Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5mYnKKfWKCEJzhAgzf_rIlwXjs8.roa
File: 5mYnKKfWKCEJzhAgzf_rIlwXjs8.roa (raw, json)
Hash identifier: 1N2iBQqwvwuda7VBiJr/c3zZYth4PZ5NiBAHBtQtCDk=
Subject key identifier: E6:66:27:28:A7:D6:28:21:09:CE:10:20:CD:FF:EB:22:5C:17:8E:CF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019808AD8F0060F848052083AE7FF3D8A8A6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5mYnKKfWKCEJzhAgzf_rIlwXjs8.roa
Signing time: Mon 14 Jul 2025 11:24:08 +0000
ROA not before: Mon 14 Jul 2025 11:24:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 2a07:a300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a10:34c0::/29 maxlen: 29
2a11:1c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:ad:8f:00:60:f8:48:05:20:83:ae:7f:f3:d8:a8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 14 11:24:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6662728a7d6282109ce1020cdffeb225c178ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:03:b4:06:41:06:cf:91:2f:e2:10:59:b4:
87:af:70:f4:96:03:62:66:92:ce:75:5a:53:f7:21:
95:cc:2d:bb:1e:37:f1:e6:6d:ba:02:9a:e6:1f:69:
f6:b6:a8:81:d6:cd:66:df:74:c5:ae:4a:6b:ac:90:
f2:18:2d:7c:81:e0:94:44:45:38:84:ae:7c:08:d3:
97:74:25:6a:b3:25:1f:f5:d8:9a:d8:e8:66:0b:d5:
e8:2c:a6:f0:fa:81:b5:ac:53:1b:11:61:f1:57:82:
63:1c:fb:98:a5:17:d9:10:4f:0c:f3:9c:32:ee:60:
d3:fa:ac:da:08:99:61:44:54:48:0f:66:ea:d3:d3:
ff:19:d9:53:31:2f:34:78:ac:14:e0:68:07:b5:99:
66:af:c7:b9:27:02:0b:fa:66:b2:08:5e:e3:c0:f7:
d5:5e:c3:f0:00:56:34:3b:cc:9a:c0:e2:e6:07:96:
39:fd:8c:7e:ba:fa:64:b1:9c:e8:5c:4b:bd:f7:8e:
90:e5:3b:ed:88:a3:94:a9:ce:5d:c6:3a:b8:9c:a6:
5a:27:d7:32:64:77:98:67:55:1a:00:1b:fd:cb:99:
56:6d:c9:13:1e:d3:48:4b:6a:bb:81:fe:c3:ef:8c:
3f:49:99:a5:f4:06:1a:29:c4:4d:92:a4:de:0d:f0:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:66:27:28:A7:D6:28:21:09:CE:10:20:CD:FF:EB:22:5C:17:8E:CF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5mYnKKfWKCEJzhAgzf_rIlwXjs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:a300::/29
2a0f:8100::/29
2a10:34c0::/29
2a11:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
75:6e:3d:92:6e:6e:32:f7:d3:a1:1c:0b:23:86:f1:99:4f:aa:
7c:eb:7c:11:1a:fa:80:40:76:2c:68:8a:65:3d:33:07:22:06:
de:96:e4:bc:65:ed:d7:5c:fe:dd:8a:51:00:17:c2:0c:31:a7:
e1:c2:a5:e2:de:37:e3:7d:3c:e9:1f:80:37:a1:93:d8:38:29:
ec:22:8d:c0:d2:c6:29:4a:80:b1:59:16:38:bb:3c:fd:98:18:
f1:01:a2:d1:d0:4f:dd:5f:8b:23:6b:5a:36:f6:15:a1:84:56:
d2:8c:42:a9:0f:db:ba:56:09:06:ae:8a:65:8c:d1:69:41:41:
b6:3a:04:17:59:90:13:06:b6:59:2a:e5:86:f8:c9:5b:89:41:
64:50:98:8a:63:36:2d:29:d1:bf:9d:65:23:e2:0e:cb:15:80:
e8:17:ac:af:60:2a:aa:d7:fc:98:09:9b:44:8a:36:02:3e:d3:
6a:c1:be:27:bd:b7:d5:0c:af:50:6a:a9:be:2f:76:6f:21:94:
34:91:77:5f:3e:53:6f:cb:3f:da:e1:0b:b5:c1:b6:58:f8:a3:
d8:e5:db:be:ae:c7:fc:ee:11:33:7b:af:62:2f:02:fc:cb:a2:
51:4e:f8:4a:d2:21:f3:25:ef:44:20:b3:f8:c3:0e:c7:1b:87:
81:79:39:b9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZgIrY8AYPhIBSCDrn/z2KimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzE0MTEyNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY2MjcyOGE3ZDYyODIxMDljZTEwMjBjZGZmZWIyMjVjMTc4ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXgDtAZBBs+RL+IQWbSHr3D0lgNi
ZpLOdVpT9yGVzC27Hjfx5m26AprmH2n2tqiB1s1m33TFrkprrJDyGC18geCUREU4
hK58CNOXdCVqsyUf9dia2OhmC9XoLKbw+oG1rFMbEWHxV4JjHPuYpRfZEE8M85wy
7mDT+qzaCJlhRFRID2bq09P/GdlTMS80eKwU4GgHtZlmr8e5JwIL+mayCF7jwPfV
XsPwAFY0O8yawOLmB5Y5/Yx+uvpksZzoXEu9946Q5TvtiKOUqc5dxjq4nKZaJ9cy
ZHeYZ1UaABv9y5lWbckTHtNIS2q7gf7D74w/SZml9AYaKcRNkqTeDfBaVwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOZmJyin1ighCc4QIM3/6yJcF47PMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNW1ZbktLZldLQ0VKemhBZ3pmX3JJbHdYanM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgejAAMF
AyoPgQADBQMqEDTAAwUDKhEcQDANBgkqhkiG9w0BAQsFAAOCAQEAdW49km5uMvfT
oRwLI4bxmU+qfOt8ERr6gEB2LGiKZT0zByIG3pbkvGXt11z+3YpRABfCDDGn4cKl
4t4343086R+AN6GT2Dgp7CKNwNLGKUqAsVkWOLs8/ZgY8QGi0dBP3V+LI2taNvYV
oYRW0oxCqQ/bulYJBq6KZYzRaUFBtjoEF1mQEwa2WSrlhvjJW4lBZFCYimM2LSnR
v51lI+IOyxWA6Besr2Aqqtf8mAmbRIo2Aj7TasG+J7231QyvUGqpvi92byGUNJF3
Xz5Tb8s/2uELtcG2WPij2OXbvq7H/O4RM3uvYi8C/MuiUU74StIh8yXvRCCz+MMO
xxuHgXk5uQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:28:52 2025 by rpki-client