Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/o0SifTx2NU1sEhX0Vll10hyck8c.roa
File: o0SifTx2NU1sEhX0Vll10hyck8c.roa (raw, json)
Hash identifier: CTAgGKzxE8Fx3onDLMa7P2lInOfEaEKTgjP3A/rkyEI=
Subject key identifier: A3:44:A2:7D:3C:76:35:4D:6C:12:15:F4:56:59:75:D2:1C:9C:93:C7
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 01970CF8B3402F7E10E646ECEE58FC166924
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/o0SifTx2NU1sEhX0Vll10hyck8c.roa
Signing time: Mon 26 May 2025 14:21:54 +0000
ROA not before: Mon 26 May 2025 14:21:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 141.63.0.0/16 maxlen: 16
2a02:11f8:60::/48 maxlen: 48
2a02:11f8:61::/48 maxlen: 48
2a02:11f8:62::/48 maxlen: 48
2a02:11f8:63::/48 maxlen: 48
2a02:11f8:64::/48 maxlen: 48
2a02:11f8:65::/48 maxlen: 48
2a02:11f8:81::/48 maxlen: 48
2a02:11f8:100::/48 maxlen: 48
2a02:11f8:101::/48 maxlen: 48
2a02:11f8:102::/48 maxlen: 48
2a02:11f8:190::/48 maxlen: 48
2a02:11f8:191::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:f8:b3:40:2f:7e:10:e6:46:ec:ee:58:fc:16:69:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: May 26 14:21:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a344a27d3c76354d6c1215f4565975d21c9c93c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:39:f0:bf:ec:83:fb:65:cd:21:d4:69:8d:13:
14:4b:b2:b0:66:d0:54:aa:8b:d8:05:88:1a:c9:5f:
05:b6:2e:6b:c7:1d:b7:c1:6e:d9:a9:17:e2:1b:0f:
43:7f:23:a8:04:93:14:9d:ea:f8:ec:ec:8d:f0:c4:
fd:51:8c:ba:e5:4b:c8:e6:2a:25:62:87:bf:2d:9e:
87:7e:dd:04:7b:d9:e7:27:e0:a6:bc:80:33:05:c6:
9d:c4:5c:27:ef:9c:31:52:22:1e:f7:27:e2:ee:9a:
dc:0e:db:50:a1:4b:94:93:5b:4b:5c:f8:3c:cc:21:
93:9e:90:29:17:78:7a:5b:1a:0a:03:a0:43:b3:5d:
63:8e:d7:ce:73:cc:8f:7a:21:92:cc:47:51:d2:02:
58:f2:7a:d8:2b:be:f5:23:9a:8c:41:82:11:57:29:
0f:8a:03:43:bc:65:12:c9:5c:08:18:d9:63:d2:26:
c6:1c:e9:1b:fa:41:6f:e1:19:91:60:e9:fa:c6:64:
69:67:77:c4:55:5f:36:5b:5d:45:cf:20:12:22:2b:
c8:c7:90:8c:08:82:da:ce:f7:90:be:bf:e2:05:ba:
f7:96:d3:b5:a6:7b:c2:af:d1:8c:98:00:27:57:1b:
e3:f5:16:b3:1e:b2:3d:76:3b:d6:c8:fc:10:6b:9f:
3e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:44:A2:7D:3C:76:35:4D:6C:12:15:F4:56:59:75:D2:1C:9C:93:C7
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/o0SifTx2NU1sEhX0Vll10hyck8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.63.0.0/16
IPv6:
2a02:11f8:60::-2a02:11f8:65:ffff:ffff:ffff:ffff:ffff
