Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/Gzw1ArufvsV7lun_0Q-rUPOXBGM.roa
File: Gzw1ArufvsV7lun_0Q-rUPOXBGM.roa (raw, json)
Hash identifier: t/o+neptKVKiKxJpFxuQvJ/wrQhsyyO3eWWynGJs2d0=
Subject key identifier: 1B:3C:35:02:BB:9F:BE:C5:7B:96:E9:FF:D1:0F:AB:50:F3:97:04:63
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 01980F4B4868A89159BCC087AC75EB5113A9
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/Gzw1ArufvsV7lun_0Q-rUPOXBGM.roa
Signing time: Tue 15 Jul 2025 18:14:08 +0000
ROA not before: Tue 15 Jul 2025 18:14:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a14:ae00:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0f:4b:48:68:a8:91:59:bc:c0:87:ac:75:eb:51:13:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: Jul 15 18:14:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b3c3502bb9fbec57b96e9ffd10fab50f3970463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:6d:e1:ac:e4:fe:e0:82:6d:ad:ae:a3:39:
bd:b7:e1:76:b3:01:35:3d:93:dc:50:dd:80:a8:06:
e6:7d:96:c7:03:8d:fd:3a:cf:8f:f4:6b:e1:e5:7d:
f5:79:81:1b:34:26:a2:62:aa:3f:47:e4:b2:90:c9:
36:c7:d4:6d:1a:0d:79:fa:83:5e:e9:ce:cd:a2:7f:
f5:5a:95:09:ba:aa:36:32:a2:ef:b7:34:8b:d9:61:
4e:bc:ff:c7:22:37:38:26:1c:28:38:05:01:b8:bc:
28:ae:c6:22:2e:55:44:c4:a9:3a:be:41:1e:aa:de:
97:02:e7:d2:49:16:04:37:aa:b7:67:3d:8f:25:ae:
0e:dd:6d:74:bc:2c:8e:88:1f:55:f2:f0:45:c5:50:
d6:82:ae:e0:13:c9:a0:cf:28:5f:ce:ec:a6:51:8f:
e5:d0:a7:7a:67:30:99:ca:d7:d3:a4:20:d1:bf:2f:
f0:bc:e8:28:34:cf:4f:11:23:dd:2b:10:02:a3:49:
ca:c9:7d:21:2e:26:77:88:a2:26:08:8b:18:27:ba:
c4:ac:25:29:8b:17:d8:18:b5:01:5d:24:bf:44:d7:
1a:f9:80:43:05:a2:2e:7e:62:6b:ab:29:9e:3b:60:
1a:e8:8c:18:60:66:73:d7:43:64:cc:83:73:f0:9b:
91:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3C:35:02:BB:9F:BE:C5:7B:96:E9:FF:D1:0F:AB:50:F3:97:04:63
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/Gzw1ArufvsV7lun_0Q-rUPOXBGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ae00:10::/44
Signature Algorithm: sha256WithRSAEncryption
05:76:62:1c:aa:f9:93:4c:76:35:59:cf:62:f1:e8:ed:f1:e0:
b7:d2:35:68:9f:38:01:8b:e4:3c:ca:88:bf:50:73:3e:b2:8e:
1b:4a:b7:e1:d5:7e:dd:f0:c8:b6:90:43:78:6b:60:f9:35:36:
5b:5d:8c:d6:c5:f6:33:1d:3b:15:43:8a:ad:7c:68:f8:32:b1:
fa:e2:af:7d:66:26:a1:5a:7b:f0:77:c4:c7:5e:d1:e0:aa:a4:
f8:92:70:e7:12:17:ec:de:4f:d7:f5:8d:bb:28:65:3a:f9:5a:
7a:c9:78:2e:e5:56:15:de:0a:3f:bb:86:27:30:07:9e:04:80:
40:9a:d1:89:39:15:03:ed:50:8c:48:10:e9:b7:2c:f2:10:b4:
a7:97:55:4b:6c:7a:6c:0b:7b:fa:55:db:ac:5d:60:ed:f9:b9:
1e:ef:03:e7:f2:f1:41:c1:be:9c:ec:98:2a:ca:e4:d1:be:c8:
04:84:30:de:93:0f:e3:ee:1c:80:51:70:37:2e:da:9a:d0:90:
cf:ba:aa:b2:c6:64:33:c1:2a:d1:c0:08:40:5b:9e:82:48:33:
ba:b5:4d:78:05:ed:f3:7f:da:2d:0e:65:33:af:13:4c:c5:0f:
d0:a0:b5:38:fd:fe:09:0d:7b:b2:b1:97:a9:4a:7d:a8:83:f0:
bd:c2:ba:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZgPS0hoqJFZvMCHrHXrUROpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjUwNzE1MTgxNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNjMzUwMmJiOWZiZWM1N2I5NmU5ZmZkMTBmYWI1MGYzOTcwNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnypt4azk/uCCba2uozm9t+F2swE1
PZPcUN2AqAbmfZbHA439Os+P9Gvh5X31eYEbNCaiYqo/R+SykMk2x9RtGg15+oNe
6c7Non/1WpUJuqo2MqLvtzSL2WFOvP/HIjc4JhwoOAUBuLworsYiLlVExKk6vkEe
qt6XAufSSRYEN6q3Zz2PJa4O3W10vCyOiB9V8vBFxVDWgq7gE8mgzyhfzuymUY/l
0Kd6ZzCZytfTpCDRvy/wvOgoNM9PESPdKxACo0nKyX0hLiZ3iKImCIsYJ7rErCUp
ixfYGLUBXSS/RNca+YBDBaIufmJrqymeO2Aa6IwYYGZz10NkzINz8JuRUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBs8NQK7n77Fe5bp/9EPq1DzlwRjMB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvR3p3MUFydWZ2c1Y3bHVuXzBRLXJVUE9YQkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhSuAAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAFdmIcqvmTTHY1Wc9i8ejt8eC30jVonzgBi+Q8
yoi/UHM+so4bSrfh1X7d8Mi2kEN4a2D5NTZbXYzWxfYzHTsVQ4qtfGj4MrH64q99
ZiahWnvwd8THXtHgqqT4knDnEhfs3k/X9Y27KGU6+Vp6yXgu5VYV3go/u4YnMAee
BIBAmtGJORUD7VCMSBDptyzyELSnl1VLbHpsC3v6VdusXWDt+bke7wPn8vFBwb6c
7JgqyuTRvsgEhDDekw/j7hyAUXA3Ltqa0JDPuqqyxmQzwSrRwAhAW56CSDO6tU14
Be3zf9otDmUzrxNMxQ/QoLU4/f4JDXuysZepSn2og/C9wroI
-----END CERTIFICATE-----
Generated at Fri Jul 25 14:40:54 2025 by rpki-client