Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uLPJYTLAJibqmvpLRCseXDZJAzs.roa
File: uLPJYTLAJibqmvpLRCseXDZJAzs.roa (raw, json)
Hash identifier: 9mlYN3W1kSgnxpAWizPg+AQaofwG+1gp6a+x8zV245c=
Subject key identifier: B8:B3:C9:61:32:C0:26:26:EA:9A:FA:4B:44:2B:1E:5C:36:49:03:3B
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019906367554E5FEE11AF4C3941472B1282A
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uLPJYTLAJibqmvpLRCseXDZJAzs.roa
Signing time: Mon 01 Sep 2025 16:57:36 +0000
ROA not before: Mon 01 Sep 2025 16:57:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a0c:72c0::/29 maxlen: 29
2a0d:fcc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:36:75:54:e5:fe:e1:1a:f4:c3:94:14:72:b1:28:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Sep 1 16:57:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8b3c96132c02626ea9afa4b442b1e5c3649033b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:8d:02:e4:0f:b5:0d:dc:30:e6:79:90:cb:
99:2c:1f:b5:6e:e4:1d:d6:d9:24:df:71:ae:d4:da:
6d:19:d3:fe:c3:9e:30:83:29:22:e9:c8:bf:e7:22:
aa:c0:bc:01:7c:1a:51:0b:12:b0:b9:d5:ed:95:ab:
0f:1c:c3:7f:0a:4c:20:13:90:6e:3b:59:1f:08:71:
cd:dd:a1:e3:01:74:2a:77:b2:68:ad:81:90:ba:c7:
81:5f:45:65:91:77:83:ab:19:49:2d:89:f5:e7:f4:
f5:37:c8:c5:29:16:81:b4:5e:80:ab:ef:fe:aa:73:
10:08:b9:e3:98:db:4e:04:37:2a:8e:cf:12:95:9b:
6e:35:a0:c0:eb:56:5d:eb:d8:41:5e:6f:09:ff:95:
8b:fa:e0:81:c8:0f:c8:30:48:a2:e9:48:4a:dd:44:
e8:1c:0a:8a:17:52:f4:0a:3c:91:77:fc:2a:dd:be:
cb:38:bf:58:ed:04:73:b6:60:8d:ff:f0:3e:f8:93:
17:2a:ad:75:75:24:43:6d:33:1a:8a:ec:9b:95:a8:
e8:b3:90:2e:35:d1:1e:5e:c4:de:f4:1c:ed:07:76:
8a:cd:c6:d7:0c:82:74:54:0f:49:23:63:ef:78:f1:
1a:ba:62:bf:de:c4:c6:f7:91:21:1e:fa:d9:3e:fa:
66:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B3:C9:61:32:C0:26:26:EA:9A:FA:4B:44:2B:1E:5C:36:49:03:3B
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uLPJYTLAJibqmvpLRCseXDZJAzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:72c0::/29
2a0d:fcc1::/32
Signature Algorithm: sha256WithRSAEncryption
65:1f:0b:5e:57:4b:64:d5:8b:b0:a8:90:05:77:bf:7b:06:50:
a8:0c:68:04:12:05:14:80:0b:a1:f2:17:77:7c:52:9d:1e:d1:
a0:d6:57:63:5b:dc:a1:b1:3a:a2:b4:28:cc:97:c3:8c:05:78:
3f:59:43:c4:c6:eb:62:6c:79:e4:ba:7c:c6:61:bc:e8:a9:7d:
9b:7f:9c:26:b7:2f:71:ea:b9:0c:1d:96:27:d9:80:90:9f:46:
4a:15:52:78:81:23:4c:b9:e6:19:fb:16:9d:8f:ee:4b:34:6b:
27:8b:95:9f:a2:df:5b:45:a5:60:e8:2e:94:bb:4b:a8:9f:07:
3c:ae:fa:91:91:ec:d9:68:da:04:a7:55:83:f8:6e:4d:92:67:
72:bd:ed:39:37:22:91:9a:65:b7:4e:be:55:eb:31:44:e1:07:
20:0e:13:fd:ec:ea:78:89:e0:8f:20:c5:64:0f:38:d7:d6:a2:
cf:56:76:db:ae:50:f5:82:cf:ae:11:d0:24:e2:81:d2:e4:76:
67:22:70:33:f5:cb:4e:d2:01:01:19:2b:f9:8f:37:04:95:5e:
13:72:9c:b7:68:19:0b:0c:b0:65:e3:d8:56:9d:fd:34:cf:40:
99:2f:4c:67:3b:b4:31:4a:52:73:eb:5d:6d:b6:97:76:d0:9b:
a5:25:a3:47
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZkGNnVU5f7hGvTDlBRysSgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwOTAxMTY1NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIzYzk2MTMyYzAyNjI2ZWE5YWZhNGI0NDJiMWU1YzM2NDkwMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurSNAuQPtQ3cMOZ5kMuZLB+1buQd
1tkk33Gu1NptGdP+w54wgyki6ci/5yKqwLwBfBpRCxKwudXtlasPHMN/CkwgE5Bu
O1kfCHHN3aHjAXQqd7JorYGQuseBX0VlkXeDqxlJLYn15/T1N8jFKRaBtF6Aq+/+
qnMQCLnjmNtOBDcqjs8SlZtuNaDA61Zd69hBXm8J/5WL+uCByA/IMEii6UhK3UTo
HAqKF1L0CjyRd/wq3b7LOL9Y7QRztmCN//A++JMXKq11dSRDbTMaiuyblajos5Au
NdEeXsTe9BztB3aKzcbXDIJ0VA9JI2PvePEaumK/3sTG95EhHvrZPvpmTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLizyWEywCYm6pr6S0QrHlw2SQM7MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvdUxQSllUTEFKaWJxbXZwTFJDc2VYRFpKQXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgxywAMF
ACoN/MEwDQYJKoZIhvcNAQELBQADggEBAGUfC15XS2TVi7CokAV3v3sGUKgMaAQS
BRSAC6HyF3d8Up0e0aDWV2Nb3KGxOqK0KMyXw4wFeD9ZQ8TG62JseeS6fMZhvOip
fZt/nCa3L3HquQwdlifZgJCfRkoVUniBI0y55hn7Fp2P7ks0ayeLlZ+i31tFpWDo
LpS7S6ifBzyu+pGR7Nlo2gSnVYP4bk2SZ3K97Tk3IpGaZbdOvlXrMUThByAOE/3s
6niJ4I8gxWQPONfWos9WdtuuUPWCz64R0CTigdLkdmcicDP1y07SAQEZK/mPNwSV
XhNynLdoGQsMsGXj2Fad/TTPQJkvTGc7tDFKUnPrXW22l3bQm6Ulo0c=
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:17:37 2025 by rpki-client