Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8jEYXwqp-sqjCIcuEOp4AJH5tZE.roa
File: 8jEYXwqp-sqjCIcuEOp4AJH5tZE.roa (raw, json)
Hash identifier: uxpYTWsTit/mc011sjRrV3/dr/hSCC/H7pOG3ipoy20=
Subject key identifier: F2:31:18:5F:0A:A9:FA:CA:A3:08:87:2E:10:EA:78:00:91:F9:B5:91
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019814C44D0AD6E17CD1CE875945268502C1
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8jEYXwqp-sqjCIcuEOp4AJH5tZE.roa
Signing time: Wed 16 Jul 2025 19:44:25 +0000
ROA not before: Wed 16 Jul 2025 19:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:5881::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:be81::/32 maxlen: 32
2a11:be86::/32 maxlen: 32
2a12:2c40::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:14:c4:4d:0a:d6:e1:7c:d1:ce:87:59:45:26:85:02:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 16 19:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f231185f0aa9facaa308872e10ea780091f9b591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:6c:de:f9:c5:31:f3:e6:d5:d3:48:87:15:
82:31:ae:c3:58:44:d5:b1:cf:23:6a:be:a3:b6:d2:
e9:82:c6:d3:96:98:d7:73:af:fb:2b:53:35:ba:65:
9a:b6:f8:c6:14:25:6d:e8:3c:79:2b:d0:01:b0:5c:
bd:94:ed:52:08:1f:82:d1:06:c3:76:6d:43:37:d7:
bc:dc:18:2a:fe:24:22:e9:00:e4:e2:e9:22:ef:38:
4b:5b:c9:49:f9:e3:16:c6:19:a6:a2:32:5a:e9:59:
72:25:b1:af:92:99:70:26:d8:91:d7:2c:5b:80:f7:
17:21:bf:ee:d2:40:37:ab:c5:22:b4:c8:67:99:81:
e9:3d:32:84:ea:a5:8b:3a:6c:3b:ae:9b:b8:f0:1a:
15:97:27:e7:89:e1:62:6d:97:7e:18:8e:8d:6d:d0:
1d:4a:b9:5f:a9:7c:84:c3:e6:1f:19:df:e6:47:a9:
b2:3e:09:d0:2c:fb:1b:a9:b9:1b:77:79:16:db:09:
7f:ca:05:46:7e:3d:f4:18:e2:35:a3:b5:68:1f:57:
e8:a9:ec:43:a3:67:03:c1:4d:f6:cf:4b:b2:0b:f8:
68:71:02:3c:e2:83:d7:d7:92:53:2c:02:38:1b:5b:
aa:7d:7f:ee:1f:b9:88:eb:99:48:32:0a:7c:9d:a1:
08:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:31:18:5F:0A:A9:FA:CA:A3:08:87:2E:10:EA:78:00:91:F9:B5:91
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8jEYXwqp-sqjCIcuEOp4AJH5tZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5881::/32
2a11:b785::/32
2a11:be81::/32
2a11:be86::/32
2a12:2c40::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
5c:f9:cb:bf:dd:ef:a0:47:14:2a:4d:0d:95:5d:bd:b7:61:c8:
09:a2:0e:17:44:64:76:d0:ee:a2:2d:ba:3b:5d:cf:66:d3:21:
f2:28:a0:a8:41:d2:07:e2:b3:3f:c3:4f:54:55:58:e6:bf:87:
d7:39:23:92:ba:c5:bb:2d:3e:92:3c:41:c7:56:b9:03:ea:a5:
3b:1e:89:08:17:29:4e:95:69:db:20:02:8c:63:07:54:2d:50:
39:af:90:d4:47:ef:db:4b:bb:24:81:c1:57:12:ad:d0:f2:76:
b3:98:d7:80:94:31:16:45:e5:02:60:ee:f5:00:b7:32:36:c3:
ae:f2:9f:b7:3f:28:74:a0:c3:ff:75:f5:1d:23:a0:d8:31:a6:
2b:f3:02:1b:e0:e7:87:91:e5:33:9d:d5:4b:ae:b2:95:e9:66:
38:d0:5d:ad:b6:f7:73:37:d8:c7:ea:76:ee:0f:1d:06:a2:2a:
a1:27:96:81:d5:d9:e6:e3:96:74:ed:ca:c3:32:1b:e1:ea:bd:
f6:a6:af:c0:cb:1c:bb:e8:0e:e3:25:13:01:61:f8:0b:02:b1:
b8:20:4c:9e:70:ba:61:05:be:d0:37:17:8e:99:9c:40:54:ac:
d9:e7:1d:03:03:60:bb:52:0b:e5:cc:a4:82:13:56:2e:c5:b8:
8b:c9:9c:7a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgUxE0K1uF80c6HWUUmhQLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzE2MTk0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjMxMTg1ZjBhYTlmYWNhYTMwODg3MmUxMGVhNzgwMDkxZjliNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj1s3vnFMfPm1dNIhxWCMa7DWETV
sc8jar6jttLpgsbTlpjXc6/7K1M1umWatvjGFCVt6Dx5K9ABsFy9lO1SCB+C0QbD
dm1DN9e83Bgq/iQi6QDk4uki7zhLW8lJ+eMWxhmmojJa6VlyJbGvkplwJtiR1yxb
gPcXIb/u0kA3q8UitMhnmYHpPTKE6qWLOmw7rpu48BoVlyfnieFibZd+GI6NbdAd
SrlfqXyEw+YfGd/mR6myPgnQLPsbqbkbd3kW2wl/ygVGfj30GOI1o7VoH1foqexD
o2cDwU32z0uyC/hocQI84oPX15JTLAI4G1uqfX/uH7mI65lIMgp8naEIYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPIxGF8KqfrKowiHLhDqeACR+bWRMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvOGpFWVh3cXAtc3FqQ0ljdUVPcDRBSkg1dFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKhFYgQMF
ACoRt4UDBQAqEb6BAwUAKhG+hgMFACoSLEADBQAqEkwGMA0GCSqGSIb3DQEBCwUA
A4IBAQBc+cu/3e+gRxQqTQ2VXb23YcgJog4XRGR20O6iLbo7Xc9m0yHyKKCoQdIH
4rM/w09UVVjmv4fXOSOSusW7LT6SPEHHVrkD6qU7HokIFylOlWnbIAKMYwdULVA5
r5DUR+/bS7skgcFXEq3Q8nazmNeAlDEWReUCYO71ALcyNsOu8p+3Pyh0oMP/dfUd
I6DYMaYr8wIb4OeHkeUzndVLrrKV6WY40F2ttvdzN9jH6nbuDx0GoiqhJ5aB1dnm
45Z07crDMhvh6r32pq/Ayxy76A7jJRMBYfgLArG4IEyecLphBb7QNxeOmZxAVKzZ
5x0DA2C7UgvlzKSCE1YuxbiLyZx6
-----END CERTIFICATE-----
Generated at Mon Jul 21 10:39:44 2025 by rpki-client