Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/90c-dEYwt8_b5osC2gcfHynNfOk.roa
File: 90c-dEYwt8_b5osC2gcfHynNfOk.roa (raw, json)
Hash identifier: yS8UwrYsP3EM3UDhNVD3t+/4R9LgGAbSCOhPtgs3qN0=
Subject key identifier: F7:47:3E:74:46:30:B7:CF:DB:E6:8B:02:DA:07:1F:1F:29:CD:7C:E9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0196D4F20AAB327CA7B43E55E08DA5FC3594
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/90c-dEYwt8_b5osC2gcfHynNfOk.roa
Signing time: Thu 15 May 2025 17:15:54 +0000
ROA not before: Thu 15 May 2025 17:15:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214168
IP address blocks: 2a11:4540::/29 maxlen: 29
2a11:5980::/29 maxlen: 29
2a11:62c0::/29 maxlen: 29
2a11:7b00::/29 maxlen: 29
2a11:8740::/29 maxlen: 29
2a11:a240::/29 maxlen: 29
2a11:bbc0::/29 maxlen: 29
2a12:d40::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:f2:0a:ab:32:7c:a7:b4:3e:55:e0:8d:a5:fc:35:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 15 17:15:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7473e744630b7cfdbe68b02da071f1f29cd7ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:70:01:11:7c:3e:8b:14:a2:ec:fe:4d:5d:19:
d8:38:49:bf:d3:4b:44:25:ca:15:be:4e:ef:87:de:
cf:a9:69:65:15:33:7c:e5:19:25:cf:d0:d9:a1:17:
52:b8:34:25:03:1e:b5:bf:54:f3:ea:b4:dd:2e:f9:
c8:93:b0:46:f6:99:a0:c2:db:1d:93:20:e4:18:d9:
44:d4:b1:59:c1:7d:16:2c:37:7d:f6:71:4f:a8:55:
1d:d7:4e:a9:3c:2a:c0:17:bc:89:1a:8c:55:d9:c8:
06:73:9b:f7:24:69:69:c4:b0:0e:dd:58:e3:af:28:
a2:c0:63:d8:6a:67:b0:ce:f3:c4:72:7c:d0:0d:d3:
e3:32:0a:03:9a:ac:1c:20:71:0b:e1:2b:87:43:bc:
e6:dd:f9:d7:0f:4c:8c:f0:1b:2c:21:f9:8d:ff:b9:
dd:c1:17:78:d4:8d:22:fc:4d:8c:64:41:32:40:a8:
d0:a6:61:05:77:32:db:e0:b2:20:a2:93:c5:17:12:
44:6e:24:c8:67:b2:f1:70:31:ad:31:f8:44:31:78:
89:6e:f7:51:07:52:92:89:d8:f6:c5:95:77:67:3e:
c7:63:57:38:0f:97:c7:eb:d1:18:8b:e1:18:20:de:
7b:28:49:d0:72:64:ef:49:ca:70:d5:97:e8:96:dd:
73:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:47:3E:74:46:30:B7:CF:DB:E6:8B:02:DA:07:1F:1F:29:CD:7C:E9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/90c-dEYwt8_b5osC2gcfHynNfOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4540::/29
2a11:5980::/29
2a11:62c0::/29
2a11:7b00::/29
2a11:8740::/29
2a11:a240::/29
2a11:bbc0::/29
2a12:d40::/29
2a12:8580::/29
Signature Algorithm: sha256WithRSAEncryption
9e:de:dc:a6:9d:e7:1e:94:d0:c7:c3:9f:bd:50:f6:1d:40:78:
7d:87:69:84:9d:a3:2b:e2:cc:37:74:0a:3d:81:39:b4:65:eb:
53:e1:2f:93:5e:f3:4c:19:39:fa:01:c1:b9:76:36:4d:47:21:
25:85:63:f2:46:22:45:0a:62:f9:d6:52:9a:7d:67:d8:41:25:
52:8d:b5:9a:b3:b8:fb:cd:3a:2c:de:ea:61:de:35:52:e7:91:
a5:ec:3b:5b:5c:7a:fc:3d:a0:77:9b:6b:72:25:0a:a4:53:64:
d3:e8:d1:e3:8b:74:18:79:c8:9e:0d:f6:e4:a0:31:f8:a2:dd:
20:f0:34:f3:e7:1a:b0:2e:38:86:f0:56:20:98:81:d1:db:62:
43:d0:1d:a1:a7:5d:e7:10:e5:cd:50:82:62:98:bc:db:ca:b4:
9c:71:57:22:9a:c0:9d:26:4d:e4:50:1a:78:ee:4f:87:e4:59:
51:ce:ba:7e:2f:4a:fd:74:82:aa:61:45:b4:46:e9:fb:bc:fa:
b7:1a:9f:16:b7:b1:67:eb:d5:08:2e:55:5a:27:fa:43:0d:d7:
96:38:02:d7:5c:1a:64:00:6e:7a:dd:bc:9d:1f:0b:1f:ad:0f:
45:a8:f6:e8:cf:bd:1d:27:ab:28:e0:51:6b:1a:21:52:98:43:
44:bc:4c:78
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZbU8gqrMnyntD5V4I2l/DWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNTE1MTcxNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQ3M2U3NDQ2MzBiN2NmZGJlNjhiMDJkYTA3MWYxZjI5Y2Q3Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3ABEXw+ixSi7P5NXRnYOEm/00tE
JcoVvk7vh97PqWllFTN85Rklz9DZoRdSuDQlAx61v1Tz6rTdLvnIk7BG9pmgwtsd
kyDkGNlE1LFZwX0WLDd99nFPqFUd106pPCrAF7yJGoxV2cgGc5v3JGlpxLAO3Vjj
ryiiwGPYamewzvPEcnzQDdPjMgoDmqwcIHEL4SuHQ7zm3fnXD0yM8BssIfmN/7nd
wRd41I0i/E2MZEEyQKjQpmEFdzLb4LIgopPFFxJEbiTIZ7LxcDGtMfhEMXiJbvdR
B1KSidj2xZV3Zz7HY1c4D5fH69EYi+EYIN57KEnQcmTvScpw1Zfolt1zWwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPdHPnRGMLfP2+aLAtoHHx8pzXzpMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOTBjLWRFWXd0OF9iNW9zQzJnY2ZIeW5OZk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhFFQAMF
AyoRWYADBQMqEWLAAwUDKhF7AAMFAyoRh0ADBQMqEaJAAwUDKhG7wAMFAyoSDUAD
BQMqEoWAMA0GCSqGSIb3DQEBCwUAA4IBAQCe3tymnecelNDHw5+9UPYdQHh9h2mE
naMr4sw3dAo9gTm0ZetT4S+TXvNMGTn6AcG5djZNRyElhWPyRiJFCmL51lKafWfY
QSVSjbWas7j7zTos3uph3jVS55Gl7DtbXHr8PaB3m2tyJQqkU2TT6NHji3QYecie
DfbkoDH4ot0g8DTz5xqwLjiG8FYgmIHR22JD0B2hp13nEOXNUIJimLzbyrSccVci
msCdJk3kUBp47k+H5FlRzrp+L0r9dIKqYUW0Run7vPq3Gp8Wt7Fn69UILlVaJ/pD
DdeWOALXXBpkAG563bydHwsfrQ9FqPboz70dJ6so4FFrGiFSmENEvEx4
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:22:12 2025 by rpki-client