Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/pRye5eqLUksVPuUZx91Y2vaOkkM.roa
File: pRye5eqLUksVPuUZx91Y2vaOkkM.roa (raw, json)
Hash identifier: 6QiYJkQwjGWsLpUNXSldw1J4oS9fe/Fcl9YTyZlDSmM=
Subject key identifier: A5:1C:9E:E5:EA:8B:52:4B:15:3E:E5:19:C7:DD:58:DA:F6:8E:92:43
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0197C704FED6E16C312A0CCDBAA72DA9CAAF
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/pRye5eqLUksVPuUZx91Y2vaOkkM.roa
Signing time: Tue 01 Jul 2025 17:24:42 +0000
ROA not before: Tue 01 Jul 2025 17:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205659
IP address blocks: 2a06:fe46::/32 maxlen: 32
2a10:eac0::/29 maxlen: 29
2a11:5280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:04:fe:d6:e1:6c:31:2a:0c:cd:ba:a7:2d:a9:ca:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jul 1 17:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a51c9ee5ea8b524b153ee519c7dd58daf68e9243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f2:a5:32:2f:21:81:d4:1e:9e:d7:6b:d2:f5:
db:45:20:26:73:78:9e:65:16:c6:71:48:95:64:6c:
f1:93:6f:4f:39:5f:37:05:01:bf:4b:bd:55:e2:c1:
4b:53:52:8c:48:75:3a:14:8e:ee:35:b9:7c:df:4e:
47:56:39:62:7f:bf:2d:e6:6a:93:c0:f2:b9:57:00:
13:9f:16:73:da:71:fe:37:17:00:24:18:78:f3:94:
ee:42:f7:93:ed:0b:fa:b5:5b:e9:5f:b8:a1:6d:44:
db:a6:c0:3e:3b:b7:ce:e9:68:04:1f:33:91:c5:44:
61:ff:3a:d7:f6:66:3e:a9:e6:f6:c1:59:59:f3:55:
3d:b7:40:e6:a6:63:05:e4:46:56:8a:9f:04:54:a7:
05:07:b6:84:f4:4b:fe:00:d2:5d:e6:99:a2:25:d4:
3f:2d:85:da:72:ff:0f:f7:be:23:f7:84:47:fb:20:
42:45:be:0a:36:4a:c8:9d:b2:fa:29:00:10:d0:f9:
90:d5:58:44:a7:28:fc:81:b7:3e:98:75:2e:06:29:
47:5b:19:e3:99:18:07:35:60:f9:91:86:27:ba:db:
c9:b0:3d:32:a5:f1:a1:9c:ba:8c:d1:e8:15:2a:6e:
9d:b8:6a:ad:c4:f2:38:9d:da:df:1e:ff:f6:a3:19:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1C:9E:E5:EA:8B:52:4B:15:3E:E5:19:C7:DD:58:DA:F6:8E:92:43
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/pRye5eqLUksVPuUZx91Y2vaOkkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:fe46::/32
2a10:eac0::/29
2a11:5280::/29
Signature Algorithm: sha256WithRSAEncryption
52:2a:d7:5b:3c:6c:e9:23:3d:56:88:25:cf:e4:4c:d6:bf:1d:
b1:07:9a:45:76:36:cc:f2:6a:52:e4:1f:ae:d1:41:9d:a6:6f:
b8:b4:45:2c:3f:8f:4d:e3:c4:62:d9:5a:1e:fc:0c:0d:ae:73:
ef:ac:11:bd:62:41:af:20:7f:aa:f7:8c:48:cf:d6:bb:48:04:
d1:cd:ca:45:74:f6:b5:55:46:d7:2a:eb:0e:84:8e:21:7a:d4:
6f:b5:da:4f:6a:c8:41:e1:53:de:ef:d4:ac:00:b6:3f:c6:7c:
df:ee:77:37:20:f4:bb:32:b3:b3:34:07:23:fd:05:55:9f:98:
ea:8f:2a:ff:a1:9c:be:78:72:77:ef:2c:04:bb:04:55:8c:8b:
4d:41:4f:bd:a6:40:5c:f8:63:be:ba:35:e1:f5:bf:c5:16:6b:
91:36:5a:54:78:c9:a4:09:14:67:5e:84:eb:5b:71:aa:89:ef:
2f:56:e2:13:47:f4:6c:ec:f9:3a:55:80:c8:52:58:3b:dc:ef:
92:8b:4b:55:c9:fe:98:61:4a:d1:d9:2e:f4:3d:19:b0:2c:ea:
54:a9:f7:ad:85:d6:1d:39:ca:75:86:9a:74:09:94:c0:3f:65:
ef:91:26:68:d8:46:9b:4f:c2:81:68:a7:c2:3f:f6:cf:b8:0a:
14:1c:36:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfHBP7W4WwxKgzNuqctqcqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNzAxMTcyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFjOWVlNWVhOGI1MjRiMTUzZWU1MTljN2RkNThkYWY2OGU5MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvKlMi8hgdQentdr0vXbRSAmc3ie
ZRbGcUiVZGzxk29POV83BQG/S71V4sFLU1KMSHU6FI7uNbl8305HVjlif78t5mqT
wPK5VwATnxZz2nH+NxcAJBh485TuQveT7Qv6tVvpX7ihbUTbpsA+O7fO6WgEHzOR
xURh/zrX9mY+qeb2wVlZ81U9t0DmpmMF5EZWip8EVKcFB7aE9Ev+ANJd5pmiJdQ/
LYXacv8P974j94RH+yBCRb4KNkrInbL6KQAQ0PmQ1VhEpyj8gbc+mHUuBilHWxnj
mRgHNWD5kYYnutvJsD0ypfGhnLqM0egVKm6duGqtxPI4ndrfHv/2oxmJRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUcnuXqi1JLFT7lGcfdWNr2jpJDMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvcFJ5ZTVlcUxVa3NWUHVVWng5MVkydmFPa2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgb+RgMF
AyoQ6sADBQMqEVKAMA0GCSqGSIb3DQEBCwUAA4IBAQBSKtdbPGzpIz1WiCXP5EzW
vx2xB5pFdjbM8mpS5B+u0UGdpm+4tEUsP49N48Ri2Voe/AwNrnPvrBG9YkGvIH+q
94xIz9a7SATRzcpFdPa1VUbXKusOhI4hetRvtdpPashB4VPe79SsALY/xnzf7nc3
IPS7MrOzNAcj/QVVn5jqjyr/oZy+eHJ37ywEuwRVjItNQU+9pkBc+GO+ujXh9b/F
FmuRNlpUeMmkCRRnXoTrW3Gqie8vVuITR/Rs7Pk6VYDIUlg73O+Si0tVyf6YYUrR
2S70PRmwLOpUqfethdYdOcp1hpp0CZTAP2XvkSZo2EabT8KBaKfCP/bPuAoUHDYG
-----END CERTIFICATE-----
Generated at Mon Jul 21 09:04:04 2025 by rpki-client