Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sarjUW333KumT_Bc6Qm6jBucFlY.roa
File: sarjUW333KumT_Bc6Qm6jBucFlY.roa (raw, json)
Hash identifier: NnkoHeOymSAOpX+vvoXnjnugbNX7UqshRlGbB3457gQ=
Subject key identifier: B1:AA:E3:51:6D:F7:DC:AB:A6:4F:F0:5C:E9:09:BA:8C:1B:9C:16:56
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01977DBF4F467B8A6095E5022B5D24581361
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sarjUW333KumT_Bc6Qm6jBucFlY.roa
Signing time: Tue 17 Jun 2025 11:56:18 +0000
ROA not before: Tue 17 Jun 2025 11:56:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206590
IP address blocks: 2a13:bb44::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:bf:4f:46:7b:8a:60:95:e5:02:2b:5d:24:58:13:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 17 11:56:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1aae3516df7dcaba64ff05ce909ba8c1b9c1656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:f9:03:ea:1b:29:4b:6f:8a:ed:e3:bb:8c:
06:2b:20:5e:ec:51:d7:92:59:b4:c7:3c:d1:15:91:
b8:49:fb:8a:1c:88:5b:5c:f6:87:12:b4:10:b6:a2:
da:b9:57:60:05:90:de:e4:f2:14:f4:0d:63:32:6c:
55:e5:fe:5f:0e:83:e8:72:30:16:7c:05:4e:5d:d8:
11:96:84:78:8c:a4:19:09:8b:c1:61:96:dc:a7:19:
de:4e:3c:a5:80:68:23:bc:e6:e4:6d:ff:ab:15:34:
9c:e6:32:9d:32:fb:ec:27:a0:27:2e:68:cd:12:da:
10:76:13:0f:5e:2d:95:4e:09:15:fb:02:70:ee:b4:
8d:bd:83:d2:02:b1:fd:a6:fd:18:ff:77:9b:21:c1:
9b:70:1d:d3:07:51:f5:e6:01:50:e7:41:fe:7e:7f:
c8:0f:32:ba:5a:6d:88:68:ac:58:74:21:33:a0:72:
c1:e2:9a:d7:3b:cf:26:c9:67:b4:11:ee:9e:e2:05:
79:e0:b9:db:30:8e:69:45:33:46:06:1b:40:76:78:
97:1f:d8:4f:7b:d1:39:27:91:15:bf:63:c9:5f:79:
ff:45:6f:88:2a:9a:5c:94:ad:cc:ea:e8:4b:b4:1b:
b2:0a:0b:92:b9:97:b9:0d:e6:5f:82:6d:ec:cf:d6:
97:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AA:E3:51:6D:F7:DC:AB:A6:4F:F0:5C:E9:09:BA:8C:1B:9C:16:56
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sarjUW333KumT_Bc6Qm6jBucFlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bb44::/32
Signature Algorithm: sha256WithRSAEncryption
68:91:1e:45:b2:d7:43:29:6b:6c:89:0e:d1:43:8e:2a:2e:8f:
7b:3d:6a:92:af:4f:64:df:4e:a8:8c:48:8a:61:42:46:74:b5:
9a:99:33:74:69:2a:5a:d2:0d:f0:fd:c6:8d:4b:9f:53:e5:5e:
1e:d2:58:9e:67:a5:69:31:14:ce:a4:ed:53:30:80:10:dd:04:
40:ae:d3:b2:c7:3a:32:05:81:6b:dd:3e:6f:e5:c0:4d:0e:4f:
05:35:42:66:a9:c1:f9:70:bf:48:71:9f:a2:51:75:ec:cd:73:
3f:e3:e7:8d:2d:2c:99:e9:98:29:8d:9b:3c:49:10:ce:14:4a:
28:3e:e9:64:e0:68:41:77:2d:fa:d5:44:50:de:0a:b4:86:8f:
26:04:98:dd:24:de:55:54:40:fd:84:db:7c:fb:9f:0c:f9:72:
26:a4:71:a8:ed:ad:08:a5:1c:7c:a4:ef:ad:97:23:40:5f:3c:
38:d6:11:9b:2a:78:03:dc:da:2c:6b:aa:85:14:b1:4f:b5:32:
53:e2:d1:86:94:9f:28:0b:b9:e4:a4:7d:89:fc:45:5c:00:39:
a8:49:11:18:27:c5:2d:ab:c1:75:51:ab:31:84:3e:b5:58:cb:
76:59:03:eb:c9:6b:ea:e1:5d:93:b0:af:58:4b:12:6e:ff:06:
04:3a:54:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZd9v09Ge4pgleUCK10kWBNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNjE3MTE1NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFhZTM1MTZkZjdkY2FiYTY0ZmYwNWNlOTA5YmE4YzFiOWMxNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4n5A+obKUtviu3ju4wGKyBe7FHX
klm0xzzRFZG4SfuKHIhbXPaHErQQtqLauVdgBZDe5PIU9A1jMmxV5f5fDoPocjAW
fAVOXdgRloR4jKQZCYvBYZbcpxneTjylgGgjvObkbf+rFTSc5jKdMvvsJ6AnLmjN
EtoQdhMPXi2VTgkV+wJw7rSNvYPSArH9pv0Y/3ebIcGbcB3TB1H15gFQ50H+fn/I
DzK6Wm2IaKxYdCEzoHLB4prXO88myWe0Ee6e4gV54LnbMI5pRTNGBhtAdniXH9hP
e9E5J5EVv2PJX3n/RW+IKppclK3M6uhLtBuyCguSuZe5DeZfgm3sz9aXWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLGq41Ft99yrpk/wXOkJuowbnBZWMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvc2FyalVXMzMzS3VtVF9CYzZRbTZqQnVjRmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhO7RDAN
BgkqhkiG9w0BAQsFAAOCAQEAaJEeRbLXQylrbIkO0UOOKi6Pez1qkq9PZN9OqIxI
imFCRnS1mpkzdGkqWtIN8P3GjUufU+VeHtJYnmelaTEUzqTtUzCAEN0EQK7Tssc6
MgWBa90+b+XATQ5PBTVCZqnB+XC/SHGfolF17M1zP+PnjS0smemYKY2bPEkQzhRK
KD7pZOBoQXct+tVEUN4KtIaPJgSY3STeVVRA/YTbfPufDPlyJqRxqO2tCKUcfKTv
rZcjQF88ONYRmyp4A9zaLGuqhRSxT7UyU+LRhpSfKAu55KR9ifxFXAA5qEkRGCfF
LavBdVGrMYQ+tVjLdlkD68lr6uFdk7CvWEsSbv8GBDpU/g==
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:07:04 2025 by rpki-client