Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/bJ4WgMEpCfnDDA9ZEvHl9_IY5zY.roa
File: bJ4WgMEpCfnDDA9ZEvHl9_IY5zY.roa (raw, json)
Hash identifier: eXgJieZE3zQmk5+aVAZFWqNRTHs/nG2Q1+T1bjyEYy4=
Subject key identifier: 6C:9E:16:80:C1:29:09:F9:C3:0C:0F:59:12:F1:E5:F7:F2:18:E7:36
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 0198AADBBD17B29189F9665D079FD5B9DD64
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/bJ4WgMEpCfnDDA9ZEvHl9_IY5zY.roa
Signing time: Thu 14 Aug 2025 23:13:04 +0000
ROA not before: Thu 14 Aug 2025 23:13:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a03:eec0:3701::/48 maxlen: 48
2a03:eec0:3702::/48 maxlen: 48
2a03:eec0:3703::/48 maxlen: 48
2a03:eec0:3704::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 23:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:aa:db:bd:17:b2:91:89:f9:66:5d:07:9f:d5:b9:dd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Aug 14 23:13:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c9e1680c12909f9c30c0f5912f1e5f7f218e736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:d0:ec:73:da:e3:18:52:c8:7a:16:a9:fb:
a0:92:69:79:cf:b0:4c:9b:e2:30:f2:04:15:c9:f8:
21:76:0c:60:dc:ee:b6:72:28:4a:d4:5d:b1:83:a0:
6d:2c:5b:5f:10:86:1c:7c:83:ef:78:5c:7e:c6:a7:
f6:5a:4e:40:e2:3e:e4:43:b5:a7:ea:29:f5:db:ba:
0d:a8:46:81:a1:19:26:7d:8c:8b:9d:8c:37:5c:33:
4e:fa:d8:f2:d7:e7:eb:e5:6b:04:e2:84:bd:cb:79:
02:9a:47:3d:fb:df:ba:84:63:7d:e8:b8:b4:de:6c:
de:38:f8:2d:b7:a1:93:28:99:5a:55:fb:f1:6a:a7:
42:0a:61:79:8a:b1:f1:1f:9d:01:62:9a:0b:2d:4d:
77:95:6c:11:b6:c2:35:0f:b7:92:8c:c2:12:15:16:
f6:e1:d4:cd:9a:86:92:67:36:1e:34:24:0c:9f:8d:
e6:96:9e:c9:4e:d2:ce:91:e0:94:58:0e:ed:f7:f4:
9d:da:cd:ca:5b:27:e5:ca:01:3b:84:d0:62:14:40:
16:0a:f1:38:f2:ee:3d:71:c5:58:97:75:e9:99:61:
e5:0a:af:73:2b:19:f6:44:94:93:aa:d2:7c:fc:03:
c4:b3:58:d7:96:4a:6b:cd:d8:78:60:ba:9c:31:58:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9E:16:80:C1:29:09:F9:C3:0C:0F:59:12:F1:E5:F7:F2:18:E7:36
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/bJ4WgMEpCfnDDA9ZEvHl9_IY5zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:eec0:3701::-2a03:eec0:3704:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:3f:bc:e3:87:7c:a1:ec:8b:f7:4b:66:7b:ae:c1:4a:35:b1:
e6:97:c0:72:f7:cc:76:53:cd:a1:a9:4a:82:e1:c8:ca:92:cb:
31:12:de:5f:38:63:ee:b8:1d:17:ae:d1:06:d3:9a:69:31:cc:
85:f5:38:1e:e7:40:6b:65:5c:20:0e:96:d3:ba:c5:23:07:65:
30:65:75:08:e1:71:01:4d:23:ea:e7:7a:d4:22:53:6f:3d:f3:
e2:4f:c9:83:b7:7e:dc:4b:1c:3e:11:86:fb:fd:d5:59:e0:ac:
4f:2c:bb:d9:27:54:77:b3:f3:41:6b:80:4d:42:c1:a7:96:e8:
6e:f4:3a:8c:a2:5f:69:a8:67:9d:3a:b3:b6:11:2f:62:eb:8c:
1d:df:cd:8f:6b:92:88:25:46:97:91:02:20:3d:ea:a5:94:5e:
9e:f9:c3:62:f6:9e:21:df:33:24:94:3f:f0:fa:61:d4:a5:86:
3f:bd:8d:92:ae:d3:24:2a:f8:8a:22:72:8b:45:e9:5b:03:14:
7b:db:00:fa:8d:b2:33:a9:1c:28:c4:30:03:c5:7a:7c:16:ea:
be:6a:fc:cd:dd:a1:bc:b2:99:04:04:50:e5:e1:35:e1:63:50:
a8:c5:55:dd:72:c0:40:3c:e9:eb:ef:af:cb:2b:66:95:fc:86:
38:8e:fe:30
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZiq270XspGJ+WZdB5/Vud1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwODE0MjMxMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzllMTY4MGMxMjkwOWY5YzMwYzBmNTkxMmYxZTVmN2YyMThlNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6LQ7HPa4xhSyHoWqfugkml5z7BM
m+Iw8gQVyfghdgxg3O62cihK1F2xg6BtLFtfEIYcfIPveFx+xqf2Wk5A4j7kQ7Wn
6in127oNqEaBoRkmfYyLnYw3XDNO+tjy1+fr5WsE4oS9y3kCmkc9+9+6hGN96Li0
3mzeOPgtt6GTKJlaVfvxaqdCCmF5irHxH50BYpoLLU13lWwRtsI1D7eSjMISFRb2
4dTNmoaSZzYeNCQMn43mlp7JTtLOkeCUWA7t9/Sd2s3KWyflygE7hNBiFEAWCvE4
8u49ccVYl3XpmWHlCq9zKxn2RJSTqtJ8/APEs1jXlkprzdh4YLqcMVhEFwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGyeFoDBKQn5wwwPWRLx5ffyGOc2MB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvYko0V2dNRXBDZm5EREE5WkV2SGw5X0lZNXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqA+7A
NwEDBwAqA+7ANwQwDQYJKoZIhvcNAQELBQADggEBADo/vOOHfKHsi/dLZnuuwUo1
seaXwHL3zHZTzaGpSoLhyMqSyzES3l84Y+64HReu0QbTmmkxzIX1OB7nQGtlXCAO
ltO6xSMHZTBldQjhcQFNI+rnetQiU2898+JPyYO3ftxLHD4Rhvv91VngrE8su9kn
VHez80FrgE1CwaeW6G70OoyiX2moZ506s7YRL2LrjB3fzY9rkoglRpeRAiA96qWU
Xp75w2L2niHfMySUP/D6YdSlhj+9jZKu0yQq+IoicotF6VsDFHvbAPqNsjOpHCjE
MAPFenwW6r5q/M3dobyymQQEUOXhNeFjUKjFVd1ywEA86evvr8srZpX8hjiO/jA=
-----END CERTIFICATE-----
Generated at Wed Aug 20 08:42:14 2025 by rpki-client