Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ax2pvl7jVABHP6Lsn22LuaivHB8.roa
File: Ax2pvl7jVABHP6Lsn22LuaivHB8.roa (raw, json)
Hash identifier: bICFtod++VcC6hNS+ZVqxXgUtgSS0V3VxourVeq8YN0=
Subject key identifier: 03:1D:A9:BE:5E:E3:54:00:47:3F:A2:EC:9F:6D:8B:B9:A8:AF:1C:1F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01991B26B1236B5F3A120A427BF26C881F14
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ax2pvl7jVABHP6Lsn22LuaivHB8.roa
Signing time: Fri 05 Sep 2025 18:32:24 +0000
ROA not before: Fri 05 Sep 2025 18:32:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214549
IP address blocks: 2a0c:b641:750::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1b:26:b1:23:6b:5f:3a:12:0a:42:7b:f2:6c:88:1f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Sep 5 18:32:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=031da9be5ee35400473fa2ec9f6d8bb9a8af1c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:a9:33:15:82:45:77:2c:d5:21:4b:63:68:
4c:3a:23:c4:1d:e0:45:6f:1a:05:3d:9b:59:b3:1d:
c5:1d:23:30:a7:e8:7a:7d:d4:04:69:61:d7:9a:09:
f3:2d:09:30:74:a8:b8:73:9e:ed:12:0d:05:d7:45:
15:6f:ea:a1:2b:41:58:0b:2a:f6:1c:4e:54:86:18:
b8:e5:bb:4f:e4:6d:f2:20:05:04:90:eb:c9:b3:db:
75:79:13:bc:f6:08:7d:e8:bd:f6:e5:ec:e1:4a:b8:
31:b1:6e:e3:12:c3:5b:17:7a:b2:8d:5e:5a:0c:1a:
cb:bf:a3:39:83:a0:5b:75:ae:57:9f:5c:d9:43:76:
c9:55:1c:32:30:10:a6:6e:e5:a1:14:f9:26:35:00:
9d:80:8a:58:64:64:4c:fa:4f:f9:d5:f0:c2:6b:9e:
3b:5a:9a:c5:34:96:10:fa:31:c2:41:93:6a:82:e0:
44:75:bd:5f:54:57:ad:76:bc:cb:fa:58:27:35:b4:
6d:34:72:01:9c:ab:d5:2a:d1:08:eb:31:47:55:f9:
3f:c9:9e:0d:bb:58:9d:76:04:37:9b:52:c2:53:de:
cf:3e:06:8c:2b:07:ed:85:c1:5a:c1:23:1b:04:eb:
ee:f5:53:35:4d:e7:87:ae:49:9b:39:93:e2:94:0d:
81:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1D:A9:BE:5E:E3:54:00:47:3F:A2:EC:9F:6D:8B:B9:A8:AF:1C:1F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ax2pvl7jVABHP6Lsn22LuaivHB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:750::/44
Signature Algorithm: sha256WithRSAEncryption
43:60:c1:0b:73:5d:76:82:43:df:e3:96:2e:96:aa:e1:d4:85:
34:60:73:eb:25:92:f4:64:af:bf:d4:a5:57:7f:fb:92:fa:d7:
c8:56:23:53:74:3a:37:bb:6b:be:49:42:9f:92:49:67:22:f7:
90:d4:ca:7b:ab:8f:d8:26:29:01:b7:59:1a:54:b4:60:c9:53:
f9:d8:bb:cd:a7:ea:1f:b9:28:97:d5:5d:6f:d9:4c:8a:0e:ac:
be:8d:9f:c6:ba:9a:68:c8:8a:b6:d3:2d:c5:ff:b7:e1:32:f7:
89:6f:76:84:3c:9d:f0:f2:e9:0e:c1:be:82:3b:0b:27:d3:0b:
e8:a4:c0:a9:7d:bf:c6:9e:a4:04:d1:6a:7c:c6:7c:e0:29:a2:
d2:4f:01:68:a8:50:73:c3:e4:c4:ef:97:60:ce:31:36:5a:72:
2b:92:12:00:ac:9a:4f:87:9f:26:86:17:81:61:8b:fa:89:26:
8b:b2:47:ad:f5:a6:ae:a6:b5:8f:22:0d:4e:68:c5:c2:c0:5c:
26:48:27:83:c3:f0:3e:31:46:f3:b0:57:2a:38:7c:01:a1:2c:
ea:81:44:2f:89:13:57:5c:02:29:fd:af:f1:44:70:ad:b6:c5:
b3:72:3c:60:ad:a6:00:9e:f4:8a:83:80:1c:36:11:ee:44:95:
e9:a6:d4:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZkbJrEja186EgpCe/JsiB8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwOTA1MTgzMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFkYTliZTVlZTM1NDAwNDczZmEyZWM5ZjZkOGJiOWE4YWYxYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl52pMxWCRXcs1SFLY2hMOiPEHeBF
bxoFPZtZsx3FHSMwp+h6fdQEaWHXmgnzLQkwdKi4c57tEg0F10UVb+qhK0FYCyr2
HE5Uhhi45btP5G3yIAUEkOvJs9t1eRO89gh96L325ezhSrgxsW7jEsNbF3qyjV5a
DBrLv6M5g6Bbda5Xn1zZQ3bJVRwyMBCmbuWhFPkmNQCdgIpYZGRM+k/51fDCa547
WprFNJYQ+jHCQZNqguBEdb1fVFetdrzL+lgnNbRtNHIBnKvVKtEI6zFHVfk/yZ4N
u1iddgQ3m1LCU97PPgaMKwfthcFawSMbBOvu9VM1TeeHrkmbOZPilA2BFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAMdqb5e41QARz+i7J9ti7morxwfMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvQXgycHZsN2pWQUJIUDZMc24yMkx1YWl2SEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBDYMELc112gkPf45Yulqrh1IU0YHPrJZL0ZK+/
1KVXf/uS+tfIViNTdDo3u2u+SUKfkklnIveQ1Mp7q4/YJikBt1kaVLRgyVP52LvN
p+ofuSiX1V1v2UyKDqy+jZ/GuppoyIq20y3F/7fhMveJb3aEPJ3w8ukOwb6COwsn
0wvopMCpfb/GnqQE0Wp8xnzgKaLSTwFoqFBzw+TE75dgzjE2WnIrkhIArJpPh58m
hheBYYv6iSaLsket9aauprWPIg1OaMXCwFwmSCeDw/A+MUbzsFcqOHwBoSzqgUQv
iRNXXAIp/a/xRHCttsWzcjxgraYAnvSKg4AcNhHuRJXpptQy
-----END CERTIFICATE-----
Generated at Tue Sep 9 05:23:55 2025 by rpki-client