Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/SjCQ27rNVhM2kv9MDXbr5G3C5OQ.roa
File: SjCQ27rNVhM2kv9MDXbr5G3C5OQ.roa (raw, json)
Hash identifier: bS2aY9SSb6IOrmNW4CZHgTqDFoSe2nxj0DM5OSdweZ8=
Subject key identifier: 4A:30:90:DB:BA:CD:56:13:36:92:FF:4C:0D:76:EB:E4:6D:C2:E4:E4
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197E41A104DF41BFC949B2D860BC5CF8DA3
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/SjCQ27rNVhM2kv9MDXbr5G3C5OQ.roa
Signing time: Mon 07 Jul 2025 08:56:42 +0000
ROA not before: Mon 07 Jul 2025 08:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208360
IP address blocks: 2a11:7680::/32 maxlen: 32
2a11:b786::/32 maxlen: 32
2a11:d080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:1a:10:4d:f4:1b:fc:94:9b:2d:86:0b:c5:cf:8d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 7 08:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a3090dbbacd56133692ff4c0d76ebe46dc2e4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f8:30:df:ae:2d:32:c0:79:37:b9:4e:db:e1:
b1:3f:83:5a:3a:da:3f:f9:fd:e5:e3:59:18:67:07:
05:1d:32:72:da:02:9f:06:af:ab:14:e8:22:f5:2b:
35:d9:ab:2e:4d:22:de:fc:e3:3e:69:e7:e9:1c:39:
c0:c3:31:f8:24:0d:5e:a2:31:26:4c:83:39:e2:34:
a3:37:4f:0b:ae:c4:3c:ba:a0:ab:cd:21:4b:02:34:
12:4e:c0:d6:e5:28:e3:1f:4b:0f:c6:48:ac:6c:bd:
8e:9e:32:fd:09:1c:bc:39:6f:33:10:a8:0d:fd:3b:
b2:79:7b:29:4e:92:9c:05:d3:4e:c5:e0:9f:f0:86:
d5:ab:54:b3:8d:28:05:3b:79:ba:db:c8:d9:2d:6d:
81:25:09:0e:0b:62:ad:f7:e2:31:04:0b:b9:a8:49:
bc:50:2a:6d:81:d6:44:fb:70:7e:11:02:a5:05:b6:
3c:f0:a4:e0:20:71:f3:52:b4:5b:cc:7f:72:e7:9c:
c4:e4:43:c7:25:73:47:ce:09:b5:d6:8c:56:a9:53:
e6:1b:78:44:7d:4a:47:fd:e7:5a:38:a6:5d:73:a0:
36:e5:f9:d6:53:6e:08:4e:ae:62:25:72:38:7b:8d:
3f:0e:b1:57:5d:4c:06:ac:9e:c3:a0:b6:d7:73:d1:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:30:90:DB:BA:CD:56:13:36:92:FF:4C:0D:76:EB:E4:6D:C2:E4:E4
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/SjCQ27rNVhM2kv9MDXbr5G3C5OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7680::/32
2a11:b786::/32
2a11:d080::/32
Signature Algorithm: sha256WithRSAEncryption
d3:3e:77:64:a5:fe:6e:54:4d:9c:1a:f6:0d:7f:15:f5:7f:62:
f9:34:b4:c1:fa:99:0d:a7:34:29:7c:20:7b:6e:73:6b:1a:62:
5c:0c:61:28:55:e3:e2:e8:b7:8a:a1:a2:60:6d:2f:c3:50:66:
a4:ee:bc:a9:98:d4:83:ee:ca:af:2e:48:46:4d:b5:9c:c0:88:
e1:27:f2:33:89:b1:75:40:c3:e6:f4:a2:ff:f2:4b:7c:32:91:
12:fe:36:bf:07:a9:5f:b0:7b:50:e9:5b:03:92:9c:a5:e1:14:
fa:2f:c8:ec:7c:58:f8:e9:85:4e:e8:99:c3:9a:f7:36:fd:29:
0c:3f:6f:22:ed:7b:82:9c:f9:ab:28:3f:64:d1:59:b0:63:3b:
21:4c:b1:dd:a6:96:7c:9d:b6:ac:f8:8b:a9:43:05:44:9c:94:
cf:eb:98:cf:5c:dc:e2:ec:5a:09:41:b1:56:f0:3b:bf:37:8f:
4f:b7:0c:6c:34:ce:82:1d:07:79:70:6d:1f:b6:32:0e:a1:e2:
6a:61:cc:aa:f4:1e:c2:dd:d8:2b:bb:57:e6:e8:b6:ee:b5:04:
1f:13:ed:ee:a0:76:59:ba:2b:e8:bd:90:8a:d0:8d:e0:e3:9a:
0f:b5:fb:90:5d:e4:7e:3c:1d:8b:fd:25:59:24:87:76:70:40:
63:a5:bf:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfkGhBN9Bv8lJsthgvFz42jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzA3MDg1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMwOTBkYmJhY2Q1NjEzMzY5MmZmNGMwZDc2ZWJlNDZkYzJlNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPgw364tMsB5N7lO2+GxP4NaOto/
+f3l41kYZwcFHTJy2gKfBq+rFOgi9Ss12asuTSLe/OM+aefpHDnAwzH4JA1eojEm
TIM54jSjN08LrsQ8uqCrzSFLAjQSTsDW5SjjH0sPxkisbL2OnjL9CRy8OW8zEKgN
/TuyeXspTpKcBdNOxeCf8IbVq1SzjSgFO3m628jZLW2BJQkOC2Kt9+IxBAu5qEm8
UCptgdZE+3B+EQKlBbY88KTgIHHzUrRbzH9y55zE5EPHJXNHzgm11oxWqVPmG3hE
fUpH/edaOKZdc6A25fnWU24ITq5iJXI4e40/DrFXXUwGrJ7DoLbXc9FGfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEowkNu6zVYTNpL/TA126+RtwuTkMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvU2pDUTI3ck5WaE0ya3Y5TURYYnI1RzNDNU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhF2gAMF
ACoRt4YDBQAqEdCAMA0GCSqGSIb3DQEBCwUAA4IBAQDTPndkpf5uVE2cGvYNfxX1
f2L5NLTB+pkNpzQpfCB7bnNrGmJcDGEoVePi6LeKoaJgbS/DUGak7rypmNSD7sqv
LkhGTbWcwIjhJ/IzibF1QMPm9KL/8kt8MpES/ja/B6lfsHtQ6VsDkpyl4RT6L8js
fFj46YVO6JnDmvc2/SkMP28i7XuCnPmrKD9k0VmwYzshTLHdppZ8nbas+IupQwVE
nJTP65jPXNzi7FoJQbFW8Du/N49PtwxsNM6CHQd5cG0ftjIOoeJqYcyq9B7C3dgr
u1fm6LbutQQfE+3uoHZZuivovZCK0I3g45oPtfuQXeR+PB2L/SVZJId2cEBjpb+t
-----END CERTIFICATE-----
Generated at Wed Jul 23 17:19:39 2025 by rpki-client