Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7aAXXstsI3lALsOuGJQSy2USorQ.roa
File: 7aAXXstsI3lALsOuGJQSy2USorQ.roa (raw, json)
Hash identifier: K5egTQQoVrvxj85axJsIaZNZ6y2i7KCWO+bwhprrixo=
Subject key identifier: ED:A0:17:5E:CB:6C:23:79:40:2E:C3:AE:18:94:12:CB:65:12:A2:B4
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0197640B9D0CC40DB6D725BFC55EE19FAE10
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7aAXXstsI3lALsOuGJQSy2USorQ.roa
Signing time: Thu 12 Jun 2025 12:09:32 +0000
ROA not before: Thu 12 Jun 2025 12:09:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204335
IP address blocks: 2001:3182::/32 maxlen: 32
2a14:6ac2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:0b:9d:0c:c4:0d:b6:d7:25:bf:c5:5e:e1:9f:ae:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 12 12:09:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eda0175ecb6c2379402ec3ae189412cb6512a2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b5:e3:b5:2d:02:13:36:99:58:20:47:99:e2:
39:46:b6:dd:7a:cf:5b:ac:d6:d7:9d:41:13:eb:d6:
04:17:cc:5f:be:cf:9d:ca:69:1d:2e:52:7b:00:ec:
ff:a6:ec:69:a9:6c:cb:43:cc:d8:30:c3:6a:0e:dd:
f0:9d:39:47:bb:7b:7b:15:c6:df:88:ce:de:42:5b:
00:a5:d9:0f:80:9d:0e:c8:11:f6:ea:c9:49:02:ac:
53:b4:6e:6f:09:92:63:cc:85:0a:c9:b6:ee:c2:30:
7d:4c:d0:fb:74:8d:a9:8b:99:31:46:0b:a8:06:26:
ae:84:ba:60:f2:d5:9c:c0:ae:25:d4:05:20:11:e0:
96:e5:f7:7f:c7:54:d1:74:8b:36:60:35:72:fd:39:
55:f3:11:d3:7b:d4:d6:21:db:b2:7a:ed:e0:99:ca:
81:ef:18:e4:7b:bc:5c:27:e8:2b:b2:f1:4d:41:00:
90:bf:29:3c:f9:c8:57:be:d2:49:61:e6:3b:f5:ad:
69:88:1c:e7:7c:31:2e:22:72:9e:73:b9:46:96:2e:
6d:e4:21:9f:e6:52:a5:40:33:27:fb:c8:59:36:18:
61:6e:bd:4a:e4:a6:9c:1f:8a:0b:be:9a:ff:56:5e:
45:8a:f4:b9:c3:f1:2b:6b:b3:b3:34:61:d8:62:36:
d5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A0:17:5E:CB:6C:23:79:40:2E:C3:AE:18:94:12:CB:65:12:A2:B4
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7aAXXstsI3lALsOuGJQSy2USorQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3182::/32
2a14:6ac2::/32
Signature Algorithm: sha256WithRSAEncryption
00:be:94:7a:de:b2:fd:64:49:26:30:2a:0a:0e:43:e2:81:99:
c4:c2:b5:57:0b:6a:58:a1:5d:d2:de:0e:6e:e6:20:8f:97:2a:
ba:bb:74:83:cd:aa:6e:81:52:98:65:a3:ff:4c:ef:c4:c8:e4:
97:b9:4a:30:b2:b7:8e:b8:0d:03:ec:00:94:55:f2:20:7b:05:
e6:a6:65:c2:c1:83:4b:94:90:bf:2e:35:5e:45:4f:b7:cf:cb:
7d:c9:5e:f0:5f:e3:99:3b:14:19:7a:b3:eb:de:08:43:2b:5b:
d6:c5:d0:f8:8a:de:04:5b:30:d6:50:e2:0a:ba:e5:09:e1:13:
8f:f8:bf:d8:67:3e:bf:fe:7d:af:34:36:4a:ab:1e:94:ff:25:
8a:69:e5:7d:28:b2:37:42:96:bc:2a:fa:a8:64:62:38:59:6e:
10:d2:6a:c8:89:eb:53:9e:b2:18:4e:d3:18:48:75:5c:72:bd:
b5:40:01:3f:8c:b2:51:2e:d4:94:01:12:08:05:15:f2:e2:29:
e8:91:7a:48:5e:66:9f:a3:b7:fa:ba:4f:32:79:f3:60:09:83:
fb:c2:f3:06:34:2f:c9:66:ad:61:88:3a:9f:7e:26:8a:62:3d:
6b:8f:a2:e2:34:c6:40:77:ac:26:5f:90:1e:72:b7:92:f8:ef:
47:6d:e6:0f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZdkC50MxA221yW/xV7hn64QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjEyMTIwOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGEwMTc1ZWNiNmMyMzc5NDAyZWMzYWUxODk0MTJjYjY1MTJhMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LXjtS0CEzaZWCBHmeI5Rrbdes9b
rNbXnUET69YEF8xfvs+dymkdLlJ7AOz/puxpqWzLQ8zYMMNqDt3wnTlHu3t7Fcbf
iM7eQlsApdkPgJ0OyBH26slJAqxTtG5vCZJjzIUKybbuwjB9TND7dI2pi5kxRguo
BiauhLpg8tWcwK4l1AUgEeCW5fd/x1TRdIs2YDVy/TlV8xHTe9TWIduyeu3gmcqB
7xjke7xcJ+grsvFNQQCQvyk8+chXvtJJYeY79a1piBznfDEuInKec7lGli5t5CGf
5lKlQDMn+8hZNhhhbr1K5KacH4oLvpr/Vl5FivS5w/Era7OzNGHYYjbVUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO2gF17LbCN5QC7DrhiUEstlEqK0MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvN2FBWFhzdHNJM2xBTHNPdUdKUVN5MlVTb3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAExggMF
ACoUasIwDQYJKoZIhvcNAQELBQADggEBAAC+lHresv1kSSYwKgoOQ+KBmcTCtVcL
alihXdLeDm7mII+XKrq7dIPNqm6BUphlo/9M78TI5Je5SjCyt464DQPsAJRV8iB7
BeamZcLBg0uUkL8uNV5FT7fPy33JXvBf45k7FBl6s+veCEMrW9bF0PiK3gRbMNZQ
4gq65QnhE4/4v9hnPr/+fa80NkqrHpT/JYpp5X0osjdClrwq+qhkYjhZbhDSasiJ
61OeshhO0xhIdVxyvbVAAT+MslEu1JQBEggFFfLiKeiRekheZp+jt/q6TzJ582AJ
g/vC8wY0L8lmrWGIOp9+JopiPWuPouI0xkB3rCZfkB5yt5L470dt5g8=
-----END CERTIFICATE-----
Generated at Sat Jun 14 02:45:11 2025 by rpki-client