Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/TzORwg4ns3a2xV-HyxP5Fmms2RQ.roa
File: TzORwg4ns3a2xV-HyxP5Fmms2RQ.roa (raw, json)
Hash identifier: Wu2fXzsniDaDsr6SbE//gVem/SHbNgjwnUXhFvTRkYE=
Subject key identifier: 4F:33:91:C2:0E:27:B3:76:B6:C5:5F:87:CB:13:F9:16:69:AC:D9:14
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0198E2ED60EBD858B28483361672C116B9AF
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/TzORwg4ns3a2xV-HyxP5Fmms2RQ.roa
Signing time: Mon 25 Aug 2025 20:31:04 +0000
ROA not before: Mon 25 Aug 2025 20:31:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a0e:a781::/36 maxlen: 36
2a10:6c40::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:8000::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e2:ed:60:eb:d8:58:b2:84:83:36:16:72:c1:16:b9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Aug 25 20:31:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f3391c20e27b376b6c55f87cb13f91669acd914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7a:cc:2d:4f:db:75:76:9f:de:88:19:a7:ae:
e8:30:fa:54:e4:1d:20:de:ae:56:38:1c:42:e2:f4:
82:fd:85:5b:22:27:47:c5:f9:5b:5b:de:dd:26:37:
dd:cd:7c:d9:01:32:a1:1d:d9:a4:1d:27:8d:6a:90:
d6:83:d8:1d:6c:dc:ee:20:5e:50:d7:78:10:cf:82:
f8:80:0c:c3:6d:a4:91:4d:78:4b:b4:35:e1:5d:49:
be:6e:86:30:43:8d:2b:07:b6:07:62:e9:c8:c5:03:
af:26:28:63:f9:3c:bf:01:21:37:d6:53:b9:25:4e:
e9:78:6d:5c:1b:79:07:ce:d1:32:3c:61:91:68:98:
dc:da:61:70:7a:8b:1a:5b:00:ca:66:11:71:31:d8:
7d:1f:ed:40:95:ec:c1:36:fc:44:96:b3:60:57:3a:
37:7c:9f:97:61:d2:ee:42:dc:24:91:8e:7f:ff:e0:
24:a9:fc:6d:d7:f8:04:29:49:da:da:28:91:59:94:
a4:0f:4a:7a:5b:0f:99:49:93:07:5e:30:ee:f3:2c:
56:72:a0:95:c9:49:f8:f1:ab:4a:c0:a7:67:d0:39:
1b:69:7c:0e:a2:4a:70:f0:2d:33:7d:22:32:e1:75:
be:37:89:61:7b:15:1e:32:9d:1f:64:b8:ca:85:e9:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:33:91:C2:0E:27:B3:76:B6:C5:5F:87:CB:13:F9:16:69:AC:D9:14
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/TzORwg4ns3a2xV-HyxP5Fmms2RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0b:3e00::/29
2a0c:8340::/29
2a0e:a781::/36
2a10:6c40::/29
2a10:9600::/29
2a13:8000::/29
2a13:b840::/29
2a13:ddc0::/29
2a13:de40::/29
2a14:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:0b:b4:9c:87:84:0d:a9:2b:2b:1a:05:94:b9:59:5d:f6:41:
38:b4:7e:d7:02:46:31:3c:79:59:85:d7:45:61:fc:41:98:6d:
e3:25:f1:85:a1:9c:ee:cb:91:d0:b7:6d:3c:a7:4b:76:73:01:
c6:b3:7a:0c:8c:26:a3:70:82:ea:8b:9a:2f:89:78:43:1a:f1:
07:78:e4:c9:db:cd:3f:06:dc:5e:f7:6b:a6:27:47:f2:f6:f6:
85:5c:43:43:9f:58:e7:77:aa:a5:82:9d:c3:47:0d:32:83:4b:
e6:bf:73:f5:8a:9e:c4:44:38:fe:1f:5c:79:85:e0:1b:2e:b7:
48:9a:f5:54:2c:1d:db:a9:d0:06:34:25:67:b9:9b:24:b2:2f:
c8:f2:18:0d:b3:7f:af:54:b9:d9:d7:6a:51:6e:b4:b0:0b:b4:
8e:bc:49:13:35:73:43:8f:b9:65:1f:d9:5e:d3:ef:00:23:38:
34:45:06:52:0d:b7:54:a8:68:a1:59:d4:fd:23:65:1f:9c:34:
ae:a9:4c:7e:24:1b:b4:7c:b8:5c:5b:3f:44:21:87:bc:5f:43:
bc:6f:22:67:88:79:88:b9:b5:8c:82:4b:da:21:28:d2:73:b8:
78:0c:94:d0:a2:7e:f1:83:08:85:f4:46:44:f5:5d:b1:03:c1:
fb:6d:31:65
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZji7WDr2FiyhIM2FnLBFrmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwODI1MjAzMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMzOTFjMjBlMjdiMzc2YjZjNTVmODdjYjEzZjkxNjY5YWNkOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXrMLU/bdXaf3ogZp67oMPpU5B0g
3q5WOBxC4vSC/YVbIidHxflbW97dJjfdzXzZATKhHdmkHSeNapDWg9gdbNzuIF5Q
13gQz4L4gAzDbaSRTXhLtDXhXUm+boYwQ40rB7YHYunIxQOvJihj+Ty/ASE31lO5
JU7peG1cG3kHztEyPGGRaJjc2mFweosaWwDKZhFxMdh9H+1AlezBNvxElrNgVzo3
fJ+XYdLuQtwkkY5//+Akqfxt1/gEKUna2iiRWZSkD0p6Ww+ZSZMHXjDu8yxWcqCV
yUn48atKwKdn0DkbaXwOokpw8C0zfSIy4XW+N4lhexUeMp0fZLjKhemtCwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFE8zkcIOJ7N2tsVfh8sT+RZprNkUMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvVHpPUndnNG5zM2EyeFYtSHl4UDVGbW1zMlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAAjBOAwUDIAEwgAMF
AyoLPgADBQMqDINAAwYEKg6ngQADBQMqEGxAAwUDKhCWAAMFAyoTgAADBQMqE7hA
AwUDKhPdwAMFAyoT3kADBQMqFDXAMA0GCSqGSIb3DQEBCwUAA4IBAQAiC7Sch4QN
qSsrGgWUuVld9kE4tH7XAkYxPHlZhddFYfxBmG3jJfGFoZzuy5HQt208p0t2cwHG
s3oMjCajcILqi5oviXhDGvEHeOTJ280/Btxe92umJ0fy9vaFXENDn1jnd6qlgp3D
Rw0yg0vmv3P1ip7ERDj+H1x5heAbLrdImvVULB3bqdAGNCVnuZsksi/I8hgNs3+v
VLnZ12pRbrSwC7SOvEkTNXNDj7llH9le0+8AIzg0RQZSDbdUqGihWdT9I2UfnDSu
qUx+JBu0fLhcWz9EIYe8X0O8byJniHmIubWMgkvaISjSc7h4DJTQon7xgwiF9EZE
9V2xA8H7bTFl
-----END CERTIFICATE-----
Generated at Sat Sep 6 06:59:49 2025 by rpki-client