Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ByxFjr3Toz51tTrCgyJcZ9ROTDc.roa
File: ByxFjr3Toz51tTrCgyJcZ9ROTDc.roa (raw, json)
Hash identifier: MC65BQj3HwbXh+vS6odPDeaoBTY9byCzkoFUHQFoK8Q=
Subject key identifier: 07:2C:45:8E:BD:D3:A3:3E:75:B5:3A:C2:83:22:5C:67:D4:4E:4C:37
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0198E11B2AF2C3A9188190E450C9F4FAE451
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ByxFjr3Toz51tTrCgyJcZ9ROTDc.roa
Signing time: Mon 25 Aug 2025 12:01:50 +0000
ROA not before: Mon 25 Aug 2025 12:01:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 2a11:3b40::/32 maxlen: 32
2a12:6640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 00:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:1b:2a:f2:c3:a9:18:81:90:e4:50:c9:f4:fa:e4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 25 12:01:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=072c458ebdd3a33e75b53ac283225c67d44e4c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:58:6d:36:a2:9b:00:d7:2c:b5:40:f3:9d:
14:1e:f8:23:4b:68:c3:f5:71:32:d9:89:b2:73:08:
f6:f1:51:4b:57:cd:fa:97:9c:ec:bc:01:84:30:db:
bc:5a:ec:be:f1:9d:84:22:85:d0:77:ad:d5:61:18:
fa:8f:84:a4:89:43:54:2b:67:19:4c:44:04:ee:e5:
9f:55:c8:89:ce:6f:2a:92:91:6c:54:a9:f9:29:53:
2e:fb:af:26:fd:7f:ea:e1:1e:be:72:ff:42:3d:94:
69:91:4d:7e:7c:96:90:c7:e1:e3:25:da:2c:60:9a:
b9:03:8f:15:f6:73:4b:40:b4:04:e5:39:48:15:49:
ac:98:d2:0e:2d:38:da:c0:f1:60:03:94:78:55:27:
97:ba:57:fb:cb:f1:6b:b3:a8:fa:c1:25:ba:89:92:
05:27:c2:65:95:d8:23:12:98:57:4a:5a:ec:a5:ea:
16:35:f4:dc:92:fa:7f:51:5a:35:c6:e7:5e:a1:3e:
7f:75:c1:b8:40:8a:3b:18:24:19:bb:2e:79:6b:60:
a2:56:2a:54:12:51:ff:eb:64:82:3e:80:e1:b5:78:
ab:79:ff:84:54:c9:0a:99:ab:6d:d8:31:b3:7e:b9:
db:3b:44:79:ac:77:15:f5:5b:06:23:d6:bc:b4:5f:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2C:45:8E:BD:D3:A3:3E:75:B5:3A:C2:83:22:5C:67:D4:4E:4C:37
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ByxFjr3Toz51tTrCgyJcZ9ROTDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3b40::/32
2a12:6640::/32
Signature Algorithm: sha256WithRSAEncryption
4f:28:d7:fe:bd:01:a8:dc:be:d5:d1:67:49:68:af:95:69:87:
fc:30:08:fe:13:1b:19:e1:ad:c0:b3:15:67:e0:94:f9:11:58:
6f:25:b3:2b:75:49:2a:48:91:7a:02:6d:f4:ac:d9:09:84:81:
ef:ea:51:bb:69:42:fe:54:16:5b:fa:33:d3:b2:33:71:87:f1:
b8:77:8b:bd:61:fa:48:fa:0b:b6:77:a5:fd:87:f7:97:04:c4:
4f:70:1f:b1:68:5b:e1:49:17:0f:2b:63:dc:e9:81:66:03:96:
59:7a:d4:ec:94:66:47:5d:68:52:e5:26:49:c7:76:d6:6a:d4:
d3:95:2c:83:75:a5:6d:62:e2:bf:24:3b:9d:a6:67:92:00:06:
a6:15:c4:c2:f4:8c:fd:2e:42:40:eb:87:a4:bb:fa:8e:82:06:
ae:e2:0b:7b:00:ac:da:c4:66:3c:fe:d4:07:94:3d:ac:8c:d4:
d2:b4:82:85:fe:a5:b2:6d:6f:0a:a8:61:55:36:9d:a9:3b:d3:
50:0f:24:00:ae:89:35:6e:11:7c:5d:18:46:a6:2c:ac:5d:35:
dd:51:39:d7:4f:10:18:8a:ad:02:5a:8b:97:c3:9c:78:57:43:
b7:67:a5:90:6f:2a:74:41:e5:64:bc:2e:32:9a:cb:27:2d:18:
46:90:8f:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZjhGyryw6kYgZDkUMn0+uRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwODI1MTIwMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJjNDU4ZWJkZDNhMzNlNzViNTNhYzI4MzIyNWM2N2Q0NGU0YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxlYbTaimwDXLLVA850UHvgjS2jD
9XEy2Ymycwj28VFLV836l5zsvAGEMNu8Wuy+8Z2EIoXQd63VYRj6j4SkiUNUK2cZ
TEQE7uWfVciJzm8qkpFsVKn5KVMu+68m/X/q4R6+cv9CPZRpkU1+fJaQx+HjJdos
YJq5A48V9nNLQLQE5TlIFUmsmNIOLTjawPFgA5R4VSeXulf7y/Frs6j6wSW6iZIF
J8JlldgjEphXSlrspeoWNfTckvp/UVo1xudeoT5/dcG4QIo7GCQZuy55a2CiVipU
ElH/62SCPoDhtXiref+EVMkKmatt2DGzfrnbO0R5rHcV9VsGI9a8tF+WJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAcsRY6906M+dbU6woMiXGfUTkw3MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvQnl4RmpyM1RvejUxdFRyQ2d5SmNaOVJPVERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhE7QAMF
ACoSZkAwDQYJKoZIhvcNAQELBQADggEBAE8o1/69AajcvtXRZ0lor5Vph/wwCP4T
GxnhrcCzFWfglPkRWG8lsyt1SSpIkXoCbfSs2QmEge/qUbtpQv5UFlv6M9OyM3GH
8bh3i71h+kj6C7Z3pf2H95cExE9wH7FoW+FJFw8rY9zpgWYDlll61OyUZkddaFLl
JknHdtZq1NOVLIN1pW1i4r8kO52mZ5IABqYVxML0jP0uQkDrh6S7+o6CBq7iC3sA
rNrEZjz+1AeUPayM1NK0goX+pbJtbwqoYVU2nak701APJACuiTVuEXxdGEamLKxd
Nd1ROddPEBiKrQJai5fDnHhXQ7dnpZBvKnRB5WS8LjKayyctGEaQj+I=
-----END CERTIFICATE-----
Generated at Mon Sep 8 09:35:54 2025 by rpki-client