Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ROGOHtQVBFmyCAYNFWTeIURYyV8.roa
File: ROGOHtQVBFmyCAYNFWTeIURYyV8.roa (raw, json)
Hash identifier: 5WI5SrJQg4PFmOcXIsQy2uFzkEqSfvA7tPomuwc4RIY=
Subject key identifier: 44:E1:8E:1E:D4:15:04:59:B2:08:06:0D:15:64:DE:21:44:58:C9:5F
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 019731FDAC7984A66492E0694B9CD8A18D40
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ROGOHtQVBFmyCAYNFWTeIURYyV8.roa
Signing time: Mon 02 Jun 2025 18:53:17 +0000
ROA not before: Mon 02 Jun 2025 18:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:8845::/32 maxlen: 32
2a0f:c05::/32 maxlen: 32
2a0f:72c3::/32 maxlen: 32
2a0f:da83::/32 maxlen: 32
2a11:1842::/32 maxlen: 32
2a11:2d84::/32 maxlen: 32
2a11:3f07::/32 maxlen: 32
2a11:41c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:fd:ac:79:84:a6:64:92:e0:69:4b:9c:d8:a1:8d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 2 18:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44e18e1ed4150459b208060d1564de214458c95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5f:2e:ef:93:4e:d9:33:b0:e4:65:c8:c2:28:
fe:6e:af:a7:00:cd:ae:0b:d5:33:c8:87:b8:fe:6b:
bb:87:3b:63:f0:a4:4c:56:1c:fd:9d:43:a2:97:d0:
cc:4e:29:d5:a8:7e:f9:3d:d8:03:25:e0:d7:61:07:
6d:18:a4:ed:9b:b1:2f:e4:f9:0f:05:c0:19:7c:41:
7f:a5:eb:ab:dd:f4:10:d4:42:46:a0:71:43:48:ca:
8d:5c:ed:2c:1f:65:bb:5a:2d:b3:8f:55:32:dc:d5:
1a:1f:99:dc:08:af:ff:00:1a:d6:58:fc:e5:e9:d2:
a7:70:dd:12:f0:ea:23:9f:40:93:ce:a3:f7:b9:14:
60:b9:0f:af:4a:a0:fe:06:11:45:f9:f1:ea:21:e9:
d8:bc:a2:5b:da:ff:0f:30:7f:98:28:11:9d:f8:ba:
a9:9e:db:a7:15:4a:46:2e:6d:b9:f3:a3:63:ac:da:
2e:24:be:58:d7:d5:92:ee:56:b6:c2:c6:c3:bc:b4:
65:6c:68:0d:b1:fa:b4:ad:5b:61:6e:a1:12:ea:69:
dc:5f:6f:75:d6:0b:86:5d:59:12:d5:02:69:83:0a:
d6:20:1c:79:4c:68:bd:f1:ad:d7:da:73:33:37:7c:
41:68:e0:06:ec:49:21:5b:90:8a:79:29:19:fb:4d:
de:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E1:8E:1E:D4:15:04:59:B2:08:06:0D:15:64:DE:21:44:58:C9:5F
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ROGOHtQVBFmyCAYNFWTeIURYyV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8845::/32
2a0f:c05::/32
2a0f:72c3::/32
2a0f:da83::/32
2a11:1842::/32
2a11:2d84::/32
2a11:3f07::/32
2a11:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:52:48:2f:4e:e7:87:14:a8:ff:62:59:2d:cd:df:45:f6:8f:
cd:e4:e9:6b:c4:c2:84:52:f2:21:89:39:08:4c:31:69:ae:ce:
c6:7a:71:09:d5:37:5c:33:fe:c5:99:10:85:d7:8c:00:89:91:
f6:f4:40:d3:b0:d7:5c:c6:6b:bb:d2:06:11:ea:01:0c:65:92:
38:50:16:cd:ea:22:5b:8a:e4:09:bb:c2:6f:69:55:c5:5e:40:
f8:a0:a6:05:7c:b9:bc:ca:33:cf:c0:99:cb:ff:69:c8:0c:f0:
c1:89:f0:9d:96:13:64:29:e8:3f:8a:a3:13:74:e9:08:ce:dc:
9c:98:97:0f:15:6f:dc:61:5a:6f:38:f9:8d:a7:34:e4:12:b1:
98:dd:a4:ce:7c:c7:2e:71:e0:82:34:90:a8:2b:ba:33:06:42:
53:a5:08:8e:42:41:d6:2c:30:d3:38:5a:29:6e:9c:bd:0a:5f:
f4:44:85:83:04:54:58:25:ef:67:9f:8b:8d:e8:89:68:3b:67:
0a:37:0f:62:5b:28:b1:1e:19:d2:84:95:57:94:f4:4d:c9:ae:
c3:8e:ea:6e:44:29:91:8c:59:91:9c:55:76:d5:65:cc:ba:f2:
37:8b:45:f6:97:27:c6:b9:af:e0:35:d9:8c:a2:35:e4:07:7d:
9b:61:99:3c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZcx/ax5hKZkkuBpS5zYoY1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjAyMTg1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGUxOGUxZWQ0MTUwNDU5YjIwODA2MGQxNTY0ZGUyMTQ0NThjOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V8u75NO2TOw5GXIwij+bq+nAM2u
C9UzyIe4/mu7hztj8KRMVhz9nUOil9DMTinVqH75PdgDJeDXYQdtGKTtm7Ev5PkP
BcAZfEF/peur3fQQ1EJGoHFDSMqNXO0sH2W7Wi2zj1Uy3NUaH5ncCK//ABrWWPzl
6dKncN0S8Oojn0CTzqP3uRRguQ+vSqD+BhFF+fHqIenYvKJb2v8PMH+YKBGd+Lqp
ntunFUpGLm2586NjrNouJL5Y19WS7la2wsbDvLRlbGgNsfq0rVthbqES6mncX291
1guGXVkS1QJpgwrWIBx5TGi98a3X2nMzN3xBaOAG7EkhW5CKeSkZ+03eMwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEThjh7UFQRZsggGDRVk3iFEWMlfMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvUk9HT0h0UVZCRm15Q0FZTkZXVGVJVVJZeVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKg6IRQMF
ACoPDAUDBQAqD3LDAwUAKg/agwMFACoRGEIDBQAqES2EAwUAKhE/BwMFACoRQcAw
DQYJKoZIhvcNAQELBQADggEBAIxSSC9O54cUqP9iWS3N30X2j83k6WvEwoRS8iGJ
OQhMMWmuzsZ6cQnVN1wz/sWZEIXXjACJkfb0QNOw11zGa7vSBhHqAQxlkjhQFs3q
IluK5Am7wm9pVcVeQPigpgV8ubzKM8/Amcv/acgM8MGJ8J2WE2Qp6D+KoxN06QjO
3JyYlw8Vb9xhWm84+Y2nNOQSsZjdpM58xy5x4II0kKgrujMGQlOlCI5CQdYsMNM4
WilunL0KX/REhYMEVFgl72efi43oiWg7Zwo3D2JbKLEeGdKElVeU9E3JrsOO6m5E
KZGMWZGcVXbVZcy68jeLRfaXJ8a5r+A12YyiNeQHfZthmTw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:31:11 2025 by rpki-client