Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CpniMfp11nQOcQT4LIwu6QX09lw.roa
File: CpniMfp11nQOcQT4LIwu6QX09lw.roa (raw, json)
Hash identifier: V3yrgH1/k4CuSXyHSBWhK4MXfHIiOR+IHrPr7MmTYh4=
Subject key identifier: 0A:99:E2:31:FA:75:D6:74:0E:71:04:F8:2C:8C:2E:E9:05:F4:F6:5C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01977DBD76E5D3FD672BEA342F0C388B6ECD
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CpniMfp11nQOcQT4LIwu6QX09lw.roa
Signing time: Tue 17 Jun 2025 11:54:18 +0000
ROA not before: Tue 17 Jun 2025 11:54:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204868
IP address blocks: 2a13:c440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:bd:76:e5:d3:fd:67:2b:ea:34:2f:0c:38:8b:6e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 17 11:54:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a99e231fa75d6740e7104f82c8c2ee905f4f65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:e3:5f:65:33:9d:94:e5:bb:32:65:96:70:
d9:dd:c6:a8:5e:91:c4:e7:21:8f:69:fe:a5:c8:6e:
bc:39:41:31:dd:ca:26:63:37:cc:27:3c:52:b0:70:
65:df:85:9d:ce:7a:ff:8d:ba:71:b8:29:cb:d0:77:
42:97:df:55:cd:8f:52:9e:fd:c1:73:2c:f3:e0:e2:
03:7c:5b:57:72:e4:91:dc:6c:47:24:d7:a3:8f:2f:
80:40:32:9d:eb:c4:b6:76:b7:41:96:44:c8:c5:dd:
21:5c:9e:5f:26:92:4d:09:7d:eb:06:08:7b:f3:91:
1c:25:f7:dc:25:9a:1b:df:63:9d:49:32:9a:57:3e:
c2:18:0c:ec:e5:1a:1b:36:7d:5c:2f:f1:dd:e0:0d:
f1:80:11:0e:d7:e3:71:5a:07:c4:83:97:5a:1c:84:
31:f7:21:9d:04:a4:3b:9a:cd:9d:01:84:54:f9:57:
4f:14:48:96:cd:79:fe:14:de:b0:9f:b6:8f:48:8a:
dd:10:d2:d4:b0:dc:ef:6d:c8:b3:2f:6b:60:15:80:
5f:27:ce:c6:ad:3f:6f:ce:e7:69:92:02:d1:c8:79:
4b:d4:03:72:ee:2c:b8:a1:0e:b7:04:d6:ba:24:42:
ab:e6:d1:a4:27:38:11:19:7f:29:16:f3:3f:d1:d7:
7a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:99:E2:31:FA:75:D6:74:0E:71:04:F8:2C:8C:2E:E9:05:F4:F6:5C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CpniMfp11nQOcQT4LIwu6QX09lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c440::/32
Signature Algorithm: sha256WithRSAEncryption
c1:4d:44:34:ab:ed:42:b7:6c:1d:fc:4b:02:27:b4:e9:3e:b4:
3e:bb:77:02:7c:43:ea:e2:61:65:6f:1c:08:a1:f9:4f:a5:a0:
c3:df:63:8c:75:29:12:d2:db:7d:14:f5:12:0c:5d:d4:08:b7:
94:95:3c:75:48:2a:45:7e:06:2f:6c:5b:dd:4a:b0:6f:c7:6b:
07:25:ec:2a:1a:bc:cc:1c:28:0f:7e:a2:2f:ea:57:fe:6f:0d:
14:50:4d:5a:29:bd:8e:d1:f1:86:53:6d:8f:62:a9:6a:a7:7d:
0e:17:56:23:ba:0e:07:11:1e:e2:04:59:34:db:e0:35:d9:f0:
b2:b8:5c:08:b3:76:d6:39:c7:83:5d:be:f9:fd:5e:4e:78:a7:
bd:f9:f9:b7:18:99:7b:a2:f9:4d:27:fd:af:5f:1f:e1:fd:b5:
39:60:53:79:17:3f:19:19:f4:06:da:6d:ca:91:01:0c:47:99:
9b:e1:0f:00:bd:80:da:e2:c5:20:4c:a2:52:5d:83:07:db:46:
2f:bf:4b:cc:1c:6c:66:ca:8e:1a:61:b4:70:00:d0:5a:ea:b5:
fa:55:a5:67:f3:cd:a5:aa:37:8b:ea:9c:aa:85:e2:12:de:84:
93:6d:13:4b:48:90:ff:23:24:58:8e:63:e3:85:8b:04:96:b8:
d1:58:5c:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZd9vXbl0/1nK+o0Lww4i27NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNjE3MTE1NDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk5ZTIzMWZhNzVkNjc0MGU3MTA0ZjgyYzhjMmVlOTA1ZjRmNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurjX2UznZTluzJllnDZ3caoXpHE
5yGPaf6lyG68OUEx3comYzfMJzxSsHBl34Wdznr/jbpxuCnL0HdCl99VzY9Snv3B
cyzz4OIDfFtXcuSR3GxHJNejjy+AQDKd68S2drdBlkTIxd0hXJ5fJpJNCX3rBgh7
85EcJffcJZob32OdSTKaVz7CGAzs5RobNn1cL/Hd4A3xgBEO1+NxWgfEg5daHIQx
9yGdBKQ7ms2dAYRU+VdPFEiWzXn+FN6wn7aPSIrdENLUsNzvbcizL2tgFYBfJ87G
rT9vzudpkgLRyHlL1ANy7iy4oQ63BNa6JEKr5tGkJzgRGX8pFvM/0dd6kQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAqZ4jH6ddZ0DnEE+CyMLukF9PZcMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQ3BuaU1mcDExblFPY1FUNExJd3U2UVgwOWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPEQDAN
BgkqhkiG9w0BAQsFAAOCAQEAwU1ENKvtQrdsHfxLAie06T60Prt3AnxD6uJhZW8c
CKH5T6Wgw99jjHUpEtLbfRT1Egxd1Ai3lJU8dUgqRX4GL2xb3Uqwb8drByXsKhq8
zBwoD36iL+pX/m8NFFBNWim9jtHxhlNtj2Kpaqd9DhdWI7oOBxEe4gRZNNvgNdnw
srhcCLN21jnHg12++f1eTninvfn5txiZe6L5TSf9r18f4f21OWBTeRc/GRn0Btpt
ypEBDEeZm+EPAL2A2uLFIEyiUl2DB9tGL79LzBxsZsqOGmG0cADQWuq1+lWlZ/PN
pao3i+qcqoXiEt6Ek20TS0iQ/yMkWI5j44WLBJa40VhcgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:09:51 2025 by rpki-client