlen: 48
2a06:8184:ff03::/48 maxlen: 48
2a06:8184:ff04::/48 maxlen: 48
2a06:8184:ff05::/48 maxlen: 48
2a06:8184:ff06::/48 maxlen: 48
2a06:8184:ff07::/48 maxlen: 48
2a06:8184:ff08::/48 maxlen: 48
2a06:8184:ff14::/48 maxlen: 48
2a06:8185:aa00::/40 maxlen: 40
2a06:8185:aa00::/48 maxlen: 48
2a06:8185:aa01::/48 maxlen: 48
2a06:8185:aa02::/48 maxlen: 48
2a06:8185:aa03::/48 maxlen: 48
2a06:8185:aa04::/48 maxlen: 48
2a06:8185:aa05::/48 maxlen: 48
2a06:8185:aa06::/48 maxlen: 48
2a06:8185:aa07::/48 maxlen: 48
2a06:8185:aa08::/48 maxlen: 48
2a06:8185:aa09::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:66:ae:0d:5c:db:9e:28:3d:5d:81:a7:3a:48:b4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Validity
Not Before: Jul 25 11:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18495f654740b30b5b76835a3ce1919bc5e96966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:90:ed:a9:73:d5:61:6f:e2:28:89:2b:29:
a3:9c:b4:7b:c3:4b:e7:08:98:e3:b0:6c:37:7f:80:
3e:c6:1b:cd:2f:97:2d:4f:6d:a9:2b:08:c7:7c:68:
60:c1:57:6d:6a:31:a8:c4:20:44:90:f4:ed:b6:be:
93:48:f0:76:6a:2b:75:19:21:ea:49:29:fb:33:b6:
b3:c1:c0:11:93:bc:78:02:bf:54:6b:d1:73:da:94:
e4:47:83:a4:bf:bf:bf:63:2f:7c:ce:b4:1e:da:c1:
a4:8d:5a:ad:3a:46:c8:78:d7:01:96:9f:c9:36:a3:
b7:5f:43:da:41:d3:bc:f5:c7:78:b4:86:6b:94:ba:
6b:77:c3:eb:ea:46:3d:9d:1c:a7:2e:5f:c5:e7:75:
74:25:39:83:88:bd:94:37:d2:43:af:3c:2f:f6:76:
b4:0d:ad:de:04:e3:96:af:91:11:d1:12:ac:b1:44:
51:6c:ab:10:47:22:23:9e:93:47:71:90:a6:b2:56:
df:8e:46:e9:2b:e8:17:bf:5a:f8:de:66:f9:56:13:
a3:6e:d1:6f:dc:6f:b9:78:67:7f:3c:8d:10:3c:f6:
17:72:96:4d:d8:dd:d7:cd:7f:fe:53:1c:c2:22:4d:
dd:12:fa:9c:0c:59:b8:d8:fe:3e:1a:69:af:91:07:
dd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:49:5F:65:47:40:B3:0B:5B:76:83:5A:3C:E1:91:9B:C5:E9:69:66
X509v3 Authority Key Identifier:
keyid:53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/GElfZUdAswtbdoNaPOGRm8XpaWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8181::/32
2a06:8184::/32
2a06:8185:aa00::/40
Signature Algorithm: sha256WithRSAEncryption
85:22:7e:02:eb:13:fe:ae:33:22:5b:2c:69:44:1c:6e:ca:f2:
09:dc:11:bc:d6:35:8e:01:b1:44:e0:6d:8b:54:ad:28:23:89:
51:94:83:ca:97:35:88:99:02:fc:c9:09:b5:40:32:5e:e9:c2:
51:79:4e:7f:f5:41:39:de:da:e7:d9:75:e3:42:e9:f1:a5:93:
96:69:77:7f:5c:fa:cf:e8:2b:0e:d8:7b:ea:41:45:ef:d1:14:
1b:93:b8:d2:03:82:c5:32:a0:3b:dd:8c:27:99:43:5d:82:b8:
84:5e:16:c5:46:c3:fb:d0:b9:9a:d8:e7:7f:29:ca:dd:39:34:
25:ae:92:a5:b5:45:f1:80:f4:78:f2:f3:c2:94:8f:fa:84:07:
4c:9f:f7:09:c5:cd:46:75:bb:74:de:5e:9e:61:8f:c3:f5:42:
f2:d9:1b:81:8f:27:63:44:12:92:0d:c6:50:41:40:95:cc:a8:
d0:7c:bb:b5:2b:08:ba:51:bf:37:0b:59:0f:70:d3:75:7f:94:
0c:81:db:44:58:c7:00:ea:20:4f:d5:ba:ce:4e:b1:15:e2:0f:
31:06:39:6e:f4:aa:1c:81:38:2f:09:cb:d4:42:64:6f:f5:38:
72:0c:48:4f:25:35:e1:af:62:08:55:b3:f8:80:41:0c:1d:ce:
9f:0f:fe:6a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZhBZq4NXNueKD1dgac6SLSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjQ3YTcyNWM3NjhkNGRlNzhmYjMxYmI0MGZlMTZlYmEx
OWYyMGQwHhcNMjUwNzI1MTE0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQ5NWY2NTQ3NDBiMzBiNWI3NjgzNWEzY2UxOTE5YmM1ZTk2OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1+Q7alz1WFv4iiJKymjnLR7w0vn
CJjjsGw3f4A+xhvNL5ctT22pKwjHfGhgwVdtajGoxCBEkPTttr6TSPB2ait1GSHq
SSn7M7azwcARk7x4Ar9Ua9Fz2pTkR4Okv7+/Yy98zrQe2sGkjVqtOkbIeNcBlp/J
NqO3X0PaQdO89cd4tIZrlLprd8Pr6kY9nRynLl/F53V0JTmDiL2UN9JDrzwv9na0
Da3eBOOWr5ER0RKssURRbKsQRyIjnpNHcZCmslbfjkbpK+gXv1r43mb5VhOjbtFv
3G+5eGd/PI0QPPYXcpZN2N3XzX/+UxzCIk3dEvqcDFm42P4+GmmvkQfdzQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBhJX2VHQLMLW3aDWjzhkZvF6WlmMB8GA1UdIwQY
MBaAFFP0enJcdo1N54+zG7QP4W66GfINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMt
NTc0NzEzODQ1ZGJjLzEvR0VsZlpVZEFzd3RiZG9OYVBPR1JtOFhwYVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMtNTc0NzEzODQ1ZGJj
LzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAAjAWAwUAKgaBgQMF
ACoGgYQDBgAqBoGFqjANBgkqhkiG9w0BAQsFAAOCAQEAhSJ+AusT/q4zIlssaUQc
bsryCdwRvNY1jgGxROBti1StKCOJUZSDypc1iJkC/MkJtUAyXunCUXlOf/VBOd7a
59l140Lp8aWTlml3f1z6z+grDth76kFF79EUG5O40gOCxTKgO92MJ5lDXYK4hF4W
xUbD+9C5mtjnfynK3Tk0Ja6SpbVF8YD0ePLzwpSP+oQHTJ/3CcXNRnW7dN5enmGP
w/VC8tkbgY8nY0QSkg3GUEFAlcyo0Hy7tSsIulG/NwtZD3DTdX+UDIHbRFjHAOog
T9W6zk6xFeIPMQY5bvSqHIE4LwnL1EJkb/U4cgxITyU14a9iCFWz+IBBDB3Onw/+
ag==
-----END CERTIFICATE-----
Generated at Sat Jul 26 13:27:31 2025 by rpki-client