Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mhV6hqwogAnVc0AQRrUPv32KW3Y.roa
File: mhV6hqwogAnVc0AQRrUPv32KW3Y.roa (raw, json)
Hash identifier: plewK1YUARiB8hL5rreN/XGpUEfhDT7khwJ3M+kTXqg=
Subject key identifier: 9A:15:7A:86:AC:28:80:09:D5:73:40:10:46:B5:0F:BF:7D:8A:5B:76
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0198A02D605E90281B0414EFFFFBB2D9AC82
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mhV6hqwogAnVc0AQRrUPv32KW3Y.roa
Signing time: Tue 12 Aug 2025 21:26:25 +0000
ROA not before: Tue 12 Aug 2025 21:26:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 64.137.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a0:2d:60:5e:90:28:1b:04:14:ef:ff:fb:b2:d9:ac:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Aug 12 21:26:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a157a86ac288009d573401046b50fbf7d8a5b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a1:e0:85:88:cc:dc:36:a0:81:17:38:f6:62:
53:a7:06:19:5d:90:93:c3:75:e0:2b:9d:fc:a9:de:
72:18:33:a3:86:85:e1:d4:37:9c:78:15:5c:ff:e3:
5e:e2:e9:47:29:97:63:f7:bc:44:2f:21:6a:18:47:
5c:ab:2d:74:42:a5:2a:d0:6a:12:68:a7:52:1e:6c:
f2:0a:60:e5:3b:0e:28:42:10:14:da:4c:35:35:91:
71:8a:da:36:37:f2:3d:8b:d0:c9:a5:14:60:51:61:
3d:b3:91:86:3a:1a:99:9d:ca:fd:fc:a5:a4:04:b0:
e4:bb:8b:c8:d6:02:11:22:75:9d:69:1d:33:6a:29:
6d:ff:e4:27:a3:e7:c2:a8:44:80:5c:12:ec:05:80:
0d:dc:1d:73:8c:5a:51:16:cc:dc:61:66:6f:a9:80:
ef:b6:18:a6:88:9f:30:58:1c:8f:df:64:b3:b3:d7:
8a:a3:cc:fc:f9:bd:56:a1:44:e6:95:83:41:b9:8b:
3c:8a:f9:40:46:f8:38:b2:52:fd:70:dc:c3:8a:1a:
b0:6b:b8:91:1f:09:cb:de:fb:7e:9b:70:69:43:07:
71:59:3f:02:63:32:6c:d7:42:eb:81:41:03:85:6f:
a2:97:12:92:34:c5:70:f8:07:fd:a4:5a:61:16:8d:
e9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:7A:86:AC:28:80:09:D5:73:40:10:46:B5:0F:BF:7D:8A:5B:76
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mhV6hqwogAnVc0AQRrUPv32KW3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
Signature Algorithm: sha256WithRSAEncryption
90:c9:f8:dd:38:70:60:8c:16:49:da:35:c0:c4:ce:9b:b0:b3:
6b:fe:47:90:ff:37:fe:2f:4c:6b:b5:64:87:05:00:eb:f2:72:
da:92:1b:c8:ff:69:b3:8b:ab:c5:d1:5b:d5:54:8c:a8:d4:dd:
ed:7d:1f:04:5b:f6:84:d0:62:9a:56:72:bb:d6:ab:63:84:aa:
a0:a0:71:27:73:d5:a1:44:3a:a3:d6:fb:a8:53:cc:5f:f7:df:
40:df:45:17:e9:d0:d3:bc:47:07:3d:38:e3:76:2c:5e:e8:98:
ef:02:b1:4e:57:f9:07:a4:f9:08:e4:c5:fd:fd:43:92:35:27:
0c:dc:83:a9:e3:d4:0d:73:c9:ab:92:e6:bd:7f:41:b7:4d:07:
73:63:6b:d6:8c:d0:d5:0f:b2:f9:9a:31:d7:02:54:4a:1d:fd:
b6:40:1d:71:1e:19:12:eb:d9:d3:0b:ec:ed:7a:ba:f8:fd:a7:
b8:23:26:82:96:15:48:44:33:8a:ea:a5:56:39:7e:d5:2d:3e:
b5:81:33:82:f2:64:ee:60:ff:07:e2:da:aa:58:1a:a3:2a:10:
05:46:30:a7:65:52:c4:08:a0:0e:66:b0:50:f6:5d:4e:ae:17:
e6:dd:3d:f1:b1:e1:70:88:da:71:e2:2a:e8:c4:61:fc:0b:18:
5a:21:73:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZigLWBekCgbBBTv//uy2ayCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwODEyMjEyNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE1N2E4NmFjMjg4MDA5ZDU3MzQwMTA0NmI1MGZiZjdkOGE1Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aHghYjM3DaggRc49mJTpwYZXZCT
w3XgK538qd5yGDOjhoXh1DeceBVc/+Ne4ulHKZdj97xELyFqGEdcqy10QqUq0GoS
aKdSHmzyCmDlOw4oQhAU2kw1NZFxito2N/I9i9DJpRRgUWE9s5GGOhqZncr9/KWk
BLDku4vI1gIRInWdaR0zailt/+Qno+fCqESAXBLsBYAN3B1zjFpRFszcYWZvqYDv
thimiJ8wWByP32Szs9eKo8z8+b1WoUTmlYNBuYs8ivlARvg4slL9cNzDihqwa7iR
HwnL3vt+m3BpQwdxWT8CYzJs10LrgUEDhW+ilxKSNMVw+Af9pFphFo3pLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoVeoasKIAJ1XNAEEa1D799ilt2MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbWhWNmhxd29nQW5WYzBBUVJyVVB2MzJLVzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQIk0MA0G
CSqGSIb3DQEBCwUAA4IBAQCQyfjdOHBgjBZJ2jXAxM6bsLNr/keQ/zf+L0xrtWSH
BQDr8nLakhvI/2mzi6vF0VvVVIyo1N3tfR8EW/aE0GKaVnK71qtjhKqgoHEnc9Wh
RDqj1vuoU8xf999A30UX6dDTvEcHPTjjdixe6JjvArFOV/kHpPkI5MX9/UOSNScM
3IOp49QNc8mrkua9f0G3TQdzY2vWjNDVD7L5mjHXAlRKHf22QB1xHhkS69nTC+zt
err4/ae4IyaClhVIRDOK6qVWOX7VLT61gTOC8mTuYP8H4tqqWBqjKhAFRjCnZVLE
CKAOZrBQ9l1Orhfm3T3xseFwiNpx4iroxGH8CxhaIXOw
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:20:13 2025 by rpki-client