Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/omEKk6HfpuKW0m6N-9CapGLlA_o.roa
File: omEKk6HfpuKW0m6N-9CapGLlA_o.roa (raw, json)
Hash identifier: KyIBEH08U3tFJ8Ty4CJ5NL0S9/Sl8DxHoRzlmOSkNDs=
Subject key identifier: A2:61:0A:93:A1:DF:A6:E2:96:D2:6E:8D:FB:D0:9A:A4:62:E5:03:FA
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 0198E68AF93F42C8DE8408FB093A286657CE
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/omEKk6HfpuKW0m6N-9CapGLlA_o.roa
Signing time: Tue 26 Aug 2025 13:22:04 +0000
ROA not before: Tue 26 Aug 2025 13:22:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8309
IP address blocks: 2a13:7505:2::/48 maxlen: 48
2a13:7505:8002::/48 maxlen: 48
2a13:7505:8003::/48 maxlen: 48
2a13:7506:1002::/48 maxlen: 48
2a13:7506:9002::/48 maxlen: 48
2a13:7506:9003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Aug 2025 22:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e6:8a:f9:3f:42:c8:de:84:08:fb:09:3a:28:66:57:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Aug 26 13:22:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2610a93a1dfa6e296d26e8dfbd09aa462e503fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9e:6e:f5:a5:ce:c8:bd:f6:a9:02:e3:60:a1:
d2:cc:f2:a9:23:49:b7:25:8e:ce:42:87:a2:d2:be:
64:ce:c8:ae:56:e8:55:80:a6:aa:af:f8:36:50:4d:
5e:d9:c8:09:ce:ca:20:9c:ce:8b:80:c7:5e:7a:36:
57:3f:6b:46:c0:39:d4:c2:56:d4:3f:c5:6a:78:35:
ae:78:e7:52:b3:6a:93:8d:a8:99:b7:07:3e:bc:4d:
80:bc:8f:92:74:2b:97:a5:e4:e2:f4:e4:09:be:c7:
2f:9f:1a:11:3c:06:a2:ed:64:c1:68:57:c6:bb:83:
a6:24:45:5a:43:e7:8b:73:fb:0f:a8:9c:58:ca:9b:
ef:2e:54:9f:7c:1b:0e:ce:53:11:58:03:78:3a:fc:
e7:be:3c:01:e6:b6:3b:2d:cd:a4:b5:2e:96:14:be:
10:fa:91:71:09:21:ab:77:18:c4:5a:a0:fd:ed:01:
4c:d4:ec:93:66:c0:50:be:22:4b:c4:c6:9b:b4:e3:
55:fd:17:ce:be:ce:bf:33:7c:d4:72:cd:b7:fa:f7:
59:d1:64:d9:e2:2a:c2:d0:03:c6:66:d9:d0:2f:2b:
71:11:ae:44:7a:79:62:ec:f8:21:8a:f3:94:1b:6d:
06:3a:7c:3f:19:1d:14:65:1a:63:ba:5d:5e:7c:2b:
63:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:61:0A:93:A1:DF:A6:E2:96:D2:6E:8D:FB:D0:9A:A4:62:E5:03:FA
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/omEKk6HfpuKW0m6N-9CapGLlA_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7505:2::/48
2a13:7505:8002::/47
2a13:7506:1002::/48
2a13:7506:9002::/47
Signature Algorithm: sha256WithRSAEncryption
9c:5b:42:cc:78:09:7d:a8:e7:5b:52:1f:57:0a:3e:ed:75:59:
f2:2a:6b:ef:9a:9c:06:1b:1d:3c:37:95:94:35:05:c4:9c:0b:
e9:6a:d3:c8:c6:a5:a7:f9:70:dd:a3:e4:26:b2:c0:b6:d1:a1:
3d:12:73:62:38:09:85:33:45:96:06:75:b4:d3:6b:2a:7a:3c:
a2:f5:e1:35:8e:a6:97:38:a6:a1:4e:7d:fe:05:79:ef:b9:9f:
61:ce:e3:3f:b5:37:16:7e:be:ef:fb:cd:a5:df:cf:e2:6d:b1:
90:94:c4:0e:7d:a6:dd:ee:a6:b0:0e:4d:c4:c8:99:83:d9:36:
a5:70:b8:68:85:f2:59:1b:28:cd:6d:ac:a6:5a:86:42:ab:db:
7b:1f:5d:7b:1c:74:86:4f:82:82:43:27:17:66:e0:9f:cb:bc:
06:84:f0:77:e3:49:69:d4:e3:05:54:da:fe:fb:6a:7e:7f:bd:
80:91:0a:92:4b:13:07:7c:90:49:37:fc:8b:c6:66:d7:6d:ad:
c0:7c:ea:68:8e:a3:73:3d:6d:51:77:c5:c1:ab:62:12:50:47:
5a:fb:25:88:d2:5e:58:a4:67:84:03:2a:84:56:ab:f1:12:5e:
85:de:5b:c3:ec:f7:5f:b3:e9:3a:b9:33:81:21:9d:b1:4a:75:
65:51:bf:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZjmivk/QsjehAj7CTooZlfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjUwODI2MTMyMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjYxMGE5M2ExZGZhNmUyOTZkMjZlOGRmYmQwOWFhNDYyZTUwM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z5u9aXOyL32qQLjYKHSzPKpI0m3
JY7OQoei0r5kzsiuVuhVgKaqr/g2UE1e2cgJzsognM6LgMdeejZXP2tGwDnUwlbU
P8VqeDWueOdSs2qTjaiZtwc+vE2AvI+SdCuXpeTi9OQJvscvnxoRPAai7WTBaFfG
u4OmJEVaQ+eLc/sPqJxYypvvLlSffBsOzlMRWAN4OvznvjwB5rY7Lc2ktS6WFL4Q
+pFxCSGrdxjEWqD97QFM1OyTZsBQviJLxMabtONV/RfOvs6/M3zUcs23+vdZ0WTZ
4irC0APGZtnQLytxEa5Eenli7PghivOUG20GOnw/GR0UZRpjul1efCtj/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKJhCpOh36biltJujfvQmqRi5QP6MB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvb21FS2s2SGZwdUtXMG02Ti05Q2FwR0xsQV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKhN1BQAC
AwcBKhN1BYACAwcAKhN1BhACAwcBKhN1BpACMA0GCSqGSIb3DQEBCwUAA4IBAQCc
W0LMeAl9qOdbUh9XCj7tdVnyKmvvmpwGGx08N5WUNQXEnAvpatPIxqWn+XDdo+Qm
ssC20aE9EnNiOAmFM0WWBnW002sqejyi9eE1jqaXOKahTn3+BXnvuZ9hzuM/tTcW
fr7v+82l38/ibbGQlMQOfabd7qawDk3EyJmD2TalcLhohfJZGyjNbaymWoZCq9t7
H117HHSGT4KCQycXZuCfy7wGhPB340lp1OMFVNr++2p+f72AkQqSSxMHfJBJN/yL
xmbXba3AfOpojqNzPW1Rd8XBq2ISUEda+yWI0l5YpGeEAyqEVqvxEl6F3lvD7Pdf
s+k6uTOBIZ2xSnVlUb8n
-----END CERTIFICATE-----
Generated at Wed Aug 27 01:43:36 2025 by rpki-client