Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/is8rJFkIshJvtMPQsNBVoFxTKBY.roa
File: is8rJFkIshJvtMPQsNBVoFxTKBY.roa (raw, json)
Hash identifier: eXPJhyZn1FuLC+ECVYIsChabU+UtFgCuyBkgvqoFbIk=
Subject key identifier: 8A:CF:2B:24:59:08:B2:12:6F:B4:C3:D0:B0:D0:55:A0:5C:53:28:16
Certificate issuer: /CN=43d0965384dc44487a83171a6d5d05a94a6ad67c
Certificate serial: 0197163129C8FAD9544E5F3B48F0DCF8DDF3
Authority key identifier: 43:D0:96:53:84:DC:44:48:7A:83:17:1A:6D:5D:05:A9:4A:6A:D6:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9CWU4TcREh6gxcabV0FqUpq1nw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/is8rJFkIshJvtMPQsNBVoFxTKBY.roa
Signing time: Wed 28 May 2025 09:20:10 +0000
ROA not before: Wed 28 May 2025 09:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3301
IP address blocks: 2001:678:1084::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/Q9CWU4TcREh6gxcabV0FqUpq1nw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/Q9CWU4TcREh6gxcabV0FqUpq1nw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9CWU4TcREh6gxcabV0FqUpq1nw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:31:29:c8:fa:d9:54:4e:5f:3b:48:f0:dc:f8:dd:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d0965384dc44487a83171a6d5d05a94a6ad67c
Validity
Not Before: May 28 09:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8acf2b245908b2126fb4c3d0b0d055a05c532816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:75:91:c7:da:75:88:a0:07:38:62:68:89:
0a:d7:b7:0a:e7:44:09:25:c2:4d:3e:12:c5:5f:02:
88:c4:bf:24:f1:50:b4:59:47:bc:79:ea:e1:a9:e5:
68:e4:15:42:e7:b2:8e:ed:2f:e8:17:04:4e:7a:4a:
93:fe:64:22:ec:02:a0:8c:2b:dd:9a:81:67:6a:f3:
1b:15:c8:74:43:20:d4:b9:cf:c3:20:81:78:c2:0b:
f5:55:90:f0:88:b5:01:8d:c6:f5:82:31:28:e2:1a:
48:1a:eb:89:b1:ef:53:e3:dd:72:86:ae:6c:63:52:
c2:75:68:70:aa:75:bb:21:20:ae:26:58:55:15:3a:
ee:64:29:ed:ab:2d:2a:c2:b4:37:11:70:b5:d9:1f:
02:77:ba:53:b7:32:3e:3c:87:c1:be:2c:0c:5d:f1:
ca:19:85:02:50:33:84:2a:3f:ea:bc:c2:ba:c6:fa:
b9:ef:65:65:3e:ef:6d:1b:b9:34:cb:70:8c:bf:4b:
57:5d:32:ac:cb:36:c7:36:15:1f:40:82:87:cb:02:
60:f9:72:86:f5:ad:86:e3:60:f7:dd:4b:7c:61:e0:
59:e1:ea:5c:69:b4:f5:d3:78:c0:4f:bc:48:88:27:
fc:d6:7f:9a:fd:a3:00:2f:f4:85:2c:37:2c:5e:99:
a1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:2B:24:59:08:B2:12:6F:B4:C3:D0:B0:D0:55:A0:5C:53:28:16
X509v3 Authority Key Identifier:
keyid:43:D0:96:53:84:DC:44:48:7A:83:17:1A:6D:5D:05:A9:4A:6A:D6:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9CWU4TcREh6gxcabV0FqUpq1nw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/is8rJFkIshJvtMPQsNBVoFxTKBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/cf7617-926d-4c4b-9976-81a78319fd6a/1/Q9CWU4TcREh6gxcabV0FqUpq1nw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1084::/48
