Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A8P5jKCvuztOzbvJYRX9eezsV1w.roa
File: A8P5jKCvuztOzbvJYRX9eezsV1w.roa (raw, json)
Hash identifier: 6KDUnRzcqw5IF022JyMIZjeKexWHRisdzSFQB0ckYcY=
Subject key identifier: 03:C3:F9:8C:A0:AF:BB:3B:4E:CD:BB:C9:61:15:FD:79:EC:EC:57:5C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019808B88DCD1EB6D157EE12F46EBE4B6829
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A8P5jKCvuztOzbvJYRX9eezsV1w.roa
Signing time: Mon 14 Jul 2025 11:36:09 +0000
ROA not before: Mon 14 Jul 2025 11:36:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213505
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:a00::/29 maxlen: 29
2a0f:1440::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a0f:9b00::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a11:1200::/29 maxlen: 29
2a11:6d40::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:b8:8d:cd:1e:b6:d1:57:ee:12:f4:6e:be:4b:68:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 14 11:36:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03c3f98ca0afbb3b4ecdbbc96115fd79ecec575c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:f7:1f:01:ee:fe:2b:1e:4b:cb:ee:be:a9:
8f:f4:c0:fd:b3:0d:d3:c1:89:5d:d0:bf:e3:35:43:
25:3a:24:58:e6:1a:e0:19:03:8f:08:ae:a6:8a:69:
72:51:f2:d4:4e:d8:d4:35:59:7e:13:3b:05:35:5f:
39:ce:10:a4:47:1f:ac:5d:d2:ea:6c:b8:89:ef:31:
9b:30:dd:fe:4d:2d:c6:33:36:5f:a1:1d:a6:c6:ad:
2a:45:7a:50:2d:df:11:16:31:e7:3a:60:38:8c:c8:
0f:e9:8f:08:73:1b:17:de:21:4d:63:3a:70:31:41:
11:ea:83:ab:58:ff:6c:f2:51:9b:f7:6c:f9:84:11:
ae:11:49:dd:13:24:f5:8d:26:11:49:80:0d:fc:a6:
bb:a6:5c:26:8f:5c:91:e9:4f:c2:23:57:9d:e8:e0:
ee:2c:c3:32:3a:6d:4f:e2:57:e2:92:9a:f9:04:a5:
4b:58:e5:82:8a:3c:14:91:83:cc:a1:4c:f6:8f:f1:
f6:a9:7d:0b:4d:e8:d2:bf:83:3a:12:71:18:fc:ff:
ce:00:d8:ed:ec:c8:4f:d4:d7:25:33:b2:41:5c:a1:
a1:a1:1a:8e:33:0d:4a:6a:c4:1b:e0:e4:52:4b:9a:
8e:c6:d7:e1:32:c2:c8:76:1a:17:12:84:34:7a:89:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C3:F9:8C:A0:AF:BB:3B:4E:CD:BB:C9:61:15:FD:79:EC:EC:57:5C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A8P5jKCvuztOzbvJYRX9eezsV1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:a00::/29
2a0f:1440::/29
2a0f:14c0::/29
2a0f:18c0::/29
2a0f:1fc0::/29
2a0f:39c0::/29
2a0f:9b00::/29
2a0f:da40::/29
2a0f:dfc0::/29
2a0f:e5c0::/29
2a0f:ee00::/29
2a11:1200::/29
2a11:6d40::/29
2a13:1940::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
cc:29:00:5f:57:1d:06:d0:57:4b:97:d5:bd:c6:5c:c4:b8:3f:
08:2c:e2:fd:7b:ac:9b:84:f0:63:6c:ae:29:03:f4:47:b8:b6:
b8:24:3d:7b:b9:85:19:be:ce:d0:c5:32:ce:1b:7b:ec:fd:56:
a4:bb:83:bd:91:58:2a:4f:92:ea:c2:74:fb:af:e2:76:ea:2b:
64:9c:95:25:37:9e:70:91:ab:46:4a:0c:f0:3c:2e:0c:bf:62:
4a:8d:2c:bb:a8:1f:dd:1b:ce:af:d8:f9:a1:9e:cb:cb:33:42:
0a:ae:77:a1:56:7c:a3:f1:81:99:d2:66:bf:f1:dd:56:07:89:
a7:f2:7a:99:b4:f1:51:90:c4:a1:de:59:e5:ee:14:40:e5:e4:
bf:0c:2c:df:96:29:6c:f4:8a:b2:c6:74:16:28:6d:23:8b:b6:
61:f9:cf:1d:fb:6d:7d:b7:ef:2c:d9:75:23:e1:40:31:80:92:
c2:0e:cd:f9:cf:28:60:c7:31:c3:37:ab:cc:44:96:8e:66:3c:
c3:2e:7b:ad:97:e4:3c:91:7d:aa:dc:a5:23:0b:18:e8:76:af:
00:13:dd:cd:c9:e9:2c:42:f9:5f:15:bb:f6:c2:11:5d:68:52:
68:e8:2a:6c:8b:6c:5f:9d:b6:15:e8:af:12:45:5a:0d:e3:cf:
91:38:81:77
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZgIuI3NHrbRV+4S9G6+S2gpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzE0MTEzNjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2MzZjk4Y2EwYWZiYjNiNGVjZGJiYzk2MTE1ZmQ3OWVjZWM1NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5H3HwHu/iseS8vuvqmP9MD9sw3T
wYld0L/jNUMlOiRY5hrgGQOPCK6mimlyUfLUTtjUNVl+EzsFNV85zhCkRx+sXdLq
bLiJ7zGbMN3+TS3GMzZfoR2mxq0qRXpQLd8RFjHnOmA4jMgP6Y8IcxsX3iFNYzpw
MUER6oOrWP9s8lGb92z5hBGuEUndEyT1jSYRSYAN/Ka7plwmj1yR6U/CI1ed6ODu
LMMyOm1P4lfikpr5BKVLWOWCijwUkYPMoUz2j/H2qX0LTejSv4M6EnEY/P/OANjt
7MhP1NclM7JBXKGhoRqOMw1KasQb4ORSS5qOxtfhMsLIdhoXEoQ0eolLwQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFAPD+Yygr7s7Ts27yWEV/Xns7FdcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQThQNWpLQ3Z1enRPemJ2SllSWDllZXpzVjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFAyoO6YAD
BQMqDwoAAwUDKg8UQAMFAyoPFMADBQMqDxjAAwUDKg8fwAMFAyoPOcADBQMqD5sA
AwUDKg/aQAMFAyoP38ADBQMqD+XAAwUDKg/uAAMFAyoREgADBQMqEW1AAwUDKhMZ
QAMFAyoT+gAwDQYJKoZIhvcNAQELBQADggEBAMwpAF9XHQbQV0uX1b3GXMS4Pwgs
4v17rJuE8GNsrikD9Ee4trgkPXu5hRm+ztDFMs4be+z9VqS7g72RWCpPkurCdPuv
4nbqK2SclSU3nnCRq0ZKDPA8Lgy/YkqNLLuoH90bzq/Y+aGey8szQgqud6FWfKPx
gZnSZr/x3VYHiafyepm08VGQxKHeWeXuFEDl5L8MLN+WKWz0irLGdBYobSOLtmH5
zx37bX237yzZdSPhQDGAksIOzfnPKGDHMcM3q8xElo5mPMMue62X5DyRfarcpSML
GOh2rwAT3c3J6SxC+V8Vu/bCEV1oUmjoKmyLbF+dthXorxJFWg3jz5E4gXc=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:25:43 2025 by rpki-client