
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/ilbTbKDw7TN7XTGmwqbvNDRO4fw.roa
File: ilbTbKDw7TN7XTGmwqbvNDRO4fw.roa (raw, json)
Hash identifier: 4N4i1l9+mBJiqdctdVubAmlboOr8e2raVm5nIrlAgsQ=
Subject key identifier: 8A:56:D3:6C:A0:F0:ED:33:7B:5D:31:A6:C2:A6:EF:34:34:4E:E1:FC
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01974A6E63B6ACB258EBB6F5011005B3F670
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/ilbTbKDw7TN7XTGmwqbvNDRO4fw.roa
Signing time: Sat 07 Jun 2025 12:47:17 +0000
ROA not before: Sat 07 Jun 2025 12:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11967
IP address blocks: 2a0d:d940:70::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:6e:63:b6:ac:b2:58:eb:b6:f5:01:10:05:b3:f6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jun 7 12:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a56d36ca0f0ed337b5d31a6c2a6ef34344ee1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f2:24:0d:ae:40:ae:54:b5:7b:16:ab:32:96:
c9:78:6c:bb:59:15:61:91:03:c9:75:c7:c6:9d:11:
8c:ea:b2:ae:bc:96:67:04:75:59:5f:79:21:2f:f9:
44:7f:8f:64:a7:62:8d:66:98:06:65:52:81:0c:83:
2d:a4:69:43:5b:d0:cd:46:a6:e7:97:70:b5:d1:cb:
cd:ba:fb:fb:a3:8a:fc:24:59:a8:d7:ad:33:cc:19:
99:ec:74:0b:56:c2:29:2a:35:83:bc:5c:5f:aa:bf:
c3:fd:4e:e2:f4:10:30:92:6c:3f:5a:7c:be:f4:61:
2a:5d:24:c8:b9:17:3b:e7:6e:3c:ca:d1:d5:f7:40:
77:f5:a0:d9:70:b3:8a:f0:a1:0b:16:b3:c4:83:d4:
24:3d:bc:6e:b6:bb:40:df:42:89:d4:16:57:c3:8d:
30:80:d6:f2:80:d8:1d:32:9c:4d:0a:72:55:55:2d:
68:e7:8d:76:bc:f3:48:70:6d:7a:b7:de:3a:f4:e9:
c3:3c:68:d7:59:d7:29:f1:a4:ae:14:ed:a7:7e:64:
1f:1b:04:22:5f:90:d3:f9:b7:d3:5f:88:cf:fa:b1:
cf:67:93:c8:af:76:56:c9:f8:c1:84:89:49:82:5a:
dd:53:08:06:46:e0:63:06:b1:4c:07:fc:da:30:a7:
14:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:56:D3:6C:A0:F0:ED:33:7B:5D:31:A6:C2:A6:EF:34:34:4E:E1:FC
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/ilbTbKDw7TN7XTGmwqbvNDRO4fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:70::/44
Signature Algorithm: sha256WithRSAEncryption
d9:fd:bc:34:bd:1b:8d:64:5c:8a:ff:dd:17:db:21:8b:31:5b:
a0:a5:90:e2:13:57:92:de:02:b2:88:e9:9a:c0:a1:e9:5e:97:
ef:ee:03:e3:61:02:1f:19:e4:0f:69:05:da:88:d7:23:5e:d9:
32:27:ac:eb:4e:da:84:be:cd:85:6e:04:6b:75:88:fe:ac:78:
9f:fc:c7:a3:bc:e4:c3:90:80:59:50:06:03:3d:2e:3a:8f:f1:
18:81:c6:c0:43:79:53:93:59:fa:d0:46:77:ef:44:08:4a:27:
5b:79:88:90:58:25:5e:24:f5:00:26:99:e3:44:e9:e9:bf:61:
6d:9b:42:07:f3:dc:05:7e:70:c0:6d:72:e3:6c:08:cf:dd:89:
c6:2c:06:8d:97:6b:1c:78:f9:ee:ab:df:d4:9f:7f:25:b7:cc:
a0:15:6a:bd:90:66:42:94:e5:a9:da:61:c0:ab:9c:53:ec:f1:
d4:b2:11:a5:87:e8:93:99:0c:3a:b8:56:3b:02:6d:1c:02:99:
4f:b9:16:fe:20:b5:a3:5d:9d:2d:f4:55:f7:f3:af:8b:6c:6f:
56:61:17:ce:a1:02:a3:86:0c:18:6c:6f:b7:e1:e9:5e:17:8c:
01:a3:96:9c:03:76:bc:be:c0:9f:8f:8c:b8:cf:f3:dd:8c:d9:
bf:f5:8d:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZdKbmO2rLJY67b1ARAFs/ZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNjA3MTI0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU2ZDM2Y2EwZjBlZDMzN2I1ZDMxYTZjMmE2ZWYzNDM0NGVlMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPIkDa5ArlS1exarMpbJeGy7WRVh
kQPJdcfGnRGM6rKuvJZnBHVZX3khL/lEf49kp2KNZpgGZVKBDIMtpGlDW9DNRqbn
l3C10cvNuvv7o4r8JFmo160zzBmZ7HQLVsIpKjWDvFxfqr/D/U7i9BAwkmw/Wny+
9GEqXSTIuRc75248ytHV90B39aDZcLOK8KELFrPEg9QkPbxutrtA30KJ1BZXw40w
gNbygNgdMpxNCnJVVS1o5412vPNIcG16t9469OnDPGjXWdcp8aSuFO2nfmQfGwQi
X5DT+bfTX4jP+rHPZ5PIr3ZWyfjBhIlJglrdUwgGRuBjBrFMB/zaMKcUIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIpW02yg8O0ze10xpsKm7zQ0TuH8MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvaWxiVGJLRHc3VE43WFRHbXdxYnZORFJPNGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg3ZQABw
MA0GCSqGSIb3DQEBCwUAA4IBAQDZ/bw0vRuNZFyK/90X2yGLMVugpZDiE1eS3gKy
iOmawKHpXpfv7gPjYQIfGeQPaQXaiNcjXtkyJ6zrTtqEvs2FbgRrdYj+rHif/Mej
vOTDkIBZUAYDPS46j/EYgcbAQ3lTk1n60EZ370QISidbeYiQWCVeJPUAJpnjROnp
v2Ftm0IH89wFfnDAbXLjbAjP3YnGLAaNl2scePnuq9/Un38lt8ygFWq9kGZClOWp
2mHAq5xT7PHUshGlh+iTmQw6uFY7Am0cAplPuRb+ILWjXZ0t9FX386+LbG9WYRfO
oQKjhgwYbG+34eleF4wBo5acA3a8vsCfj4y4z/PdjNm/9Y2e
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:17:11 2025 by rpki-client