Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/ImvsPyGjqHzil2zJhiiakufkk1I.roa
File: ImvsPyGjqHzil2zJhiiakufkk1I.roa (raw, json)
Hash identifier: 29vZWJ1xOkBr4giAfRXD6EraUbozMao9ed7L/bRqJaU=
Subject key identifier: 22:6B:EC:3F:21:A3:A8:7C:E2:97:6C:C9:86:28:9A:92:E7:E4:93:52
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 0199576CDA9EBCCC2AC53B2E7FD76A68028E
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/ImvsPyGjqHzil2zJhiiakufkk1I.roa
Signing time: Wed 17 Sep 2025 11:26:15 +0000
ROA not before: Wed 17 Sep 2025 11:26:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/48 maxlen: 48
2a12:f8c1:51::/48 maxlen: 48
2a12:f8c1:52::/48 maxlen: 48
2a12:f8c1:53::/48 maxlen: 48
2a12:f8c1:54::/48 maxlen: 48
2a12:f8c1:55::/48 maxlen: 48
2a12:f8c1:56::/48 maxlen: 48
2a12:f8c1:57::/48 maxlen: 48
2a12:f8c1:58::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:6c:da:9e:bc:cc:2a:c5:3b:2e:7f:d7:6a:68:02:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Sep 17 11:26:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=226bec3f21a3a87ce2976cc986289a92e7e49352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:0c:94:d3:24:5c:45:08:ab:01:03:79:b2:
60:a6:46:b9:f6:bf:53:87:4f:8b:96:a2:f6:bc:a5:
db:ea:83:29:3d:26:3b:a5:92:ee:f1:3f:26:93:1e:
a0:e7:b4:8e:b2:5b:38:e4:c0:fb:1e:cf:8f:a6:f0:
f8:79:be:c0:e9:e3:3a:83:97:1d:04:27:88:12:5c:
26:08:90:0a:13:36:39:44:f2:fd:99:cc:cc:3d:bf:
e5:3c:6c:b9:05:a4:3e:66:78:33:cb:55:18:29:21:
23:ef:49:10:89:ff:e6:a9:f2:16:5d:8f:f8:ab:0f:
44:15:75:69:0a:3f:c2:6f:43:eb:43:64:f8:6b:46:
1e:d3:78:f3:f7:cf:13:bc:96:09:06:d9:3f:59:5b:
80:f0:59:e8:8e:c2:16:fd:24:94:91:44:f6:3b:4a:
fd:9a:d2:76:0a:08:44:49:a4:45:48:48:da:e9:fd:
d1:33:43:2b:fb:5a:70:3a:49:17:32:f3:da:30:f3:
c2:7d:16:d6:39:5e:f0:f2:7a:10:ea:9d:84:fc:08:
61:3b:22:5e:3e:a6:cb:5b:0c:6f:98:58:78:08:b6:
ba:22:a9:ae:0b:5b:6e:2f:da:58:09:39:b5:35:51:
4e:c7:ba:71:d4:4c:bc:53:bf:fb:c3:ed:77:58:85:
25:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6B:EC:3F:21:A3:A8:7C:E2:97:6C:C9:86:28:9A:92:E7:E4:93:52
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/ImvsPyGjqHzil2zJhiiakufkk1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:58:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:a9:e4:14:57:c9:da:b1:5b:ab:3b:2e:05:d5:87:89:11:29:
21:59:a1:75:8c:3f:e5:0b:8e:e5:73:7d:4b:91:5f:e2:40:77:
f4:7a:50:8f:1c:ab:19:97:d6:9e:a8:db:0e:16:cd:bc:cf:c3:
84:91:f6:2e:6c:b3:93:a1:67:83:50:ef:48:05:5c:c6:db:3d:
4c:b5:29:86:7a:18:d7:87:82:93:ea:c3:05:15:c3:a9:79:42:
03:aa:32:44:f3:f7:dc:bc:43:8f:18:59:26:2f:f1:57:2b:00:
b0:39:51:2d:5d:be:97:a6:39:b0:9b:b5:6e:dc:8f:2f:dc:de:
6b:de:23:e6:0f:4d:b8:d8:40:a6:d9:b8:cd:89:b1:16:91:f9:
f3:5e:c1:61:9c:0b:a0:6f:ba:27:1a:72:6c:0d:b0:57:ad:ea:
b6:77:9b:11:c8:19:35:c6:b7:f8:7c:44:64:ff:02:8b:03:0e:
02:e6:32:15:cd:27:df:9b:f6:0f:da:0e:88:d1:01:b1:0d:55:
bf:f3:49:4b:04:89:ed:b5:3e:4c:d7:fe:61:cd:e6:69:c0:cb:
dd:2b:ce:44:53:8c:0f:d2:b3:c0:08:0c:c2:e1:0b:97:b9:bb:
17:4b:c8:a0:cc:bb:22:5b:21:27:45:b2:ec:2a:34:ae:b2:ff:
54:36:d0:e8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZlXbNqevMwqxTsuf9dqaAKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjUwOTE3MTEyNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZiZWMzZjIxYTNhODdjZTI5NzZjYzk4NjI4OWE5MmU3ZTQ5MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTcMlNMkXEUIqwEDebJgpka59r9T
h0+LlqL2vKXb6oMpPSY7pZLu8T8mkx6g57SOsls45MD7Hs+PpvD4eb7A6eM6g5cd
BCeIElwmCJAKEzY5RPL9mczMPb/lPGy5BaQ+Zngzy1UYKSEj70kQif/mqfIWXY/4
qw9EFXVpCj/Cb0PrQ2T4a0Ye03jz988TvJYJBtk/WVuA8FnojsIW/SSUkUT2O0r9
mtJ2CghESaRFSEja6f3RM0Mr+1pwOkkXMvPaMPPCfRbWOV7w8noQ6p2E/AhhOyJe
PqbLWwxvmFh4CLa6IqmuC1tuL9pYCTm1NVFOx7px1Ey8U7/7w+13WIUlPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCJr7D8ho6h84pdsyYYompLn5JNSMB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvSW12c1B5R2pxSHppbDJ6SmhpaWFrdWZrazFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqEvjB
AFADBwAqEvjBAFgwDQYJKoZIhvcNAQELBQADggEBADCp5BRXydqxW6s7LgXVh4kR
KSFZoXWMP+ULjuVzfUuRX+JAd/R6UI8cqxmX1p6o2w4WzbzPw4SR9i5ss5OhZ4NQ
70gFXMbbPUy1KYZ6GNeHgpPqwwUVw6l5QgOqMkTz99y8Q48YWSYv8VcrALA5US1d
vpemObCbtW7cjy/c3mveI+YPTbjYQKbZuM2JsRaR+fNewWGcC6BvuicacmwNsFet
6rZ3mxHIGTXGt/h8RGT/AosDDgLmMhXNJ9+b9g/aDojRAbENVb/zSUsEie21PkzX
/mHN5mnAy90rzkRTjA/Ss8AIDMLhC5e5uxdLyKDMuyJbISdFsuwqNK6y/1Q20Og=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:08 2025 by rpki-client