Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/IdU9T1FkI4A5QGWSCJhjbXvJUH8.roa
File: IdU9T1FkI4A5QGWSCJhjbXvJUH8.roa (raw, json)
Hash identifier: oWd/kpimW/XKu4I8ZbE0KWw8XTvLyveRYZw0B6kosK4=
Subject key identifier: 21:D5:3D:4F:51:64:23:80:39:40:65:92:08:98:63:6D:7B:C9:50:7F
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 0198E1457DBD9BD1EDFF54F6DA74ADC52EE7
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/IdU9T1FkI4A5QGWSCJhjbXvJUH8.roa
Signing time: Mon 25 Aug 2025 12:48:04 +0000
ROA not before: Mon 25 Aug 2025 12:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 2a13:7505:3::/48 maxlen: 48
2a13:7505:4::/48 maxlen: 48
2a13:7505:8004::/48 maxlen: 48
2a13:7506:9004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Aug 2025 22:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:45:7d:bd:9b:d1:ed:ff:54:f6:da:74:ad:c5:2e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Aug 25 12:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21d53d4f51642380394065920898636d7bc9507f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:07:10:00:9b:67:04:33:23:72:fd:ad:02:
a6:9d:62:6c:9c:37:6d:d3:02:ac:e9:5a:56:63:7b:
78:f1:2c:39:05:50:93:e4:ad:30:77:44:76:55:41:
2e:fc:b4:ab:41:4c:28:c4:4c:35:1e:d1:cf:de:05:
95:9c:8e:b1:e9:f0:8f:66:c2:4a:2f:48:5b:0c:1d:
4b:ce:58:fc:a9:b5:dd:d5:96:ff:9b:a4:1a:ac:8c:
34:34:19:9b:b1:ed:fd:5f:01:2a:1e:b3:c6:14:e8:
d7:fb:d4:f2:4b:f5:1d:9c:2c:82:75:c9:68:ef:17:
7c:78:68:b8:12:22:24:f8:a1:15:39:e8:b1:58:14:
ef:c6:df:d6:a5:ac:43:c0:69:87:0c:a0:7a:37:9a:
7e:fe:2a:0f:30:91:62:ce:0b:14:d7:bf:f5:1a:ae:
06:02:d6:47:fb:79:cc:6d:51:31:3c:79:6f:55:14:
e3:d4:c1:80:13:24:1c:a0:24:d2:ae:17:ff:25:4c:
87:09:76:6b:eb:66:b7:19:9c:ea:09:fa:c3:50:0f:
32:c0:cf:34:94:cc:6e:86:90:f2:56:d0:39:a8:ed:
0c:d4:3f:3d:66:5d:4a:7b:1e:d8:f9:4b:fb:6c:e7:
1f:4d:f2:91:11:0d:97:6d:64:de:a2:f2:ba:fa:f5:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D5:3D:4F:51:64:23:80:39:40:65:92:08:98:63:6D:7B:C9:50:7F
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/IdU9T1FkI4A5QGWSCJhjbXvJUH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7505:3::-2a13:7505:4:ffff:ffff:ffff:ffff:ffff
2a13:7505:8004::/48
2a13:7506:9004::/48
Signature Algorithm: sha256WithRSAEncryption
0e:47:67:d0:d3:b5:00:23:0d:dc:fb:e5:91:d0:a5:86:9d:9f:
12:ec:20:09:80:c4:54:aa:2a:d6:e3:8f:77:96:b1:ca:39:05:
a2:e7:5a:64:de:80:c2:f2:58:64:24:f7:3e:ec:e3:3e:52:ec:
6a:1c:6c:6d:ca:4e:95:6e:67:e5:77:07:df:66:ed:5e:66:a1:
a8:6e:b5:f9:3f:83:4e:ee:1b:dc:3d:e9:05:7e:fe:59:ef:10:
65:b3:58:11:0f:67:6e:d4:37:d1:08:1e:72:92:06:8a:f7:29:
26:4f:cf:46:b4:c4:af:cd:57:3f:12:71:f0:04:00:49:9c:1f:
c8:7e:5c:20:fe:12:ec:3d:8a:88:a6:3e:b3:af:39:25:c3:48:
ce:cd:b4:de:2d:bf:8b:7b:90:ff:09:6e:fe:e6:64:2b:3b:6c:
89:c6:9b:ea:38:b3:96:52:50:cd:72:c0:cd:35:97:12:73:31:
19:97:eb:b5:62:c0:04:80:cc:b5:44:a9:f1:a3:99:6f:30:3f:
b9:c5:b6:56:f0:94:46:5f:39:a8:87:45:2b:b0:85:99:66:6e:
96:b7:22:dc:1a:54:93:5e:47:f5:4b:24:24:d8:28:a6:c2:d3:
a9:6e:0e:b9:bb:32:0a:b4:a0:c9:0c:89:cb:db:85:27:fe:61:
f5:05:75:6b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZjhRX29m9Ht/1T22nStxS7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjUwODI1MTI0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ1M2Q0ZjUxNjQyMzgwMzk0MDY1OTIwODk4NjM2ZDdiYzk1MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1UHEACbZwQzI3L9rQKmnWJsnDdt
0wKs6VpWY3t48Sw5BVCT5K0wd0R2VUEu/LSrQUwoxEw1HtHP3gWVnI6x6fCPZsJK
L0hbDB1Lzlj8qbXd1Zb/m6QarIw0NBmbse39XwEqHrPGFOjX+9TyS/UdnCyCdclo
7xd8eGi4EiIk+KEVOeixWBTvxt/WpaxDwGmHDKB6N5p+/ioPMJFizgsU17/1Gq4G
AtZH+3nMbVExPHlvVRTj1MGAEyQcoCTSrhf/JUyHCXZr62a3GZzqCfrDUA8ywM80
lMxuhpDyVtA5qO0M1D89Zl1Kex7Y+Uv7bOcfTfKREQ2XbWTeovK6+vXIBwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCHVPU9RZCOAOUBlkgiYY217yVB/MB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvSWRVOVQxRmtJNEE1UUdXU0NKaGpiWHZKVUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwAqE3UF
AAMDBwAqE3UFAAQDBwAqE3UFgAQDBwAqE3UGkAQwDQYJKoZIhvcNAQELBQADggEB
AA5HZ9DTtQAjDdz75ZHQpYadnxLsIAmAxFSqKtbjj3eWsco5BaLnWmTegMLyWGQk
9z7s4z5S7GocbG3KTpVuZ+V3B99m7V5moahutfk/g07uG9w96QV+/lnvEGWzWBEP
Z27UN9EIHnKSBor3KSZPz0a0xK/NVz8ScfAEAEmcH8h+XCD+Euw9ioimPrOvOSXD
SM7NtN4tv4t7kP8Jbv7mZCs7bInGm+o4s5ZSUM1ywM01lxJzMRmX67ViwASAzLVE
qfGjmW8wP7nFtlbwlEZfOaiHRSuwhZlmbpa3ItwaVJNeR/VLJCTYKKbC06luDrm7
Mgq0oMkMicvbhSf+YfUFdWs=
-----END CERTIFICATE-----
Generated at Wed Aug 27 01:47:09 2025 by rpki-client