Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/Ki-liMzit2Jo2WHroCxM5VPpxjM.roa
File: Ki-liMzit2Jo2WHroCxM5VPpxjM.roa (raw, json)
Hash identifier: 9WXsbfSa8emQvpxcrQX0QIVMCI+roYDTEL0EsjFfF+c=
Subject key identifier: 2A:2F:A5:88:CC:E2:B7:62:68:D9:61:EB:A0:2C:4C:E5:53:E9:C6:33
Certificate issuer: /CN=eed7f6b165a38cff346de3e352118dc99ed822c7
Certificate serial: 019A638209616044DEA6C0E0E84EB2556D5F
Authority key identifier: EE:D7:F6:B1:65:A3:8C:FF:34:6D:E3:E3:52:11:8D:C9:9E:D8:22:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tf2sWWjjP80bePjUhGNyZ7YIsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/Ki-liMzit2Jo2WHroCxM5VPpxjM.roa
Signing time: Sat 08 Nov 2025 12:47:37 +0000
ROA not before: Sat 08 Nov 2025 12:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210957
IP address blocks: 2001:67c:2d08::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/7tf2sWWjjP80bePjUhGNyZ7YIsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/7tf2sWWjjP80bePjUhGNyZ7YIsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7tf2sWWjjP80bePjUhGNyZ7YIsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:63:82:09:61:60:44:de:a6:c0:e0:e8:4e:b2:55:6d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed7f6b165a38cff346de3e352118dc99ed822c7
Validity
Not Before: Nov 8 12:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2fa588cce2b76268d961eba02c4ce553e9c633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:11:64:b1:f3:7a:b0:a8:d7:fe:a7:75:eb:
8d:2c:82:31:93:08:02:b6:16:1f:0e:60:6f:70:77:
1c:04:0a:3b:ce:8b:93:b2:b6:7a:07:64:35:c2:bd:
5f:e0:9e:24:d7:cc:1c:d1:50:a1:97:7e:1a:bb:3d:
51:e4:d8:dd:de:d1:c9:4c:74:88:a5:e1:6c:11:17:
29:38:07:79:ad:9a:ba:be:60:1d:4a:1c:8b:b5:7e:
2d:a4:19:12:3b:58:e7:57:cb:0f:10:8c:56:51:4a:
4f:f6:5b:ce:8b:21:cc:5a:ee:0c:94:e9:56:72:b3:
21:ec:64:ff:a9:5b:76:5e:6c:4b:be:a6:b8:0c:90:
a7:eb:b2:c9:fc:7d:45:ae:e7:ff:6f:71:ca:80:13:
79:1a:df:66:8c:6c:5f:ab:5d:5a:49:8b:d6:1f:0e:
70:1b:c8:fb:22:87:30:bb:ac:2d:2b:d9:bf:7e:85:
60:14:ae:84:36:0a:7d:7b:d4:cf:23:75:ef:b8:87:
ed:cc:c9:4c:44:5a:03:8b:fc:de:ce:bc:93:ad:d6:
4c:b7:1a:d2:55:47:e4:22:8b:2b:73:3e:98:37:de:
96:32:28:21:0d:6a:44:7f:a6:51:b0:7a:69:5e:03:
af:8e:0a:43:95:5d:fa:5b:61:e9:eb:45:0f:90:ed:
96:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2F:A5:88:CC:E2:B7:62:68:D9:61:EB:A0:2C:4C:E5:53:E9:C6:33
X509v3 Authority Key Identifier:
keyid:EE:D7:F6:B1:65:A3:8C:FF:34:6D:E3:E3:52:11:8D:C9:9E:D8:22:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tf2sWWjjP80bePjUhGNyZ7YIsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/Ki-liMzit2Jo2WHroCxM5VPpxjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c55ea2-62d0-4db9-901c-eac63c33b085/1/7tf2sWWjjP80bePjUhGNyZ7YIsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d08::/48