2a02:11f8:81::/48
2a02:11f8:100::-2a02:11f8:102:ffff:ffff:ffff:ffff:ffff
2a02:11f8:190::/47
Signature Algorithm: sha256WithRSAEncryption
5e:d6:ae:8f:38:3d:b0:50:06:21:ca:2d:5b:86:ee:46:a7:e9:
82:00:ab:13:77:d3:1b:a3:7f:0a:a2:e0:f9:9e:0d:bb:4e:6d:
51:ca:6e:75:01:b1:71:c0:30:d5:a4:ef:89:bb:f2:b1:40:5f:
ca:94:df:9f:d7:d8:c1:86:44:82:11:99:7c:bb:a2:4c:20:bc:
cf:54:4a:ae:2d:71:15:5e:90:b0:3f:6c:12:d8:3c:d2:08:9d:
98:a3:64:50:7b:09:91:0f:03:4c:f3:7f:3f:9a:3b:bd:89:69:
a5:67:f0:e2:69:bc:e6:d2:73:1c:ce:b5:b4:aa:cd:26:9d:da:
7b:6e:f6:2f:29:0a:c5:5e:4a:a9:08:79:3c:9b:39:2a:de:4a:
b3:ec:f8:c1:c9:a0:f3:56:4e:69:10:f2:55:fa:46:10:8f:b4:
04:80:8f:ea:68:50:1e:20:3f:96:fa:22:b8:b6:06:0a:50:16:
ae:c5:d2:3c:e5:7a:00:2a:14:2a:7f:86:1a:8c:62:f4:6d:10:
f0:9e:c3:18:3e:d9:42:7e:b6:74:d2:e9:2e:73:de:ae:5f:a6:
e2:89:b9:5b:c2:3b:60:b5:9f:34:db:44:d3:45:60:fe:ad:bf:
91:f6:75:5b:19:2e:2f:e0:53:d4:d3:a2:50:97:32:24:59:2e:
0f:35:73:78
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZcM+LNAL34Q5kbs7lj8FmkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwNTI2MTQyMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ0YTI3ZDNjNzYzNTRkNmMxMjE1ZjQ1NjU5NzVkMjFjOWM5M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDnwv+yD+2XNIdRpjRMUS7KwZtBU
qovYBYgayV8Fti5rxx23wW7ZqRfiGw9DfyOoBJMUner47OyN8MT9UYy65UvI5iol
Yoe/LZ6Hft0Ee9nnJ+CmvIAzBcadxFwn75wxUiIe9yfi7prcDttQoUuUk1tLXPg8
zCGTnpApF3h6WxoKA6BDs11jjtfOc8yPeiGSzEdR0gJY8nrYK771I5qMQYIRVykP
igNDvGUSyVwIGNlj0ibGHOkb+kFv4RmRYOn6xmRpZ3fEVV82W11FzyASIivIx5CM
CILazveQvr/iBbr3ltO1pnvCr9GMmAAnVxvj9RazHrI9djvWyPwQa58+BwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKNEon08djVNbBIV9FZZddIcnJPHMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvbzBTaWZUeDJOVTFzRWhYMFZsbDEwaHljazhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjALBAIAATAFAwMAjT8wPwQC
AAIwOTASAwcFKgIR+ABgAwcBKgIR+ABkAwcAKgIR+ACBMBEDBgAqAhH4AQMHACoC
EfgBAgMHASoCEfgBkDANBgkqhkiG9w0BAQsFAAOCAQEAXtaujzg9sFAGIcotW4bu
RqfpggCrE3fTG6N/CqLg+Z4Nu05tUcpudQGxccAw1aTvibvysUBfypTfn9fYwYZE
ghGZfLuiTCC8z1RKri1xFV6QsD9sEtg80gidmKNkUHsJkQ8DTPN/P5o7vYlppWfw
4mm85tJzHM61tKrNJp3ae272LykKxV5KqQh5PJs5Kt5Ks+z4wcmg81ZOaRDyVfpG
EI+0BICP6mhQHiA/lvoiuLYGClAWrsXSPOV6ACoUKn+GGoxi9G0Q8J7DGD7ZQn62
dNLpLnPerl+m4om5W8I7YLWfNNtE00Vg/q2/kfZ1WxkuL+BT1NOiUJcyJFkuDzVz
eA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:50:21 2025 by rpki-client