Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_DQDgeYwOvMiNSu-NI_jTpHQF64.roa
File: _DQDgeYwOvMiNSu-NI_jTpHQF64.roa (raw, json)
Hash identifier: Kzdl0rivtS5Baf6WUvieNeyTAMf2/ZPIBPPVPszZJOM=
Subject key identifier: FC:34:03:81:E6:30:3A:F3:22:35:2B:BE:34:8F:E3:4E:91:D0:17:AE
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0197F0416CA4E3C8B081D03BF082B35AAA2D
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_DQDgeYwOvMiNSu-NI_jTpHQF64.roa
Signing time: Wed 09 Jul 2025 17:35:08 +0000
ROA not before: Wed 09 Jul 2025 17:35:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a01:fb00::/32 maxlen: 32
2a01:fb00::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f0:41:6c:a4:e3:c8:b0:81:d0:3b:f0:82:b3:5a:aa:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Jul 9 17:35:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc340381e6303af322352bbe348fe34e91d017ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:52:c4:c7:24:50:33:f8:a3:5b:0b:82:dc:
1f:45:b0:93:94:58:fa:1a:2d:9c:ef:53:26:6e:d1:
70:b1:ec:d3:eb:ce:bb:82:43:11:c8:08:c3:b5:aa:
82:9a:5c:0b:d8:50:dc:d2:fa:0c:0b:10:46:ee:e7:
b7:8f:6e:88:2e:b2:c5:0e:d9:7e:b0:62:e9:67:ed:
4f:53:d9:69:9a:d2:cd:63:e9:84:e3:5a:3e:bd:b9:
7d:15:d3:fb:42:a1:72:67:3e:e3:1e:ee:0e:45:ed:
31:36:75:8e:bf:a2:17:50:88:8a:58:e6:06:a4:ed:
de:a2:c8:9c:71:4e:12:ea:ca:e1:7c:bc:f3:bd:57:
9b:7d:3e:27:d7:17:0b:20:49:7b:8d:de:3f:5d:7c:
35:38:0c:8f:57:fc:72:bf:ac:2f:d6:8b:cb:cb:d2:
15:b9:f8:3f:26:bb:64:56:f9:d0:15:dc:4f:7a:49:
a5:7a:1c:31:bd:a7:4c:36:7a:2f:13:70:21:a5:d9:
9d:25:76:f7:1f:d2:1e:49:1a:88:e4:76:a2:92:12:
0a:34:fe:c4:25:13:a4:19:fe:f4:9c:55:19:81:f2:
67:50:9f:58:30:39:36:f9:4e:51:55:16:06:07:8a:
bc:03:a1:d3:6c:35:c2:32:2c:ca:4b:c2:4c:86:9b:
cc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:03:81:E6:30:3A:F3:22:35:2B:BE:34:8F:E3:4E:91:D0:17:AE
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_DQDgeYwOvMiNSu-NI_jTpHQF64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
5c:4a:8e:b2:a2:ec:77:2e:e6:66:eb:62:c7:e3:0f:4e:79:72:
ac:81:63:61:13:96:08:76:8f:8a:eb:26:19:31:bd:29:da:6a:
78:31:a4:e6:38:5a:c1:9e:c3:e3:df:c5:c1:f9:d3:eb:4a:4e:
c6:65:24:47:8f:ad:25:69:a2:fd:cc:6b:a2:f0:fc:9f:69:cc:
a7:8b:18:98:c8:96:82:e1:f4:2b:fb:e3:b0:d3:1b:6d:58:bf:
63:e7:c3:11:6e:1e:27:f2:69:01:2f:c2:14:5c:47:5e:2b:39:
c2:b2:b0:d8:35:a3:77:24:2f:65:89:f5:9d:c1:5a:86:3f:38:
28:1b:e5:53:3a:b5:f0:06:40:32:49:a6:97:72:e3:25:a7:0a:
9c:8c:76:93:ae:2c:11:ff:36:71:d0:68:c9:ca:df:c8:28:79:
76:d2:a1:6b:f7:ae:89:fc:82:db:73:d3:bc:94:9c:c6:5f:c7:
72:98:2f:2f:69:e7:f0:42:6b:39:66:c8:5f:0a:10:e8:58:6c:
d1:3e:52:c1:d4:44:93:b8:11:e3:cf:d2:0b:f0:bb:be:64:d5:
de:d3:95:49:85:d6:ac:ef:45:b1:f9:e9:d5:d5:0b:22:23:80:
f5:0d:ed:ea:02:55:fc:fd:6f:2c:38:17:12:ee:35:f6:c5:46:
a2:75:8a:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZfwQWyk48iwgdA78IKzWqotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUwNzA5MTczNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzM0MDM4MWU2MzAzYWYzMjIzNTJiYmUzNDhmZTM0ZTkxZDAxN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaJSxMckUDP4o1sLgtwfRbCTlFj6
Gi2c71MmbtFwsezT6867gkMRyAjDtaqCmlwL2FDc0voMCxBG7ue3j26ILrLFDtl+
sGLpZ+1PU9lpmtLNY+mE41o+vbl9FdP7QqFyZz7jHu4ORe0xNnWOv6IXUIiKWOYG
pO3eosiccU4S6srhfLzzvVebfT4n1xcLIEl7jd4/XXw1OAyPV/xyv6wv1ovLy9IV
ufg/JrtkVvnQFdxPekmlehwxvadMNnovE3AhpdmdJXb3H9IeSRqI5HaikhIKNP7E
JROkGf70nFUZgfJnUJ9YMDk2+U5RVRYGB4q8A6HTbDXCMizKS8JMhpvMRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPw0A4HmMDrzIjUrvjSP406R0BeuMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvX0RRRGdlWXdPdk1pTlN1LU5JX2pUcEhRRjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgH7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAXEqOsqLsdy7mZutix+MPTnlyrIFjYROWCHaPiusm
GTG9KdpqeDGk5jhawZ7D49/FwfnT60pOxmUkR4+tJWmi/cxrovD8n2nMp4sYmMiW
guH0K/vjsNMbbVi/Y+fDEW4eJ/JpAS/CFFxHXis5wrKw2DWjdyQvZYn1ncFahj84
KBvlUzq18AZAMkmml3LjJacKnIx2k64sEf82cdBoycrfyCh5dtKha/euifyC23PT
vJScxl/HcpgvL2nn8EJrOWbIXwoQ6Fhs0T5SwdREk7gR48/SC/C7vmTV3tOVSYXW
rO9Fsfnp1dULIiOA9Q3t6gJV/P1vLDgXEu419sVGonWKeg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:49:02 2025 by rpki-client