Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Sp2CFaWsgCWExm5X50N0sk3BA4.roa
File: 8Sp2CFaWsgCWExm5X50N0sk3BA4.roa (raw, json)
Hash identifier: 24OxlyvFDgfPE4yDrKTcMJtL+4cSH6yULnGrmut3/5I=
Subject key identifier: F1:2A:76:08:56:96:B2:00:96:13:19:B9:5F:9D:0D:D2:C9:37:04:0E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198368A9F0D8D3564FDAA83586995950419
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Sp2CFaWsgCWExm5X50N0sk3BA4.roa
Signing time: Wed 23 Jul 2025 09:08:30 +0000
ROA not before: Wed 23 Jul 2025 09:08:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2a0f:bc03::/32 maxlen: 32
2a0f:bc05::/32 maxlen: 32
2a0f:bc06::/32 maxlen: 32
2a0f:bc07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:8a:9f:0d:8d:35:64:fd:aa:83:58:69:95:95:04:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 23 09:08:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f12a76085696b200961319b95f9d0dd2c937040e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0b:ad:95:d6:ea:d9:a2:9d:76:fe:51:ea:71:
7b:80:61:07:76:0a:39:0a:68:d4:f9:32:50:7e:22:
88:60:12:a7:a5:65:a7:07:17:01:9f:d4:0d:8d:cb:
d1:4d:d8:f2:f2:a0:87:68:8e:79:44:95:cd:f0:55:
9c:d0:ea:5f:3e:4a:54:da:9f:46:72:2c:3e:f7:68:
66:b9:8e:29:ec:5b:7e:b7:bb:ea:7c:78:51:6e:53:
3b:d5:a4:ee:5c:68:ae:ec:58:a6:bb:16:93:db:6c:
73:ee:cc:c5:8d:4e:63:a1:9c:30:c9:e2:a5:6b:ff:
4d:02:61:b6:40:9a:22:4a:58:d6:4a:75:6c:fb:e3:
ed:d6:f6:95:bf:bc:e2:09:62:f1:b9:2b:13:49:30:
61:c5:a3:72:01:30:42:a5:db:2d:9a:19:88:ed:62:
63:15:8c:d1:39:48:ce:07:09:53:b6:e0:b6:f8:91:
60:0b:a6:ad:16:22:63:ca:ac:98:e8:25:25:19:90:
87:82:15:b4:ff:51:90:20:2c:05:05:67:b6:68:f8:
d9:c6:aa:ae:a8:fd:e3:dc:9d:d6:7d:a0:9d:6f:4a:
84:34:17:4a:63:3d:68:da:e6:cb:3d:42:ea:54:d8:
ed:60:94:86:15:52:6d:f5:f8:87:fc:8d:1f:f4:5d:
63:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2A:76:08:56:96:B2:00:96:13:19:B9:5F:9D:0D:D2:C9:37:04:0E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Sp2CFaWsgCWExm5X50N0sk3BA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bc03::/32
2a0f:bc05::-2a0f:bc07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:3b:f7:af:13:02:c5:ec:51:68:99:88:23:92:10:83:ea:43:
64:fa:ca:1e:84:1a:7b:14:20:cf:6a:90:48:9a:4d:ed:9e:19:
e6:3e:6f:9f:a4:0f:fa:4f:05:ed:9e:f7:04:bc:54:d3:50:fd:
94:06:8f:29:82:f9:d8:2f:fe:dd:a9:d0:6c:92:f0:d7:89:6f:
69:3f:5f:f7:6f:2d:01:ca:40:81:6b:48:de:13:1f:6d:47:b4:
11:91:b7:68:75:32:c3:16:be:61:cd:1a:c4:49:cd:23:c7:de:
00:b7:7e:a7:eb:17:bc:8a:50:83:c9:9e:53:5a:84:1d:fe:ea:
02:9e:8b:9c:7c:8d:11:ac:ad:54:77:c5:d5:d0:4f:f7:1f:8d:
c2:e8:ed:ff:37:66:d3:38:ef:de:7b:a9:df:be:e8:35:ed:ce:
2f:fa:77:3f:98:6e:fe:2a:d5:b5:0e:e0:9b:d1:9b:9c:53:e1:
df:62:13:15:7a:8d:f3:4d:14:02:bb:ec:d1:49:ce:13:d0:e4:
a9:36:69:b9:e8:92:d4:87:32:22:52:4b:4b:3b:51:35:a1:92:
2a:e9:c3:04:51:bb:83:2e:6d:8e:7d:5e:92:ef:de:82:f7:07:
2e:6c:1d:fe:fa:7b:b6:36:15:bd:38:e7:e8:7c:9b:2f:21:7a:
79:d7:5e:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZg2ip8NjTVk/aqDWGmVlQQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzIzMDkwODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJhNzYwODU2OTZiMjAwOTYxMzE5Yjk1ZjlkMGRkMmM5MzcwNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAutldbq2aKddv5R6nF7gGEHdgo5
CmjU+TJQfiKIYBKnpWWnBxcBn9QNjcvRTdjy8qCHaI55RJXN8FWc0OpfPkpU2p9G
ciw+92hmuY4p7Ft+t7vqfHhRblM71aTuXGiu7FimuxaT22xz7szFjU5joZwwyeKl
a/9NAmG2QJoiSljWSnVs++Pt1vaVv7ziCWLxuSsTSTBhxaNyATBCpdstmhmI7WJj
FYzROUjOBwlTtuC2+JFgC6atFiJjyqyY6CUlGZCHghW0/1GQICwFBWe2aPjZxqqu
qP3j3J3WfaCdb0qENBdKYz1o2ubLPULqVNjtYJSGFVJt9fiH/I0f9F1jVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPEqdghWlrIAlhMZuV+dDdLJNwQOMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOFNwMkNGYVdzZ0NXRXhtNVg1ME4wc2szQkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg+8AzAO
AwUAKg+8BQMFAyoPvAAwDQYJKoZIhvcNAQELBQADggEBABg7968TAsXsUWiZiCOS
EIPqQ2T6yh6EGnsUIM9qkEiaTe2eGeY+b5+kD/pPBe2e9wS8VNNQ/ZQGjymC+dgv
/t2p0GyS8NeJb2k/X/dvLQHKQIFrSN4TH21HtBGRt2h1MsMWvmHNGsRJzSPH3gC3
fqfrF7yKUIPJnlNahB3+6gKei5x8jRGsrVR3xdXQT/cfjcLo7f83ZtM47957qd++
6DXtzi/6dz+Ybv4q1bUO4JvRm5xT4d9iExV6jfNNFAK77NFJzhPQ5Kk2abnoktSH
MiJSS0s7UTWhkirpwwRRu4MubY59XpLv3oL3By5sHf76e7Y2Fb045+h8my8hennX
Xtw=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:21:46 2025 by rpki-client