Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pcOsOCoBsuL7OjuzRuZAWMvl6mc.roa
File: pcOsOCoBsuL7OjuzRuZAWMvl6mc.roa (raw, json)
Hash identifier: +7ELHnUi27cewsZpM+owlK2DUPXW1s4Jgo5ehxXa18A=
Subject key identifier: A5:C3:AC:38:2A:01:B2:E2:FB:3A:3B:B3:46:E6:40:58:CB:E5:EA:67
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01977DBE9B267C7C12217DF676A05DE62F8E
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pcOsOCoBsuL7OjuzRuZAWMvl6mc.roa
Signing time: Tue 17 Jun 2025 11:55:32 +0000
ROA not before: Tue 17 Jun 2025 11:55:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215427
IP address blocks: 2a07:f580::/29 maxlen: 29
2a0d:38c0::/29 maxlen: 29
2a14:41c0::/29 maxlen: 29
2a14:4240::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:be:9b:26:7c:7c:12:21:7d:f6:76:a0:5d:e6:2f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 17 11:55:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5c3ac382a01b2e2fb3a3bb346e64058cbe5ea67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c4:54:56:6b:c2:d4:2c:a5:e4:bf:0c:ad:fb:
8f:40:0a:86:f8:39:0f:76:f3:5b:4a:1d:24:41:37:
16:be:c9:08:43:ab:e1:3f:3a:4d:23:83:54:04:a1:
28:52:39:c2:a3:81:7d:43:fd:9f:1e:20:d4:f2:2c:
86:8c:4d:7a:0a:62:3e:72:49:67:34:c3:e4:12:b0:
41:5d:0c:78:98:9f:13:d6:4b:bb:a9:9a:81:3b:f7:
d0:27:db:18:bd:60:31:64:61:29:c0:80:66:63:bd:
e0:73:cb:30:6f:32:a1:58:02:49:7d:99:e7:b8:e4:
10:6d:0a:d4:81:49:b6:20:21:79:3a:16:ba:2d:ed:
29:89:6e:a7:2b:a0:6b:83:ee:0c:1c:57:75:d2:c2:
9b:b3:2b:ef:54:98:50:e3:ba:8f:40:20:69:21:24:
13:2b:2c:78:5e:41:30:b0:76:1b:cf:7c:f3:a4:7c:
ed:45:ba:d9:af:4d:0b:af:d1:dc:e3:c9:ae:be:89:
43:85:4a:47:10:15:21:f1:47:e8:7a:1e:47:ad:67:
e3:d9:c3:e5:6a:68:38:25:06:28:3b:d6:ed:95:eb:
dd:66:d3:b1:9a:cc:f4:bd:3e:fd:56:6e:ee:73:aa:
31:72:58:7c:89:cd:60:30:45:a3:29:17:b2:a0:11:
77:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:AC:38:2A:01:B2:E2:FB:3A:3B:B3:46:E6:40:58:CB:E5:EA:67
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pcOsOCoBsuL7OjuzRuZAWMvl6mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f580::/29
2a0d:38c0::/29
2a14:41c0::/29
2a14:4240::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
70:59:f5:d2:cd:40:79:48:1b:4b:af:ca:97:6e:4c:c3:e1:fa:
c2:75:52:99:65:4b:8c:fa:fc:9e:33:5b:8b:f4:96:0c:d3:03:
a2:cc:3c:8f:a1:8e:d0:01:0c:0a:df:4e:75:ad:c2:a2:35:be:
e7:63:26:32:25:ac:dd:b6:49:8d:16:e6:f3:62:82:b4:ef:20:
47:25:c5:fb:58:ba:13:1f:a6:be:25:18:93:2a:cf:a3:37:b7:
9f:a0:9f:1f:ea:df:52:65:60:65:75:9b:a4:4a:d9:96:0e:36:
57:e6:c8:27:45:61:39:e0:6c:8d:83:f5:b8:5a:72:da:af:96:
4c:ba:8c:ca:93:d7:3a:2a:3a:99:55:92:f9:2c:9c:c1:ef:a1:
e0:a1:d0:7b:8e:c2:a4:50:c8:63:0b:bb:df:9e:30:90:65:15:
e7:c0:ec:05:7b:07:82:29:65:e5:c8:1b:91:5a:51:5a:56:14:
a1:82:8a:20:e4:bc:1f:c3:ad:56:07:9e:b2:1e:e4:cf:de:67:
d6:4f:37:7c:e5:2e:f5:3c:37:62:af:01:60:74:9f:1d:ae:59:
16:7c:44:f1:3b:79:12:0a:68:c9:92:14:6d:d1:9d:a5:6c:4d:
f9:2a:b5:e1:83:a8:50:f7:f2:b3:00:0b:52:f6:d6:80:94:b9:
e5:f0:5d:19
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZd9vpsmfHwSIX32dqBd5i+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNjE3MTE1NTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMzYWMzODJhMDFiMmUyZmIzYTNiYjM0NmU2NDA1OGNiZTVlYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sRUVmvC1Cyl5L8MrfuPQAqG+DkP
dvNbSh0kQTcWvskIQ6vhPzpNI4NUBKEoUjnCo4F9Q/2fHiDU8iyGjE16CmI+ckln
NMPkErBBXQx4mJ8T1ku7qZqBO/fQJ9sYvWAxZGEpwIBmY73gc8swbzKhWAJJfZnn
uOQQbQrUgUm2ICF5Oha6Le0piW6nK6Brg+4MHFd10sKbsyvvVJhQ47qPQCBpISQT
Kyx4XkEwsHYbz3zzpHztRbrZr00Lr9Hc48muvolDhUpHEBUh8Ufoeh5HrWfj2cPl
amg4JQYoO9btlevdZtOxmsz0vT79Vm7uc6oxclh8ic1gMEWjKReyoBF3lQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKXDrDgqAbLi+zo7s0bmQFjL5epnMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcGNPc09Db0JzdUw3T2p1elJ1WkFXTXZsNm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgf1gAMF
AyoNOMADBQMqFEHAAwUDKhRCQAMFAyoUYkAwDQYJKoZIhvcNAQELBQADggEBAHBZ
9dLNQHlIG0uvypduTMPh+sJ1UpllS4z6/J4zW4v0lgzTA6LMPI+hjtABDArfTnWt
wqI1vudjJjIlrN22SY0W5vNigrTvIEclxftYuhMfpr4lGJMqz6M3t5+gnx/q31Jl
YGV1m6RK2ZYONlfmyCdFYTngbI2D9bhactqvlky6jMqT1zoqOplVkvksnMHvoeCh
0HuOwqRQyGMLu9+eMJBlFefA7AV7B4IpZeXIG5FaUVpWFKGCiiDkvB/DrVYHnrIe
5M/eZ9ZPN3zlLvU8N2KvAWB0nx2uWRZ8RPE7eRIKaMmSFG3RnaVsTfkqteGDqFD3
8rMAC1L21oCUueXwXRk=
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:06:56 2025 by rpki-client