Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_dSyM82ubPxt0IWcbA3l-ATLNXw.roa
File: _dSyM82ubPxt0IWcbA3l-ATLNXw.roa (raw, json)
Hash identifier: l0JNODZLJg38jNrMN1gzuw3SOjullf4mbVRpgQAx5Tc=
Subject key identifier: FD:D4:B2:33:CD:AE:6C:FC:6D:D0:85:9C:6C:0D:E5:F8:04:CB:35:7C
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0196D09CAB516DBB91F616AB35CC6047A13E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_dSyM82ubPxt0IWcbA3l-ATLNXw.roa
Signing time: Wed 14 May 2025 21:04:10 +0000
ROA not before: Wed 14 May 2025 21:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208694
IP address blocks: 2a0c:9a40:8820::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:9c:ab:51:6d:bb:91:f6:16:ab:35:cc:60:47:a1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: May 14 21:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdd4b233cdae6cfc6dd0859c6c0de5f804cb357c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6b:e8:ac:f0:f5:03:bd:09:d2:cc:3e:01:19:
a8:db:c9:75:32:f9:f8:2e:dc:86:ce:dc:c9:f3:f9:
24:4a:97:be:c0:46:81:44:f6:aa:39:84:18:b3:16:
3e:de:a8:e2:8e:02:ba:c9:44:79:09:05:da:8b:bc:
db:0a:2e:3b:a5:84:19:d0:96:24:54:68:58:d1:25:
9a:78:e3:5f:a2:1e:a4:34:ec:b9:44:01:27:68:bb:
e3:e6:7b:d0:b1:40:73:83:f7:5a:28:3f:24:7b:d4:
39:70:06:3a:3b:32:1f:a7:66:84:23:ad:81:89:a1:
31:cb:ba:76:ec:f8:37:9a:89:e7:63:f6:6c:8b:a9:
26:00:09:d1:46:a3:65:c3:5d:58:e7:5a:53:12:25:
0d:f9:ce:13:d3:67:48:10:0c:cf:74:9a:21:8a:46:
37:0e:a9:7d:56:0b:62:ec:fc:46:17:76:ff:5e:43:
4a:5e:22:d8:9c:09:56:06:e4:93:b0:26:9a:c3:cb:
f9:15:9b:fe:5d:2a:eb:39:dc:7e:b8:9c:16:0e:a4:
30:05:6e:9f:2c:88:1e:da:e7:d0:b2:ea:ff:2f:c2:
0a:97:a8:8f:ae:65:70:51:93:ac:08:08:63:66:e8:
b2:eb:13:23:e3:d2:f0:67:83:52:95:10:71:de:f1:
26:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D4:B2:33:CD:AE:6C:FC:6D:D0:85:9C:6C:0D:E5:F8:04:CB:35:7C
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_dSyM82ubPxt0IWcbA3l-ATLNXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8820::/48
Signature Algorithm: sha256WithRSAEncryption
52:e6:21:10:cf:f8:89:fe:19:49:6f:89:c8:9b:b0:05:56:0c:
12:a7:95:4e:b0:dc:9e:37:01:dd:85:85:7a:83:22:e7:be:6b:
5c:d6:ab:ee:66:98:64:2a:a3:6f:9d:1b:47:01:36:a5:0e:4d:
14:17:d6:94:a2:d1:9e:fc:af:c5:b9:18:b6:8f:80:0f:b0:75:
ee:12:f8:51:7c:fd:98:10:09:d1:91:a6:7b:fa:fb:d4:2c:90:
21:f2:28:22:a8:51:df:9a:e5:56:74:68:05:47:24:72:48:74:
cb:7f:f1:cf:19:7a:93:d0:5d:7c:b8:f5:5b:a2:14:0f:36:37:
56:04:9e:42:62:9c:d4:eb:31:7b:93:3d:21:d4:b9:d0:bb:33:
d1:5e:a3:b1:a2:1a:4a:ff:d9:44:df:aa:8f:5b:70:8d:6b:50:
05:89:ec:92:a4:8d:38:51:aa:08:f0:9a:dd:e5:63:91:c1:69:
e1:55:15:ba:15:00:53:64:91:b6:66:ff:9f:72:19:d0:0e:02:
e3:b2:ce:bc:a5:e2:fd:cb:ad:72:c9:1e:c3:3d:a6:16:36:c2:
df:98:d0:28:e8:e3:bc:04:47:11:18:ee:d9:7b:56:bb:32:e2:
f8:6d:47:a7:ca:23:a9:d2:77:4c:31:e3:48:e8:a9:a0:40:e9:
ec:a2:2b:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZbQnKtRbbuR9harNcxgR6E+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwNTE0MjEwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQ0YjIzM2NkYWU2Y2ZjNmRkMDg1OWM2YzBkZTVmODA0Y2IzNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmvorPD1A70J0sw+ARmo28l1Mvn4
LtyGztzJ8/kkSpe+wEaBRPaqOYQYsxY+3qjijgK6yUR5CQXai7zbCi47pYQZ0JYk
VGhY0SWaeONfoh6kNOy5RAEnaLvj5nvQsUBzg/daKD8ke9Q5cAY6OzIfp2aEI62B
iaExy7p27Pg3monnY/Zsi6kmAAnRRqNlw11Y51pTEiUN+c4T02dIEAzPdJohikY3
Dql9Vgti7PxGF3b/XkNKXiLYnAlWBuSTsCaaw8v5FZv+XSrrOdx+uJwWDqQwBW6f
LIge2ufQsur/L8IKl6iPrmVwUZOsCAhjZuiy6xMj49LwZ4NSlRBx3vEmUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP3UsjPNrmz8bdCFnGwN5fgEyzV8MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvX2RTeU04MnViUHh0MElXY2JBM2wtQVRMTlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBS5iEQz/iJ/hlJb4nIm7AFVgwSp5VOsNyeNwHd
hYV6gyLnvmtc1qvuZphkKqNvnRtHATalDk0UF9aUotGe/K/FuRi2j4APsHXuEvhR
fP2YEAnRkaZ7+vvULJAh8igiqFHfmuVWdGgFRyRySHTLf/HPGXqT0F18uPVbohQP
NjdWBJ5CYpzU6zF7kz0h1LnQuzPRXqOxohpK/9lE36qPW3CNa1AFieySpI04UaoI
8Jrd5WORwWnhVRW6FQBTZJG2Zv+fchnQDgLjss68peL9y61yyR7DPaYWNsLfmNAo
6OO8BEcRGO7Ze1a7MuL4bUenyiOp0ndMMeNI6KmgQOnsoisw
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:02:27 2025 by rpki-client