Signature Algorithm: sha256WithRSAEncryption
0b:c4:b3:be:00:84:18:16:43:d0:65:78:62:7e:9c:bf:27:a3:
a7:6a:e3:54:eb:3a:f2:da:22:21:1e:e6:df:b3:ae:3e:c0:75:
9f:50:15:3d:5b:40:45:74:8a:1c:cd:a4:eb:8c:a8:03:fa:43:
30:f6:84:b8:ba:1a:bc:62:be:a5:3a:0a:a4:2c:c8:44:44:7f:
4d:2b:f6:7f:0c:d5:ef:a3:82:2e:b7:eb:c7:c3:2f:47:8e:65:
ed:ae:29:4e:3d:b4:49:70:3b:fa:ef:0e:12:05:2c:3a:ba:1a:
24:16:6f:2b:95:97:7c:36:08:48:f1:dd:e5:b0:d1:76:48:9f:
ee:17:c7:e5:a0:f9:2b:4e:54:a3:bb:38:ea:bf:ef:99:fd:b3:
2a:b3:02:1b:6e:ae:30:23:f6:60:dd:47:8a:55:e6:63:65:87:
62:b2:e2:95:9f:78:cf:2e:76:c5:17:5f:16:0f:de:8b:ea:da:
c4:a3:dd:03:94:3c:26:b9:a2:e0:f3:68:8c:11:d5:b6:ae:f5:
60:7b:b5:e1:d1:7e:f0:3f:95:17:5f:b3:22:06:41:5c:c3:eb:
bf:e7:f8:04:7a:59:10:e0:48:17:0b:71:6d:53:fe:ab:8c:54:
28:52:8e:87:cd:60:b9:32:14:10:4b:ba:dc:b0:83:12:83:18:
e6:31:1d:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZcWMSnI+tlUTl87SPDc+N3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDA5NjUzODRkYzQ0NDg3YTgzMTcxYTZkNWQwNWE5NGE2
YWQ2N2MwHhcNMjUwNTI4MDkyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNmMmIyNDU5MDhiMjEyNmZiNGMzZDBiMGQwNTVhMDVjNTMyODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHB1kcfadYigBzhiaIkK17cK50QJ
JcJNPhLFXwKIxL8k8VC0WUe8eerhqeVo5BVC57KO7S/oFwROekqT/mQi7AKgjCvd
moFnavMbFch0QyDUuc/DIIF4wgv1VZDwiLUBjcb1gjEo4hpIGuuJse9T491yhq5s
Y1LCdWhwqnW7ISCuJlhVFTruZCntqy0qwrQ3EXC12R8Cd7pTtzI+PIfBviwMXfHK
GYUCUDOEKj/qvMK6xvq572VlPu9tG7k0y3CMv0tXXTKsyzbHNhUfQIKHywJg+XKG
9a2G42D33Ut8YeBZ4epcabT103jAT7xIiCf81n+a/aMAL/SFLDcsXpmhPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIrPKyRZCLISb7TD0LDQVaBcUygWMB8GA1UdIwQY
MBaAFEPQllOE3ERIeoMXGm1dBalKatZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlDV1U0VGNSRWg2Z3hjYWJWMEZxVXBxMW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jZjc2MTctOTI2ZC00YzRiLTk5NzYt
ODFhNzgzMTlmZDZhLzEvaXM4ckpGa0lzaEp2dE1QUXNOQlZvRnhUS0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jZjc2MTctOTI2ZC00YzRiLTk5NzYtODFhNzgzMTlmZDZh
LzEvUTlDV1U0VGNSRWg2Z3hjYWJWMEZxVXBxMW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeBCE
MA0GCSqGSIb3DQEBCwUAA4IBAQALxLO+AIQYFkPQZXhifpy/J6OnauNU6zry2iIh
Hubfs64+wHWfUBU9W0BFdIoczaTrjKgD+kMw9oS4uhq8Yr6lOgqkLMhERH9NK/Z/
DNXvo4Iut+vHwy9HjmXtrilOPbRJcDv67w4SBSw6uhokFm8rlZd8NghI8d3lsNF2
SJ/uF8floPkrTlSjuzjqv++Z/bMqswIbbq4wI/Zg3UeKVeZjZYdisuKVn3jPLnbF
F18WD96L6trEo90DlDwmuaLg82iMEdW2rvVge7Xh0X7wP5UXX7MiBkFcw+u/5/gE
elkQ4EgXC3FtU/6rjFQoUo6HzWC5MhQQS7rcsIMSgxjmMR0x
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:26:42 2025 by rpki-client