Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/iRgiX3Efpdb7rWw9dQBln7RbaAs.roa
File: iRgiX3Efpdb7rWw9dQBln7RbaAs.roa (raw, json)
Hash identifier: ml9tFxjDO5V7oa+IDi4ukeu4c4f+IE/tPFsfezwpU2I=
Subject key identifier: 89:18:22:5F:71:1F:A5:D6:FB:AD:6C:3D:75:00:65:9F:B4:5B:68:0B
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0196E8791175FD5ECA1A8CACE1429A1550F4
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/iRgiX3Efpdb7rWw9dQBln7RbaAs.roa
Signing time: Mon 19 May 2025 12:16:10 +0000
ROA not before: Mon 19 May 2025 12:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213527
IP address blocks: 2a14:47c0::/32 maxlen: 32
2a14:47c0::/40 maxlen: 40
2a14:47c0::/48 maxlen: 48
2a14:47c0:1::/48 maxlen: 48
2a14:47c0:2::/48 maxlen: 48
2a14:47c0:3::/48 maxlen: 48
2a14:47c0:4::/48 maxlen: 48
2a14:47c0:5::/48 maxlen: 48
2a14:47c0:6::/48 maxlen: 48
2a14:47c0:7::/48 maxlen: 48
2a14:47c0:8::/48 maxlen: 48
2a14:47c0:9::/48 maxlen: 48
2a14:47c0:a::/48 maxlen: 48
2a14:47c0:b::/48 maxlen: 48
2a14:47c0:c::/48 maxlen: 48
2a14:47c0:d::/48 maxlen: 48
2a14:47c0:e::/48 maxlen: 48
2a14:47c0:100::/40 maxlen: 40
2a14:47c0:100::/48 maxlen: 48
2a14:47c0:fffe::/48 maxlen: 48
2a14:47c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:79:11:75:fd:5e:ca:1a:8c:ac:e1:42:9a:15:50:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: May 19 12:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8918225f711fa5d6fbad6c3d7500659fb45b680b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9c:83:10:e4:6f:8f:06:05:6e:41:74:59:1a:
33:3b:e8:29:7b:c8:63:78:cd:54:a6:eb:4f:cf:b4:
44:f4:a6:63:86:12:8c:c4:c9:06:94:0a:dc:b1:b0:
45:00:e4:61:a0:16:8d:e4:e3:94:fb:e4:e4:4e:fe:
80:f2:c8:01:8d:77:97:8c:ba:9f:74:60:e2:1c:ff:
d0:0e:37:fe:c2:e9:12:bc:c4:89:95:c3:7f:65:ae:
2b:1f:62:38:32:e6:b5:74:42:de:ed:8c:24:70:0f:
da:20:d7:dd:cd:35:b2:57:3b:5a:0e:36:61:00:2c:
4e:ad:ea:f7:80:2f:0f:1a:0b:43:e5:3e:4d:4e:00:
00:64:98:37:9c:96:ee:b3:52:98:b6:0b:43:fd:e9:
f9:bc:92:77:61:ba:dc:f7:f2:34:36:ea:c9:92:e7:
83:d3:05:1a:6e:a3:74:ea:3a:0c:66:00:ee:87:bb:
cb:b8:60:b2:2c:c7:af:98:d9:a1:19:db:e4:f2:8d:
98:19:1a:7a:b4:05:cc:e0:90:af:b5:50:b4:70:86:
ea:04:56:5d:38:2f:88:06:3b:ba:7c:2e:b3:39:a8:
ec:98:98:ef:d1:17:1e:58:54:2f:17:93:ce:95:d4:
40:97:9b:cf:24:39:f0:cc:0d:57:02:9b:28:6b:1e:
28:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:18:22:5F:71:1F:A5:D6:FB:AD:6C:3D:75:00:65:9F:B4:5B:68:0B
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/iRgiX3Efpdb7rWw9dQBln7RbaAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:5a:a2:c7:85:6c:e6:2a:d0:52:8b:cb:42:58:9b:da:87:cd:
09:f2:57:bf:33:98:9d:3d:13:c8:98:9c:10:b1:67:64:3d:7b:
c2:cf:88:c2:ad:5e:a7:80:47:ed:b0:92:36:00:21:c9:04:ef:
99:64:74:41:b9:33:d2:91:77:a6:d2:e4:9f:6d:7a:ab:80:7d:
44:be:39:88:dd:9c:28:06:d1:09:62:08:02:5b:cf:80:67:0b:
15:5f:ce:3a:43:5e:8c:d9:9f:e4:41:5d:ac:39:c1:86:f4:cd:
41:ee:a5:fd:51:04:5f:a5:50:a2:4e:e8:1d:01:26:d1:39:40:
5c:f2:6c:8f:d1:ce:46:d0:04:0f:40:3f:18:8c:14:f2:00:68:
c4:f5:91:e0:41:b2:a6:6f:24:62:62:8c:de:1d:18:4e:66:a4:
34:f5:ae:64:15:a5:59:4e:d7:17:e6:29:97:3a:a1:4b:bc:16:
6a:1f:ab:5b:dd:14:eb:94:d1:ff:06:e9:be:32:02:4f:0f:e0:
75:a3:7b:1a:69:b5:3b:a1:55:43:d0:47:d4:db:a4:31:14:33:
f8:e3:27:5e:c4:ce:1e:0e:a3:8b:a9:52:f0:e2:b3:3b:4b:77:
25:0d:b5:3c:a3:31:e6:b0:a8:34:7f:46:d9:55:85:af:cf:42:
ca:9b:5d:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZboeRF1/V7KGoys4UKaFVD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwNTE5MTIxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE4MjI1ZjcxMWZhNWQ2ZmJhZDZjM2Q3NTAwNjU5ZmI0NWI2ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZyDEORvjwYFbkF0WRozO+gpe8hj
eM1UputPz7RE9KZjhhKMxMkGlArcsbBFAORhoBaN5OOU++TkTv6A8sgBjXeXjLqf
dGDiHP/QDjf+wukSvMSJlcN/Za4rH2I4Mua1dELe7YwkcA/aINfdzTWyVztaDjZh
ACxOrer3gC8PGgtD5T5NTgAAZJg3nJbus1KYtgtD/en5vJJ3Ybrc9/I0NurJkueD
0wUabqN06joMZgDuh7vLuGCyLMevmNmhGdvk8o2YGRp6tAXM4JCvtVC0cIbqBFZd
OC+IBju6fC6zOajsmJjv0RceWFQvF5POldRAl5vPJDnwzA1XApsoax4onwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIkYIl9xH6XW+61sPXUAZZ+0W2gLMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvaVJnaVgzRWZwZGI3cld3OWRRQmxuN1JiYUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRHwDAN
BgkqhkiG9w0BAQsFAAOCAQEALFqix4Vs5irQUovLQlib2ofNCfJXvzOYnT0TyJic
ELFnZD17ws+Iwq1ep4BH7bCSNgAhyQTvmWR0Qbkz0pF3ptLkn216q4B9RL45iN2c
KAbRCWIIAlvPgGcLFV/OOkNejNmf5EFdrDnBhvTNQe6l/VEEX6VQok7oHQEm0TlA
XPJsj9HORtAED0A/GIwU8gBoxPWR4EGypm8kYmKM3h0YTmakNPWuZBWlWU7XF+Yp
lzqhS7wWah+rW90U65TR/wbpvjICTw/gdaN7Gmm1O6FVQ9BH1NukMRQz+OMnXsTO
Hg6ji6lS8OKzO0t3JQ21PKMx5rCoNH9G2VWFr89CyptdpA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:21:13 2025 by rpki-client