Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/iAeCvhBgVC1cFtRSuzaB5tfppVs.roa
File: iAeCvhBgVC1cFtRSuzaB5tfppVs.roa (raw, json)
Hash identifier: kRO8HQurs7pWOQFKRnDzj8tPy5KMO6fBzICUW462YmM=
Subject key identifier: 88:07:82:BE:10:60:54:2D:5C:16:D4:52:BB:36:81:E6:D7:E9:A5:5B
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 019731F91872AAFCED236123726B623A126B
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/iAeCvhBgVC1cFtRSuzaB5tfppVs.roa
Signing time: Mon 02 Jun 2025 18:48:17 +0000
ROA not before: Mon 02 Jun 2025 18:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:8841::/32 maxlen: 32
2a0f:c03::/32 maxlen: 32
2a0f:72c4::/32 maxlen: 32
2a0f:da86::/32 maxlen: 32
2a11:1844::/32 maxlen: 32
2a11:2d82::/32 maxlen: 32
2a11:3f05::/32 maxlen: 32
2a11:41c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:f9:18:72:aa:fc:ed:23:61:23:72:6b:62:3a:12:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 2 18:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=880782be1060542d5c16d452bb3681e6d7e9a55b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c1:4a:f8:b3:6b:c6:1f:22:8f:bf:61:aa:82:
05:76:ec:d9:2d:34:71:e0:13:19:4f:2b:55:0f:7c:
e3:a4:f9:bf:e2:3d:0b:be:fb:68:c6:4b:51:53:f9:
f6:e0:1f:c7:c0:8a:cc:92:de:ec:65:59:00:47:e5:
e5:26:0b:46:0f:d6:75:47:be:37:0d:ec:49:0c:72:
7c:0c:cd:c4:97:29:2e:a8:54:a7:f2:5e:98:39:07:
c6:ab:db:a2:bc:1a:e4:eb:96:1b:d2:40:73:41:27:
af:c2:f2:3f:e8:91:cb:f7:0c:7b:85:0e:a2:18:b2:
32:c9:d9:4f:c2:48:30:3d:21:2d:4f:fb:c3:55:f5:
ee:b0:e7:ed:48:54:97:9e:89:a0:38:ac:b5:d7:c4:
2f:37:b7:54:f8:fb:95:36:c1:16:26:a6:62:d0:2e:
c0:b4:6e:d5:1f:c2:20:dd:93:28:88:bf:8d:12:df:
9b:be:54:9b:d3:b5:d0:44:ed:6a:43:bf:1f:7a:05:
80:73:a8:ee:26:d9:a5:f2:cc:c3:94:25:c0:a3:ed:
f7:6a:df:52:43:2d:ba:b6:ba:c1:29:1e:e5:be:d6:
07:53:3f:c9:f8:46:94:15:06:d3:d7:da:10:72:58:
c5:16:a8:83:61:a8:f9:0d:da:0b:7c:51:46:9c:5f:
38:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:07:82:BE:10:60:54:2D:5C:16:D4:52:BB:36:81:E6:D7:E9:A5:5B
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/iAeCvhBgVC1cFtRSuzaB5tfppVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8841::/32
2a0f:c03::/32
2a0f:72c4::/32
2a0f:da86::/32
2a11:1844::/32
2a11:2d82::/32
2a11:3f05::/32
2a11:41c1::/32
Signature Algorithm: sha256WithRSAEncryption
2a:f0:90:d8:28:0c:08:77:70:48:8b:73:b8:f1:09:df:56:e2:
c4:d6:4b:30:57:c9:5d:46:2e:9b:db:79:fc:fb:21:7f:cd:5e:
a3:08:38:bf:8e:69:99:dd:41:99:e0:f8:7d:a4:07:3a:23:c1:
a3:cc:fb:ac:bb:79:9b:0e:45:62:ba:7c:49:83:48:d8:99:19:
ba:1a:4b:3c:5f:53:e5:78:a5:7a:74:19:b3:b9:b9:f7:eb:2e:
b9:75:27:4e:90:c7:80:ec:10:d5:77:a5:49:0d:b7:06:1a:35:
e2:bf:52:fd:e2:6d:c0:16:11:23:53:7f:58:ab:38:66:97:e4:
da:ee:46:c4:56:bf:ba:a0:ed:e6:f4:b5:46:5b:e3:00:8b:80:
fd:22:7d:2a:3f:51:09:b8:31:38:8b:62:60:6d:be:e8:b7:fd:
e5:35:47:62:ea:cd:48:f5:68:de:fa:3e:a4:1f:e6:14:a1:07:
8c:ba:b3:ff:77:a9:4d:77:32:0d:8f:60:6d:0b:3a:5f:3a:c8:
28:b4:1f:01:40:5c:85:f7:d7:e4:e6:83:c0:67:3c:f3:62:17:
0c:d2:06:f3:60:d7:a3:e2:f3:1d:2f:f6:54:73:2b:3f:8f:13:
e7:03:93:33:e9:4f:24:3f:13:a2:e9:8d:3c:cc:c4:38:36:90:
a0:70:bd:87
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZcx+RhyqvztI2EjcmtiOhJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjAyMTg0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA3ODJiZTEwNjA1NDJkNWMxNmQ0NTJiYjM2ODFlNmQ3ZTlhNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8FK+LNrxh8ij79hqoIFduzZLTRx
4BMZTytVD3zjpPm/4j0LvvtoxktRU/n24B/HwIrMkt7sZVkAR+XlJgtGD9Z1R743
DexJDHJ8DM3ElykuqFSn8l6YOQfGq9uivBrk65Yb0kBzQSevwvI/6JHL9wx7hQ6i
GLIyydlPwkgwPSEtT/vDVfXusOftSFSXnomgOKy118QvN7dU+PuVNsEWJqZi0C7A
tG7VH8Ig3ZMoiL+NEt+bvlSb07XQRO1qQ78fegWAc6juJtml8szDlCXAo+33at9S
Qy26trrBKR7lvtYHUz/J+EaUFQbT19oQcljFFqiDYaj5DdoLfFFGnF84owIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIgHgr4QYFQtXBbUUrs2gebX6aVbMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvaUFlQ3ZoQmdWQzFjRnRSU3V6YUI1dGZwcFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKg6IQQMF
ACoPDAMDBQAqD3LEAwUAKg/ahgMFACoRGEQDBQAqES2CAwUAKhE/BQMFACoRQcEw
DQYJKoZIhvcNAQELBQADggEBACrwkNgoDAh3cEiLc7jxCd9W4sTWSzBXyV1GLpvb
efz7IX/NXqMIOL+OaZndQZng+H2kBzojwaPM+6y7eZsORWK6fEmDSNiZGboaSzxf
U+V4pXp0GbO5uffrLrl1J06Qx4DsENV3pUkNtwYaNeK/Uv3ibcAWESNTf1irOGaX
5NruRsRWv7qg7eb0tUZb4wCLgP0ifSo/UQm4MTiLYmBtvui3/eU1R2LqzUj1aN76
PqQf5hShB4y6s/93qU13Mg2PYG0LOl86yCi0HwFAXIX31+Tmg8BnPPNiFwzSBvNg
16Pi8x0v9lRzKz+PE+cDkzPpTyQ/E6LpjTzMxDg2kKBwvYc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:25:36 2025 by rpki-client