Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8nBfRkcGOZgVRhQgfyHY5PQcVGA.roa
File: 8nBfRkcGOZgVRhQgfyHY5PQcVGA.roa (raw, json)
Hash identifier: hg+JGe3n/qG0ukFkMsYImquG2K22IL+00JxIg80AHyQ=
Subject key identifier: F2:70:5F:46:47:06:39:98:15:46:14:20:7F:21:D8:E4:F4:1C:54:60
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01980933686AB6E441924588A1A69449E20D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8nBfRkcGOZgVRhQgfyHY5PQcVGA.roa
Signing time: Mon 14 Jul 2025 13:50:20 +0000
ROA not before: Mon 14 Jul 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50113
IP address blocks: 2a04:5200::/29 maxlen: 29
2a04:5200::/32 maxlen: 32
2a04:5200::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a04:5200:a::/48 maxlen: 48
2a04:5200:fb01::/48 maxlen: 48
2a04:5200:fb02::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:33:68:6a:b6:e4:41:92:45:88:a1:a6:94:49:e2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 14 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2705f4647063998154614207f21d8e4f41c5460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:1a:63:13:ef:0d:ea:aa:09:74:64:11:4d:
bc:00:eb:3b:8c:77:f4:73:4e:c5:fa:0d:aa:c5:c3:
04:57:20:85:d4:4c:26:cd:1c:63:44:ac:12:b4:36:
0a:53:76:2d:af:3c:0d:40:40:84:34:4e:00:9d:f8:
0d:a6:84:38:11:9a:d2:fe:1c:30:99:55:f5:cc:7c:
cd:cc:7c:a2:e0:15:95:5e:b7:6f:f6:17:4d:7c:e7:
aa:ec:0f:19:3e:3f:98:c5:21:15:d1:0b:71:9e:c1:
48:78:58:15:f4:38:72:c2:19:18:af:e7:40:b5:34:
0a:73:0e:ee:87:ce:fe:23:12:a3:ca:4c:a4:b0:12:
5b:9e:b7:60:d7:7b:30:38:e4:be:24:9e:39:76:28:
72:1d:73:83:a7:24:82:05:4e:9e:39:bc:dc:de:58:
a8:83:87:05:5c:2a:85:3e:b5:a3:ce:ba:8a:18:56:
63:1b:7a:d7:f9:8d:b4:f7:14:e7:d7:55:ee:79:5a:
79:d9:32:93:d1:41:1c:5c:a7:e4:eb:4a:3a:b3:1c:
a9:e5:37:c5:af:33:02:59:c7:f7:f6:9b:ee:ce:d7:
62:0d:06:0c:99:ee:5c:38:c7:a2:1d:2b:a2:20:d5:
a7:43:da:1d:63:b4:4d:be:fd:f1:66:bc:9a:73:de:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:70:5F:46:47:06:39:98:15:46:14:20:7F:21:D8:E4:F4:1C:54:60
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8nBfRkcGOZgVRhQgfyHY5PQcVGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5200::/29
2a09:5303::/32
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
3f:a3:ff:99:55:bd:b4:20:97:5a:c0:3e:2f:27:ad:6e:8c:4a:
0b:72:20:02:3c:dc:84:d9:27:1d:79:0d:80:b2:2f:ce:3e:b0:
52:eb:9a:b8:a7:11:50:a9:f7:36:33:98:45:6c:50:32:08:7f:
a3:d2:a0:79:da:e0:5d:8e:bc:23:6d:9e:c8:6d:a0:e9:fd:ea:
8b:a9:91:5d:20:5f:fe:ab:eb:37:42:e9:0c:6e:6c:5c:75:f3:
36:58:15:dd:d6:e9:3d:0b:ea:a2:40:fa:a0:ac:7a:56:90:6d:
74:25:1c:1d:5f:98:59:8c:cd:6d:35:ad:02:c9:f7:a4:41:5a:
1d:b7:b0:2d:73:64:59:fa:15:bd:05:51:ac:0f:54:0f:6d:3c:
0d:29:e4:e7:1c:c1:b1:00:5c:71:1f:98:f6:1c:9d:1d:11:c3:
37:9c:6d:e1:c8:cb:fb:15:4c:46:d3:af:b0:3a:47:5e:0f:6d:
66:36:78:2d:6b:ab:02:0a:c7:35:9c:93:54:22:74:99:8d:69:
cd:1b:54:b6:6d:d8:25:24:fa:92:46:49:57:ee:29:59:d2:b8:
0d:6f:dd:11:34:24:0f:c0:69:9e:ff:8c:a0:37:8f:64:cc:41:
25:83:52:e5:5e:fc:39:a8:b9:45:b3:4d:91:0b:93:2b:6f:ca:
c4:61:19:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgJM2hqtuRBkkWIoaaUSeINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzE0MTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjcwNWY0NjQ3MDYzOTk4MTU0NjE0MjA3ZjIxZDhlNGY0MWM1NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweQaYxPvDeqqCXRkEU28AOs7jHf0
c07F+g2qxcMEVyCF1EwmzRxjRKwStDYKU3YtrzwNQECENE4AnfgNpoQ4EZrS/hww
mVX1zHzNzHyi4BWVXrdv9hdNfOeq7A8ZPj+YxSEV0QtxnsFIeFgV9DhywhkYr+dA
tTQKcw7uh87+IxKjykyksBJbnrdg13swOOS+JJ45dihyHXODpySCBU6eObzc3lio
g4cFXCqFPrWjzrqKGFZjG3rX+Y209xTn11XueVp52TKT0UEcXKfk60o6sxyp5TfF
rzMCWcf39pvuztdiDQYMme5cOMeiHSuiINWnQ9odY7RNvv3xZryac95+hwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPJwX0ZHBjmYFUYUIH8h2OT0HFRgMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvOG5CZlJrY0dPWmdWUmhRZ2Z5SFk1UFFjVkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgRSAAMF
ACoJUwMDBQAqCpMAMA0GCSqGSIb3DQEBCwUAA4IBAQA/o/+ZVb20IJdawD4vJ61u
jEoLciACPNyE2ScdeQ2Asi/OPrBS65q4pxFQqfc2M5hFbFAyCH+j0qB52uBdjrwj
bZ7IbaDp/eqLqZFdIF/+q+s3QukMbmxcdfM2WBXd1uk9C+qiQPqgrHpWkG10JRwd
X5hZjM1tNa0CyfekQVodt7Atc2RZ+hW9BVGsD1QPbTwNKeTnHMGxAFxxH5j2HJ0d
EcM3nG3hyMv7FUxG06+wOkdeD21mNngta6sCCsc1nJNUInSZjWnNG1S2bdglJPqS
RklX7ilZ0rgNb90RNCQPwGme/4ygN49kzEElg1LlXvw5qLlFs02RC5Mrb8rEYRlz
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:13:26 2025 by rpki-client