Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/q0Y7JuIH4oBjzl-fsRapgvsG8Fc.roa
File: q0Y7JuIH4oBjzl-fsRapgvsG8Fc.roa (raw, json)
Hash identifier: W7hcV7HS+nhfysioyQX7FqA5FGniSSXnMSbU5jN9dVU=
Subject key identifier: AB:46:3B:26:E2:07:E2:80:63:CE:5F:9F:B1:16:A9:82:FB:06:F0:57
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019A07E47386EF8A354D46E330115F12495C
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/q0Y7JuIH4oBjzl-fsRapgvsG8Fc.roa
Signing time: Tue 21 Oct 2025 17:50:03 +0000
ROA not before: Tue 21 Oct 2025 17:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205866
IP address blocks: 2a11:4041::/32 maxlen: 32
2a11:6547::/32 maxlen: 32
2a11:6580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:e4:73:86:ef:8a:35:4d:46:e3:30:11:5f:12:49:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 21 17:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab463b26e207e28063ce5f9fb116a982fb06f057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:7d:4c:d8:6d:3b:07:ec:85:09:20:3c:94:
37:6f:08:96:90:2a:3b:f7:e4:75:1a:4d:b6:8a:f2:
00:44:2d:ed:35:eb:c3:a7:ba:e8:57:50:4e:13:c5:
f0:6b:40:9b:34:0e:f3:db:aa:10:48:47:ff:7f:bc:
20:23:9a:5d:a8:51:74:ef:b5:c6:89:bf:75:b9:65:
94:26:76:8a:b0:9c:bd:05:23:94:54:5e:1b:a3:5f:
1f:f0:27:a9:0b:e0:14:f3:e0:4b:01:e5:c2:11:59:
6d:c2:a9:57:5f:71:26:d7:e6:4e:b3:48:18:12:40:
e4:3f:3a:37:41:05:34:09:a4:3f:8f:7f:0f:64:c9:
a3:b8:7b:30:66:fb:59:9d:a2:f2:a3:f9:5c:cf:1d:
c2:2a:6a:b4:14:6f:87:29:9a:9c:bc:86:38:a4:61:
63:6e:89:76:8c:72:6f:e3:67:7c:c4:10:2b:de:63:
d1:48:ce:5c:27:4a:51:04:28:1d:d3:b8:a1:b7:91:
2a:d7:f7:86:9b:ef:dd:7c:98:db:14:a2:b2:ef:ab:
74:b2:f3:dd:77:0a:19:4b:52:f2:4e:75:fc:b9:e9:
71:ed:73:fa:20:29:d6:1e:f0:89:f5:04:1a:ad:71:
ff:d4:f7:42:33:4e:a0:dc:39:75:0b:73:36:29:4b:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:46:3B:26:E2:07:E2:80:63:CE:5F:9F:B1:16:A9:82:FB:06:F0:57
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/q0Y7JuIH4oBjzl-fsRapgvsG8Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4041::/32
2a11:6547::/32
2a11:6580::/32
Signature Algorithm: sha256WithRSAEncryption
53:17:d9:e9:8b:3b:d1:86:53:60:2f:b9:bd:25:21:94:01:67:
22:1a:55:ce:6a:58:33:19:4f:26:71:86:62:63:0c:6d:9b:2a:
8c:e6:ba:53:bb:11:df:37:87:70:75:2c:10:50:fe:9c:e4:8a:
42:88:19:3d:41:b2:c8:d4:39:71:97:df:94:57:c7:e0:24:c9:
8d:fe:65:df:1a:6b:42:8d:5b:3f:7a:31:20:7f:91:79:f7:1a:
19:64:d7:57:d7:b9:a1:73:1f:aa:0e:f2:e9:4a:56:ac:62:07:
32:6e:62:3b:31:2a:f1:34:8e:5f:60:46:53:7d:d6:25:a6:14:
1a:41:00:ef:3a:5b:f9:84:fd:a6:03:f5:03:0c:39:92:5e:ec:
9f:d5:93:74:9e:a5:8f:b2:2e:29:9b:b9:9d:7b:c8:f5:c3:fc:
66:9b:de:f4:1c:ad:f4:27:7f:49:1b:3c:e7:b6:46:ec:49:b8:
9a:f4:16:18:a1:f8:35:ba:f7:d6:fc:b0:32:17:cf:9a:d4:97:
e6:b9:be:dc:56:cb:55:cc:b5:c5:cf:2b:13:7b:a5:c8:9e:1e:
82:d3:99:25:07:4b:2c:8e:0e:13:14:20:1d:aa:4c:10:e3:eb:
ea:c5:c1:20:b0:f0:fe:5c:fc:fd:42:59:51:04:64:46:89:ec:
2d:33:e7:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZoH5HOG74o1TUbjMBFfEklcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDIxMTc1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ2M2IyNmUyMDdlMjgwNjNjZTVmOWZiMTE2YTk4MmZiMDZmMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf99TNhtOwfshQkgPJQ3bwiWkCo7
9+R1Gk22ivIARC3tNevDp7roV1BOE8Xwa0CbNA7z26oQSEf/f7wgI5pdqFF077XG
ib91uWWUJnaKsJy9BSOUVF4bo18f8CepC+AU8+BLAeXCEVltwqlXX3Em1+ZOs0gY
EkDkPzo3QQU0CaQ/j38PZMmjuHswZvtZnaLyo/lczx3CKmq0FG+HKZqcvIY4pGFj
bol2jHJv42d8xBAr3mPRSM5cJ0pRBCgd07iht5Eq1/eGm+/dfJjbFKKy76t0svPd
dwoZS1LyTnX8uelx7XP6ICnWHvCJ9QQarXH/1PdCM06g3Dl1C3M2KUv2owIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKtGOybiB+KAY85fn7EWqYL7BvBXMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvcTBZN0p1SUg0b0JqemwtZnNSYXBndnNHOEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFAQQMF
ACoRZUcDBQAqEWWAMA0GCSqGSIb3DQEBCwUAA4IBAQBTF9npizvRhlNgL7m9JSGU
AWciGlXOalgzGU8mcYZiYwxtmyqM5rpTuxHfN4dwdSwQUP6c5IpCiBk9QbLI1Dlx
l9+UV8fgJMmN/mXfGmtCjVs/ejEgf5F59xoZZNdX17mhcx+qDvLpSlasYgcybmI7
MSrxNI5fYEZTfdYlphQaQQDvOlv5hP2mA/UDDDmSXuyf1ZN0nqWPsi4pm7mde8j1
w/xmm970HK30J39JGzzntkbsSbia9BYYofg1uvfW/LAyF8+a1Jfmub7cVstVzLXF
zysTe6XInh6C05klB0ssjg4TFCAdqkwQ4+vqxcEgsPD+XPz9QllRBGRGiewtM+dh
-----END CERTIFICATE-----
Generated at Wed Oct 22 22:52:54 2025 by rpki-client