Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/TXJYXDQyfatH14QXMUfRLdb8F1A.roa
File: TXJYXDQyfatH14QXMUfRLdb8F1A.roa (raw, json)
Hash identifier: R4mR9RTDaxGN9JW/j8/x+mc/ilBiTpWIRn8w7bIprbQ=
Subject key identifier: 4D:72:58:5C:34:32:7D:AB:47:D7:84:17:31:47:D1:2D:D6:FC:17:50
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 019731FE9708838B5077EEE8485709C45AE0
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/TXJYXDQyfatH14QXMUfRLdb8F1A.roa
Signing time: Mon 02 Jun 2025 18:54:17 +0000
ROA not before: Mon 02 Jun 2025 18:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:b9c3::/32 maxlen: 32
2a0e:8846::/32 maxlen: 32
2a0f:c06::/32 maxlen: 32
2a0f:72c5::/32 maxlen: 32
2a0f:da80::/32 maxlen: 32
2a11:1840::/32 maxlen: 32
2a11:2d81::/32 maxlen: 32
2a11:3f01::/32 maxlen: 32
2a11:41c4::/32 maxlen: 32
2a11:41c6::/32 maxlen: 32
2a12:cc00::/32 maxlen: 32
2a12:cc07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:fe:97:08:83:8b:50:77:ee:e8:48:57:09:c4:5a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 2 18:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d72585c34327dab47d784173147d12dd6fc1750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6e:e9:3c:1f:46:8a:67:9b:29:5a:15:91:56:
99:54:59:12:6f:3d:11:00:ea:da:90:fa:b0:ee:ae:
39:09:8c:40:44:9c:92:13:98:82:27:21:13:25:01:
74:f9:44:30:36:b7:b2:57:16:35:76:f0:c7:43:df:
82:33:e4:89:13:bf:06:fc:d1:74:3e:e2:ae:42:23:
41:96:1f:3e:76:ca:bc:51:2a:18:3e:3f:28:b9:76:
3e:19:6d:a8:55:8b:67:e3:02:76:07:64:20:c5:d4:
64:b4:b6:33:46:9e:5b:7b:34:40:81:ce:8c:e7:c7:
99:0d:20:09:52:da:b7:32:48:10:81:d1:29:71:12:
6b:89:76:6e:da:5b:7c:e4:ca:fc:cd:37:56:ef:a9:
9c:4c:b7:1b:c9:11:2c:92:c1:57:af:9d:2a:86:82:
0c:4c:fc:2c:25:f6:e1:8d:ac:c9:14:29:db:f3:da:
88:d1:c4:2b:4e:89:f9:cf:20:52:13:a8:1e:23:72:
0b:bb:c2:22:1c:49:bf:21:be:01:d7:32:ca:4b:ee:
eb:55:13:05:fe:1f:69:fc:de:d9:40:d8:a2:26:20:
3f:33:bb:e6:95:b1:bc:e5:0f:b0:72:80:35:61:59:
ed:34:b8:e8:6b:29:f5:97:17:ff:48:15:9d:a7:65:
d4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:72:58:5C:34:32:7D:AB:47:D7:84:17:31:47:D1:2D:D6:FC:17:50
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/TXJYXDQyfatH14QXMUfRLdb8F1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c3::/32
2a0e:8846::/32
2a0f:c06::/32
2a0f:72c5::/32
2a0f:da80::/32
2a11:1840::/32
2a11:2d81::/32
2a11:3f01::/32
2a11:41c4::/32
2a11:41c6::/32
2a12:cc00::/32
2a12:cc07::/32
Signature Algorithm: sha256WithRSAEncryption
49:66:02:f0:5e:9a:91:70:71:18:47:1c:45:a2:e6:a6:c9:ff:
a0:ff:b2:b6:54:07:64:a4:ed:7b:8c:6e:7d:28:37:eb:7e:eb:
3a:24:09:e1:af:a3:49:63:d1:a5:64:a9:6e:4d:72:3a:69:4a:
e2:5c:99:13:6c:bb:b3:2c:a3:94:22:64:cc:3e:0a:df:40:82:
7b:57:11:a3:ba:04:1b:0a:23:c2:fe:2b:92:e5:32:0a:00:8f:
bc:f1:15:11:f0:64:d1:54:41:42:d2:a7:4e:06:db:e2:93:15:
fb:40:e0:75:bb:96:80:c3:3f:7e:50:0b:1d:54:63:58:e7:fb:
a8:96:e8:00:57:b0:6e:93:29:c4:a5:99:e3:b7:9c:f2:7a:70:
a7:51:85:9a:de:8a:eb:d1:e4:57:9d:c0:6f:f6:1d:62:da:a4:
a6:8c:60:b6:30:c1:35:1e:44:19:ab:86:26:32:89:b7:40:f8:
51:2b:bf:62:fa:bf:bc:ed:37:42:18:38:7f:3d:bb:03:af:ba:
73:c5:a6:7f:8b:77:4b:cc:96:cc:59:c1:59:98:a2:65:58:a7:
b4:51:bb:d7:4e:af:9d:1a:b5:ab:52:5d:4d:6c:d5:22:31:0d:
81:3c:06:d2:d6:9d:cd:d7:84:ea:ca:df:91:b5:e2:f6:e7:dc:
81:66:cd:68
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZcx/pcIg4tQd+7oSFcJxFrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjAyMTg1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDcyNTg1YzM0MzI3ZGFiNDdkNzg0MTczMTQ3ZDEyZGQ2ZmMxNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj27pPB9GimebKVoVkVaZVFkSbz0R
AOrakPqw7q45CYxARJySE5iCJyETJQF0+UQwNreyVxY1dvDHQ9+CM+SJE78G/NF0
PuKuQiNBlh8+dsq8USoYPj8ouXY+GW2oVYtn4wJ2B2QgxdRktLYzRp5bezRAgc6M
58eZDSAJUtq3MkgQgdEpcRJriXZu2lt85Mr8zTdW76mcTLcbyREsksFXr50qhoIM
TPwsJfbhjazJFCnb89qI0cQrTon5zyBSE6geI3ILu8IiHEm/Ib4B1zLKS+7rVRMF
/h9p/N7ZQNiiJiA/M7vmlbG85Q+wcoA1YVntNLjoayn1lxf/SBWdp2XU7QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFE1yWFw0Mn2rR9eEFzFH0S3W/BdQMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvVFhKWVhEUXlmYXRIMTRRWE1VZlJMZGI4RjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKg25wwMF
ACoOiEYDBQAqDwwGAwUAKg9yxQMFACoP2oADBQAqERhAAwUAKhEtgQMFACoRPwED
BQAqEUHEAwUAKhFBxgMFACoSzAADBQAqEswHMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
ZgLwXpqRcHEYRxxFouamyf+g/7K2VAdkpO17jG59KDfrfus6JAnhr6NJY9GlZKlu
TXI6aUriXJkTbLuzLKOUImTMPgrfQIJ7VxGjugQbCiPC/iuS5TIKAI+88RUR8GTR
VEFC0qdOBtvikxX7QOB1u5aAwz9+UAsdVGNY5/uolugAV7BukynEpZnjt5zyenCn
UYWa3orr0eRXncBv9h1i2qSmjGC2MME1HkQZq4YmMom3QPhRK79i+r+87TdCGDh/
PbsDr7pzxaZ/i3dLzJbMWcFZmKJlWKe0UbvXTq+dGrWrUl1NbNUiMQ2BPAbS1p3N
14Tqyt+RteL259yBZs1o
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:38:42 2025 by rpki-client