Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DZkXj1lYcU6BL3E6DiRQ6SdFR04.roa
File: DZkXj1lYcU6BL3E6DiRQ6SdFR04.roa (raw, json)
Hash identifier: ovIweljHSN61Qxa5ZzgovA4BgbPaGmwCEESqYgQy+74=
Subject key identifier: 0D:99:17:8F:59:58:71:4E:81:2F:71:3A:0E:24:50:E9:27:45:47:4E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019817B971761ABA9BA2443F1692356A021A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DZkXj1lYcU6BL3E6DiRQ6SdFR04.roa
Signing time: Thu 17 Jul 2025 09:31:25 +0000
ROA not before: Thu 17 Jul 2025 09:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214216
IP address blocks: 2a0f:2300::/29 maxlen: 29
2a0f:e240::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a11:7a40::/29 maxlen: 29
2a11:cb40::/29 maxlen: 29
2a12:eb40::/29 maxlen: 29
2a13:600::/29 maxlen: 29
2a13:7b00::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 19:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:b9:71:76:1a:ba:9b:a2:44:3f:16:92:35:6a:02:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 17 09:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d99178f5958714e812f713a0e2450e92745474e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:73:ea:cd:c8:fa:83:68:13:8a:72:55:24:6a:
a0:a7:27:af:75:87:d0:02:1a:3e:4b:4d:96:8e:be:
fd:9c:b6:6b:e8:43:63:56:90:be:14:10:b1:97:d9:
ad:5d:bd:ed:88:b2:8f:ab:f6:d7:b1:ce:9d:29:fc:
f4:99:98:93:fe:c6:e9:64:5c:cc:bc:0b:25:2d:0e:
22:65:55:69:da:37:ab:3d:8b:3c:61:4d:96:61:1a:
2c:bc:5a:68:a8:f2:48:5b:b8:00:df:f1:99:8e:e5:
77:da:e6:49:ba:b3:c6:2c:17:7d:f9:77:a2:ad:63:
13:d7:09:f8:71:e1:59:be:ce:e5:d0:8d:8f:78:4d:
c0:1b:f0:c7:59:90:40:81:b9:c1:8f:58:55:69:2c:
e7:e2:f2:9e:1d:8c:b9:0d:bc:b0:98:43:56:a5:e4:
b9:35:d5:0f:41:98:99:0a:62:8a:80:03:39:93:ed:
11:84:40:7d:5e:67:5b:9c:90:da:2a:39:1a:2a:27:
a9:b2:58:a1:7e:15:6a:36:04:d0:91:33:52:01:bf:
42:a0:cf:08:83:0f:6b:73:38:5b:19:c6:23:bc:56:
3f:4a:82:d4:e4:52:25:4f:ab:20:10:d4:28:31:0f:
74:86:f2:56:7a:bd:d3:29:77:67:78:45:4f:e6:70:
c1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:99:17:8F:59:58:71:4E:81:2F:71:3A:0E:24:50:E9:27:45:47:4E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DZkXj1lYcU6BL3E6DiRQ6SdFR04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2300::/29
2a0f:e240::/29
2a0f:e540::/29
2a11:7a40::/29
2a11:cb40::/29
2a12:eb40::/29
2a13:600::/29
2a13:7b00::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
6f:a7:05:1e:f0:98:16:a8:43:63:c2:18:8e:9e:48:27:c6:9f:
57:4e:2e:e9:cc:ef:c4:34:5d:f0:b3:2a:4c:66:b2:2c:61:93:
8a:4d:92:a5:04:ae:b3:12:bc:af:01:90:f8:93:cb:8c:bb:b5:
ce:88:07:83:2f:7c:cc:10:ca:a8:59:36:f0:f4:bd:1f:d9:4b:
bd:cf:08:5e:1f:96:13:ff:e1:74:da:2a:1d:0e:95:28:8d:7a:
a4:3a:15:e3:a3:21:14:21:81:35:b3:69:92:42:fc:aa:32:8f:
9d:c5:2b:57:e4:d0:55:70:6d:d5:c8:f2:a2:10:af:cd:2d:94:
77:0a:f5:07:6c:d9:73:ef:41:e7:01:60:3d:07:06:ea:12:f5:
4f:b9:ac:f3:ab:47:7d:a6:7f:bf:00:dd:81:f9:d9:f8:ad:53:
6f:e2:9c:12:a7:92:b0:48:a4:5b:33:9e:c2:0c:68:1c:0f:c8:
3d:f1:05:09:1b:77:13:92:f9:61:46:b3:a7:f6:91:e4:02:83:
f1:21:8e:78:79:ea:17:af:40:69:05:1d:23:2f:47:51:b4:79:
d2:99:26:3e:e4:e4:71:0a:e6:fb:21:97:32:9a:8e:3a:09:f5:
63:0b:11:b5:9f:52:b7:b9:1c:4d:a3:ce:cf:e4:c2:d8:23:c5:
d8:12:ab:19
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZgXuXF2GrqbokQ/FpI1agIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzE3MDkzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk5MTc4ZjU5NTg3MTRlODEyZjcxM2EwZTI0NTBlOTI3NDU0NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XPqzcj6g2gTinJVJGqgpyevdYfQ
Aho+S02Wjr79nLZr6ENjVpC+FBCxl9mtXb3tiLKPq/bXsc6dKfz0mZiT/sbpZFzM
vAslLQ4iZVVp2jerPYs8YU2WYRosvFpoqPJIW7gA3/GZjuV32uZJurPGLBd9+Xei
rWMT1wn4ceFZvs7l0I2PeE3AG/DHWZBAgbnBj1hVaSzn4vKeHYy5DbywmENWpeS5
NdUPQZiZCmKKgAM5k+0RhEB9XmdbnJDaKjkaKiepslihfhVqNgTQkTNSAb9CoM8I
gw9rczhbGcYjvFY/SoLU5FIlT6sgENQoMQ90hvJWer3TKXdneEVP5nDBIQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA2ZF49ZWHFOgS9xOg4kUOknRUdOMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRFprWGoxbFljVTZCTDNFNkRpUlE2U2RGUjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKg8jAAMF
AyoP4kADBQMqD+VAAwUDKhF6QAMFAyoRy0ADBQMqEutAAwUDKhMGAAMFAyoTewAD
BQMqE9MAMA0GCSqGSIb3DQEBCwUAA4IBAQBvpwUe8JgWqENjwhiOnkgnxp9XTi7p
zO/ENF3wsypMZrIsYZOKTZKlBK6zEryvAZD4k8uMu7XOiAeDL3zMEMqoWTbw9L0f
2Uu9zwheH5YT/+F02iodDpUojXqkOhXjoyEUIYE1s2mSQvyqMo+dxStX5NBVcG3V
yPKiEK/NLZR3CvUHbNlz70HnAWA9BwbqEvVPuazzq0d9pn+/AN2B+dn4rVNv4pwS
p5KwSKRbM57CDGgcD8g98QUJG3cTkvlhRrOn9pHkAoPxIY54eeoXr0BpBR0jL0dR
tHnSmSY+5ORxCub7IZcymo46CfVjCxG1n1K3uRxNo87P5MLYI8XYEqsZ
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:57:08 2025 by rpki-client