Signature Algorithm: sha256WithRSAEncryption
2f:b5:d1:01:77:21:85:0f:11:c8:d2:d4:65:36:40:de:f3:ce:
b4:af:fc:bc:00:eb:08:4d:05:46:d4:5a:94:aa:50:d0:a4:dc:
3f:2e:a6:ef:39:9e:9f:07:6c:56:98:6f:cd:40:74:c8:e3:dd:
19:f1:b4:bf:ab:b7:fc:9f:79:f4:6c:1e:25:ad:0c:c9:ca:d7:
2e:a6:cc:24:70:5b:d4:f6:e7:8f:1e:f7:c3:7d:26:e3:74:ee:
f6:d2:f8:89:51:0d:ea:7b:a4:36:50:20:a5:ce:d8:d9:65:04:
11:f3:e4:e0:6b:bb:43:77:ee:dd:69:62:e7:c5:36:3d:c7:ea:
7d:45:5f:65:53:c6:46:ed:99:24:6f:de:7f:44:17:7d:b7:ea:
1e:ab:a8:36:84:29:03:19:2b:68:12:9b:e2:cb:04:50:23:fa:
2d:21:87:6e:de:a1:6b:7d:7b:b2:6a:4a:b9:7e:14:bd:57:89:
01:5f:57:a0:2e:3a:a3:70:77:ee:64:8d:51:dd:73:0a:0b:df:
be:5f:48:fa:47:58:e5:42:54:d7:04:18:6e:f3:d4:fe:b4:39:
c8:52:13:1e:4b:70:9c:a7:e6:86:7f:81:98:80:e6:23:8f:60:
b4:02:9f:60:de:26:d0:42:f3:b3:ea:b3:b7:e3:8b:71:59:50:
39:bb:fe:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZpjgglhYETepsDg6E6yVW1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDdmNmIxNjVhMzhjZmYzNDZkZTNlMzUyMTE4ZGM5OWVk
ODIyYzcwHhcNMjUxMTA4MTI0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJmYTU4OGNjZTJiNzYyNjhkOTYxZWJhMDJjNGNlNTUzZTljNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAwRZLHzerCo1/6ndeuNLIIxkwgC
thYfDmBvcHccBAo7zouTsrZ6B2Q1wr1f4J4k18wc0VChl34auz1R5Njd3tHJTHSI
peFsERcpOAd5rZq6vmAdShyLtX4tpBkSO1jnV8sPEIxWUUpP9lvOiyHMWu4MlOlW
crMh7GT/qVt2XmxLvqa4DJCn67LJ/H1Fruf/b3HKgBN5Gt9mjGxfq11aSYvWHw5w
G8j7Iocwu6wtK9m/foVgFK6ENgp9e9TPI3XvuIftzMlMRFoDi/zezryTrdZMtxrS
VUfkIosrcz6YN96WMighDWpEf6ZRsHppXgOvjgpDlV36W2Hp60UPkO2WQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCovpYjM4rdiaNlh66AsTOVT6cYzMB8GA1UdIwQY
MBaAFO7X9rFlo4z/NG3j41IRjcme2CLHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RmMnNXV2pqUDgwYmVQalVoR055WjdZSXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jNTVlYTItNjJkMC00ZGI5LTkwMWMt
ZWFjNjNjMzNiMDg1LzEvS2ktbGlNeml0MkpvMldIcm9DeE01VlBweGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jNTVlYTItNjJkMC00ZGI5LTkwMWMtZWFjNjNjMzNiMDg1
LzEvN3RmMnNXV2pqUDgwYmVQalVoR055WjdZSXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0I
MA0GCSqGSIb3DQEBCwUAA4IBAQAvtdEBdyGFDxHI0tRlNkDe8860r/y8AOsITQVG
1FqUqlDQpNw/LqbvOZ6fB2xWmG/NQHTI490Z8bS/q7f8n3n0bB4lrQzJytcupswk
cFvU9uePHvfDfSbjdO720viJUQ3qe6Q2UCClztjZZQQR8+Tga7tDd+7daWLnxTY9
x+p9RV9lU8ZG7Zkkb95/RBd9t+oeq6g2hCkDGStoEpviywRQI/otIYdu3qFrfXuy
akq5fhS9V4kBX1egLjqjcHfuZI1R3XMKC9++X0j6R1jlQlTXBBhu89T+tDnIUhMe
S3Ccp+aGf4GYgOYjj2C0Ap9g3ibQQvOz6rO344txWVA5u/7G
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:54:49 2025 by rpki-client