Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pUiTftHtLJThXW7iYBmLM9nPjtk.roa
File: pUiTftHtLJThXW7iYBmLM9nPjtk.roa (raw, json)
Hash identifier: DobEhFeM0/PnDTQSj7bsctOpFUAuyWbpKx0kf2ymHWY=
Subject key identifier: A5:48:93:7E:D1:ED:2C:94:E1:5D:6E:E2:60:19:8B:33:D9:CF:8E:D9
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01972FDE6B06FD1543B9CC8745348AF2A93F
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pUiTftHtLJThXW7iYBmLM9nPjtk.roa
Signing time: Mon 02 Jun 2025 08:59:54 +0000
ROA not before: Mon 02 Jun 2025 08:59:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a06:b440::/29 maxlen: 32
2a0e:7780::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:3b40::/29 maxlen: 32
2a11:dcc0::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:de:6b:06:fd:15:43:b9:cc:87:45:34:8a:f2:a9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jun 2 08:59:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a548937ed1ed2c94e15d6ee260198b33d9cf8ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e9:08:c2:0f:17:6b:d7:63:16:cc:bb:39:15:
bf:93:31:27:e2:e2:5f:26:01:49:94:8d:60:55:8e:
fe:ee:55:be:89:c0:8f:e4:3b:83:00:64:34:01:8f:
d7:d2:46:48:c2:4b:f5:52:f4:f6:19:e1:9f:18:3e:
9c:39:51:b2:b7:80:ba:0e:79:a1:22:6c:47:0c:55:
df:47:f2:56:11:71:6a:c3:1f:8e:71:ac:4d:16:e5:
45:9d:72:ee:f4:b2:58:50:fa:17:2c:44:f2:0f:01:
c2:af:5e:29:1b:8d:16:81:77:38:f7:9f:10:f3:69:
51:aa:0b:25:0d:40:a6:5e:aa:40:a9:e5:c6:6c:7d:
a7:5a:b6:94:e1:38:15:9c:73:9a:79:77:9d:db:1b:
57:8b:2b:4e:4c:bd:34:4a:46:7b:a1:cd:d6:78:50:
72:6e:1e:0a:dc:48:5a:94:5a:01:58:6e:2e:d0:34:
4e:40:0d:4f:3a:5b:92:ae:78:19:a3:7e:ba:40:45:
5b:87:ae:43:45:a5:60:c8:ad:ab:d0:fc:30:47:c4:
d7:6e:3c:35:8e:a3:cd:09:40:db:6c:ef:a9:f0:c3:
a8:2d:b4:cc:51:d9:27:e1:68:10:2c:40:31:fb:8c:
34:c3:9f:de:d2:35:11:fa:9b:bf:80:9c:23:f4:fd:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:48:93:7E:D1:ED:2C:94:E1:5D:6E:E2:60:19:8B:33:D9:CF:8E:D9
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pUiTftHtLJThXW7iYBmLM9nPjtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0e:7780::/29
2a0f:d480::/29
2a11:3b40::/29
2a11:dcc0::/29
2a12:440::/29
2a12:6640::/29
2a12:6b80::/29
2a12:f0c0::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:c0::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:8b:ef:6a:09:4b:d2:f7:9c:26:5f:b3:03:3b:12:3e:24:15:
a3:72:52:bd:53:f6:5e:94:e6:ea:b6:c6:59:78:ef:a6:14:2b:
9d:a8:11:d3:06:44:9f:07:32:7d:c9:d0:c2:39:b0:d4:d0:ef:
cf:3f:9e:73:f0:2f:dd:b1:cf:13:8d:9d:10:0c:cd:ed:e2:cb:
d8:48:53:17:3b:f8:6c:db:66:73:2d:1f:63:9d:42:93:3f:74:
f6:43:cf:62:1f:57:21:19:a6:a8:0f:e4:d5:91:df:42:02:b7:
bd:48:71:a6:55:79:13:c8:96:7f:0d:fb:89:85:e0:84:43:d3:
d6:4b:ce:4e:57:1a:3b:10:ae:f8:67:50:24:b4:51:f5:cc:af:
70:47:15:0b:26:49:b2:c5:b6:78:28:9b:eb:4f:e9:e2:cb:a6:
41:20:d6:17:48:df:ad:2d:75:e6:68:e1:85:85:24:56:c5:28:
7e:b5:74:10:b6:d8:18:0f:43:74:ad:ae:aa:8c:79:68:32:b0:
98:44:4b:73:c4:3c:5f:f1:02:bb:88:39:0f:11:e8:73:94:fb:
4b:60:aa:fa:77:4c:ff:bf:5f:1f:6c:b6:20:94:38:64:4f:c4:
0e:37:d1:87:58:d8:59:0b:55:9c:a7:86:54:59:fc:0e:34:ec:
07:eb:35:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZcv3msG/RVDucyHRTSK8qk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNjAyMDg1OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ4OTM3ZWQxZWQyYzk0ZTE1ZDZlZTI2MDE5OGIzM2Q5Y2Y4ZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtekIwg8Xa9djFsy7ORW/kzEn4uJf
JgFJlI1gVY7+7lW+icCP5DuDAGQ0AY/X0kZIwkv1UvT2GeGfGD6cOVGyt4C6Dnmh
ImxHDFXfR/JWEXFqwx+OcaxNFuVFnXLu9LJYUPoXLETyDwHCr14pG40WgXc4958Q
82lRqgslDUCmXqpAqeXGbH2nWraU4TgVnHOaeXed2xtXiytOTL00SkZ7oc3WeFBy
bh4K3EhalFoBWG4u0DROQA1POluSrngZo366QEVbh65DRaVgyK2r0PwwR8TXbjw1
jqPNCUDbbO+p8MOoLbTMUdkn4WgQLEAx+4w0w5/e0jUR+pu/gJwj9P3RgwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFKVIk37R7SyU4V1u4mAZizPZz47ZMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvcFVpVGZ0SHRMSlRoWFc3aVlCbUxNOW5QanRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFAyoGtEAD
BQMqDneAAwUDKg/UgAMFAyoRO0ADBQMqEdzAAwUDKhIEQAMFAyoSZkADBQMqEmuA
AwUDKhLwwAMFAyoTugADBQMqE9rAAwUDKhQAwAMFAyoUAcADBQMqFAgAAwUDKhQP
QDANBgkqhkiG9w0BAQsFAAOCAQEAnovvaglL0vecJl+zAzsSPiQVo3JSvVP2XpTm
6rbGWXjvphQrnagR0wZEnwcyfcnQwjmw1NDvzz+ec/Av3bHPE42dEAzN7eLL2EhT
Fzv4bNtmcy0fY51Ckz909kPPYh9XIRmmqA/k1ZHfQgK3vUhxplV5E8iWfw37iYXg
hEPT1kvOTlcaOxCu+GdQJLRR9cyvcEcVCyZJssW2eCib60/p4sumQSDWF0jfrS11
5mjhhYUkVsUofrV0ELbYGA9DdK2uqox5aDKwmERLc8Q8X/ECu4g5DxHoc5T7S2Cq
+ndM/79fH2y2IJQ4ZE/EDjfRh1jYWQtVnKeGVFn8DjTsB+s1ug==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:11:56 2025 by rpki-client