Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xgKJuPlkmnq7RdxnhY-TKYBzYq8.roa
File: xgKJuPlkmnq7RdxnhY-TKYBzYq8.roa (raw, json)
Hash identifier: y5YcOwAM1OXd/aFQYSvj4EKxDEKXJgzCH3kYmjfvg/s=
Subject key identifier: C6:02:89:B8:F9:64:9A:7A:BB:45:DC:67:85:8F:93:29:80:73:62:AF
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0198093369CBCBA17D5FDB47F2B3AF6689B6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xgKJuPlkmnq7RdxnhY-TKYBzYq8.roa
Signing time: Mon 14 Jul 2025 13:50:21 +0000
ROA not before: Mon 14 Jul 2025 13:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204997
IP address blocks: 2a04:5200:fb01::/48 maxlen: 48
2a04:5200:fb02::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
2a0c:aa40::/32 maxlen: 32
2a0c:aa41::/32 maxlen: 32
2a0c:aa42::/32 maxlen: 32
2a0c:aa43::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:33:69:cb:cb:a1:7d:5f:db:47:f2:b3:af:66:89:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 14 13:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c60289b8f9649a7abb45dc67858f9329807362af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:41:9d:30:3d:ff:35:76:e9:9d:ee:fa:3c:
0c:00:4d:b0:41:68:10:c0:3d:6c:91:97:d5:cc:9b:
8e:ac:72:64:52:5b:68:a4:da:d7:aa:83:bc:6d:d6:
5b:27:30:ac:85:6a:bc:32:7d:48:ed:32:ed:3d:6e:
00:fb:89:0f:b6:15:36:e4:27:09:31:fb:39:9c:bf:
0d:2a:23:8a:29:d0:47:8e:ad:33:58:6d:7b:3d:5f:
3f:92:57:90:45:9b:f9:a0:77:9f:db:a2:7e:58:5d:
4a:06:de:5e:ee:9a:b2:89:55:87:d9:c7:43:2b:52:
91:b3:0a:f7:07:8c:03:2c:2d:2d:50:00:27:52:1b:
ac:c4:e2:7a:40:02:f5:de:95:db:8c:ba:5c:61:ee:
a8:83:f1:a4:b8:b4:d2:70:d1:a7:91:76:1c:56:c3:
06:b5:39:ce:5c:34:a0:24:34:eb:91:cc:89:a2:a9:
b8:f2:37:05:60:2f:87:d4:f7:98:46:b6:b8:c2:62:
19:5e:df:a0:f7:db:bf:38:2a:79:13:f5:e0:af:ea:
5a:5b:7f:3c:e0:04:bb:59:b5:cf:32:40:3b:ba:10:
ed:b4:97:89:83:f0:01:42:d3:39:25:b9:a8:2e:f4:
f8:81:a0:b2:84:fc:1a:89:71:df:db:c3:79:d9:ae:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:02:89:B8:F9:64:9A:7A:BB:45:DC:67:85:8F:93:29:80:73:62:AF
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xgKJuPlkmnq7RdxnhY-TKYBzYq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5200:fb01::-2a04:5200:fb02:ffff:ffff:ffff:ffff:ffff
2a04:5200:ff00::/48
2a04:5200:ff10::/48
2a04:5200:fff1::-2a04:5200:fff9:ffff:ffff:ffff:ffff:ffff
2a04:5200:ffff::/48
2a0c:aa40::/30
Signature Algorithm: sha256WithRSAEncryption
66:fa:20:a0:79:fc:14:75:ec:a8:ae:de:81:a5:71:78:1f:23:
f7:10:87:94:c5:99:b7:e9:84:77:bf:b5:d2:bc:1e:47:03:bf:
ca:5f:d5:c9:26:a5:a4:9f:6f:61:a7:51:27:d8:43:8e:15:76:
67:c1:fb:29:8f:67:74:5b:84:5f:d7:41:19:3a:77:0f:c6:81:
b0:8d:dc:6b:a4:c8:86:f7:ee:d6:f6:c3:8d:b0:c1:62:43:a6:
65:e5:55:41:21:16:ad:90:2e:f2:10:0e:e9:ba:03:1c:f6:69:
d7:aa:97:72:78:8c:52:77:98:e8:64:51:ab:d2:cd:1d:c1:42:
6b:7f:58:e7:98:1d:98:4e:3f:fe:43:e7:ef:4e:ae:90:5e:2e:
03:00:44:49:44:f4:23:52:91:d2:43:c2:45:2a:bf:31:fd:64:
6c:29:e2:ed:34:ea:dc:89:41:de:aa:80:eb:cd:77:a2:39:e5:
f6:8c:0d:9b:83:fe:df:b6:e6:db:e9:42:c9:56:29:2a:93:94:
36:b2:8d:d1:d6:b9:70:35:13:75:f4:11:4b:c7:bd:df:d2:5b:
89:20:a4:2a:89:ec:fb:a4:77:8c:6d:96:67:78:af:d3:09:25:
f0:67:5c:35:01:a2:69:1c:0f:21:e8:06:94:ad:19:43:5c:83:
30:7f:c7:15
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZgJM2nLy6F9X9tH8rOvZom2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzE0MTM1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAyODliOGY5NjQ5YTdhYmI0NWRjNjc4NThmOTMyOTgwNzM2MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCtBnTA9/zV26Z3u+jwMAE2wQWgQ
wD1skZfVzJuOrHJkUltopNrXqoO8bdZbJzCshWq8Mn1I7TLtPW4A+4kPthU25CcJ
Mfs5nL8NKiOKKdBHjq0zWG17PV8/kleQRZv5oHef26J+WF1KBt5e7pqyiVWH2cdD
K1KRswr3B4wDLC0tUAAnUhusxOJ6QAL13pXbjLpcYe6og/GkuLTScNGnkXYcVsMG
tTnOXDSgJDTrkcyJoqm48jcFYC+H1PeYRra4wmIZXt+g99u/OCp5E/Xgr+paW388
4AS7WbXPMkA7uhDttJeJg/ABQtM5JbmoLvT4gaCyhPwaiXHf28N52a5UYQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMYCibj5ZJp6u0XcZ4WPkymAc2KvMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveGdLSnVQbGttbnE3UmR4bmhZLVRLWUJ6WXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAAjBKMBIDBwAqBFIA
+wEDBwAqBFIA+wIDBwAqBFIA/wADBwAqBFIA/xAwEgMHACoEUgD/8QMHASoEUgD/
+AMHACoEUgD//wMFAioMqkAwDQYJKoZIhvcNAQELBQADggEBAGb6IKB5/BR17Kiu
3oGlcXgfI/cQh5TFmbfphHe/tdK8HkcDv8pf1ckmpaSfb2GnUSfYQ44VdmfB+ymP
Z3RbhF/XQRk6dw/GgbCN3GukyIb37tb2w42wwWJDpmXlVUEhFq2QLvIQDum6Axz2
adeql3J4jFJ3mOhkUavSzR3BQmt/WOeYHZhOP/5D5+9OrpBeLgMARElE9CNSkdJD
wkUqvzH9ZGwp4u006tyJQd6qgOvNd6I55faMDZuD/t+25tvpQslWKSqTlDayjdHW
uXA1E3X0EUvHvd/SW4kgpCqJ7Pukd4xtlmd4r9MJJfBnXDUBomkcDyHoBpStGUNc
gzB/xxU=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:21:37 2025 by rpki-client