Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/g9wtsh83VZmqSLspWJgKDT5jDR8.roa
File: g9wtsh83VZmqSLspWJgKDT5jDR8.roa (raw, json)
Hash identifier: W3VzdAS4AEqhwEHy+ukzR+B4rcc+b00vpXS6arbx5jw=
Subject key identifier: 83:DC:2D:B2:1F:37:55:99:AA:48:BB:29:58:98:0A:0D:3E:63:0D:1F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01971C80D7957492AA3ED94F668E6977D2F4
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/g9wtsh83VZmqSLspWJgKDT5jDR8.roa
Signing time: Thu 29 May 2025 14:44:55 +0000
ROA not before: Thu 29 May 2025 14:44:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 2a13:c3c0::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:80:d7:95:74:92:aa:3e:d9:4f:66:8e:69:77:d2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 29 14:44:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83dc2db21f375599aa48bb2958980a0d3e630d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:30:b8:70:9e:92:2e:47:03:ea:80:e6:4a:
38:49:20:58:9c:66:9b:36:79:d7:29:e2:44:b8:11:
67:c3:8a:7c:b4:7b:6c:a5:dc:5b:76:b8:9d:85:0b:
07:fc:e0:6a:60:d3:5d:01:86:ab:15:c1:cb:26:fa:
c9:1b:fa:c0:8e:31:27:4a:47:9a:21:dd:fe:2c:59:
41:35:95:eb:8a:45:4d:be:7c:90:87:39:05:e5:a2:
60:20:ac:85:24:6a:f1:eb:0f:d1:e7:cb:a4:00:6a:
47:0c:bd:4e:76:19:39:f4:39:d4:ff:d9:73:f7:bc:
c0:6d:a9:44:5f:fb:d1:62:32:30:b4:bb:27:4b:f2:
cd:75:51:82:a8:ef:4a:3a:e2:12:b2:c1:dd:18:07:
31:6b:53:a8:36:9c:d0:10:6e:a2:5e:6c:25:07:df:
2f:d9:e3:11:5b:a1:9f:af:4a:4d:75:ee:97:13:ea:
23:d6:72:9a:59:50:db:0b:e0:75:c9:6e:b7:69:5d:
71:6b:36:74:ff:4f:a9:37:5b:3d:2d:83:df:1f:0b:
7c:72:f6:b1:fd:94:e7:57:a5:c4:10:cf:e7:a4:be:
8c:77:3a:6a:84:66:69:28:f8:a3:bd:72:b6:38:7d:
29:e9:ff:60:81:5c:c3:33:13:57:37:04:bc:94:d1:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DC:2D:B2:1F:37:55:99:AA:48:BB:29:58:98:0A:0D:3E:63:0D:1F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/g9wtsh83VZmqSLspWJgKDT5jDR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c3c0::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:14:4d:cb:a4:07:f2:fe:2c:34:62:ed:d7:73:e3:23:26:c5:
f1:c9:19:ca:f2:a7:81:d3:19:95:1e:54:ea:56:52:54:47:4a:
a2:ab:8d:e0:65:f2:44:40:a8:17:5f:2a:70:f8:b3:2c:0d:fa:
c8:21:21:40:ff:45:cb:6e:ad:e2:a1:2b:d1:12:f2:7d:52:ac:
7f:83:fe:a2:92:b9:2b:01:8a:e4:70:09:a7:11:45:76:ce:7e:
3b:12:ac:e7:8f:93:cb:3f:ae:0e:6d:86:68:ce:86:a3:0c:5a:
a0:a5:4e:9c:6a:0f:38:44:14:a8:71:60:bb:f1:dc:be:34:72:
10:74:72:14:d5:44:1e:e0:33:e9:66:69:52:f5:9d:c2:fa:1d:
bf:ad:a5:50:5e:d8:42:c5:0d:3a:b0:38:22:94:3c:f7:c4:c9:
98:04:2c:3c:46:85:26:1a:70:d2:13:9a:dc:df:2b:20:bc:ae:
24:d5:d9:4b:76:d7:8c:cb:f6:ea:22:e4:87:e9:2e:62:bd:d1:
79:c1:c3:7d:34:6d:56:26:76:0b:60:ea:d3:13:22:30:88:14:
16:c1:dd:9e:0b:06:4e:9b:04:1d:b7:9c:9c:0d:05:ad:a7:33:
86:1f:86:dc:56:b0:b0:4f:39:80:be:93:06:53:d2:1a:68:ae:
28:b7:bd:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZccgNeVdJKqPtlPZo5pd9L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI5MTQ0NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RjMmRiMjFmMzc1NTk5YWE0OGJiMjk1ODk4MGEwZDNlNjMwZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB8wuHCeki5HA+qA5ko4SSBYnGab
NnnXKeJEuBFnw4p8tHtspdxbdridhQsH/OBqYNNdAYarFcHLJvrJG/rAjjEnSkea
Id3+LFlBNZXrikVNvnyQhzkF5aJgIKyFJGrx6w/R58ukAGpHDL1Odhk59DnU/9lz
97zAbalEX/vRYjIwtLsnS/LNdVGCqO9KOuISssHdGAcxa1OoNpzQEG6iXmwlB98v
2eMRW6Gfr0pNde6XE+oj1nKaWVDbC+B1yW63aV1xazZ0/0+pN1s9LYPfHwt8cvax
/ZTnV6XEEM/npL6MdzpqhGZpKPijvXK2OH0p6f9ggVzDMxNXNwS8lNHvHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIPcLbIfN1WZqki7KViYCg0+Yw0fMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZzl3dHNoODNWWm1xU0xzcFdKZ0tEVDVqRFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhPDwAMF
AyoUQsAwDQYJKoZIhvcNAQELBQADggEBAKoUTcukB/L+LDRi7ddz4yMmxfHJGcry
p4HTGZUeVOpWUlRHSqKrjeBl8kRAqBdfKnD4sywN+sghIUD/RctureKhK9ES8n1S
rH+D/qKSuSsBiuRwCacRRXbOfjsSrOePk8s/rg5thmjOhqMMWqClTpxqDzhEFKhx
YLvx3L40chB0chTVRB7gM+lmaVL1ncL6Hb+tpVBe2ELFDTqwOCKUPPfEyZgELDxG
hSYacNITmtzfKyC8riTV2Ut214zL9uoi5IfpLmK90XnBw300bVYmdgtg6tMTIjCI
FBbB3Z4LBk6bBB23nJwNBa2nM4YfhtxWsLBPOYC+kwZT0hporii3vZc=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:15:11 2025 by rpki-client