Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ekFedpdjyroDfrJNq_9cAtokmjo.roa
File: ekFedpdjyroDfrJNq_9cAtokmjo.roa (raw, json)
Hash identifier: On8G1lMXQkLwOZbXhvJ3uQ12dUsI/nrNdYKUpBr5mPY=
Subject key identifier: 7A:41:5E:76:97:63:CA:BA:03:7E:B2:4D:AB:FF:5C:02:DA:24:9A:3A
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01995DBBB50BA62BC122D56735E099ADCF8A
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ekFedpdjyroDfrJNq_9cAtokmjo.roa
Signing time: Thu 18 Sep 2025 16:50:06 +0000
ROA not before: Thu 18 Sep 2025 16:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a0e:a781::/36 maxlen: 36
2a13:8000::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:6bc0::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:bb:b5:0b:a6:2b:c1:22:d5:67:35:e0:99:ad:cf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Sep 18 16:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a415e769763caba037eb24dabff5c02da249a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:99:54:98:82:a1:70:36:92:f4:3b:42:d1:
e1:b3:33:9d:fb:11:5d:c9:2a:7c:86:8c:da:75:3a:
1e:dd:55:e6:df:c8:3a:3a:6c:9e:97:76:61:88:33:
a3:38:76:f5:5b:ef:98:68:91:72:c5:12:1f:ee:43:
b3:89:bc:f5:f0:c9:9c:41:bf:ac:fa:fb:e5:01:42:
81:c5:a2:5c:20:09:b1:1f:b6:18:00:7a:b0:ed:52:
98:6c:32:90:5f:01:32:93:6b:bb:d5:26:84:f7:3b:
76:ab:fe:d8:e3:b5:99:cd:18:91:cd:93:71:ac:df:
15:b7:3f:9e:18:c8:9e:39:5a:16:6e:cd:9f:b9:d9:
8e:08:f3:dd:52:99:fb:a8:6a:a3:da:64:58:b4:01:
e5:c7:c1:c5:82:37:b0:e6:f7:37:12:fe:82:4e:8f:
ab:a9:91:cf:6e:2e:33:77:09:3a:11:64:67:77:ff:
d0:6b:6c:5f:57:4b:00:a5:3f:bb:0a:e7:c4:e6:90:
93:2d:ee:d8:20:a7:4b:61:be:ac:b6:61:1f:fd:97:
ac:fa:b0:f4:e8:f8:19:ce:fa:71:32:d5:4b:c4:80:
ac:83:39:aa:05:86:85:b5:db:4e:c1:63:21:cd:53:
46:21:61:9f:5c:b2:bd:07:f9:c8:65:21:7c:65:a4:
54:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:41:5E:76:97:63:CA:BA:03:7E:B2:4D:AB:FF:5C:02:DA:24:9A:3A
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ekFedpdjyroDfrJNq_9cAtokmjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0b:3e00::/29
2a0c:8340::/29
2a0e:a781::/36
2a13:8000::/29
2a14:35c0::/29
2a14:6bc0::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:68:3f:e4:a3:38:de:a5:38:dd:c4:e3:48:16:40:64:a8:8e:
cc:f8:5c:6b:4a:0f:c3:b6:61:0a:ff:70:79:60:82:02:e9:df:
fb:a4:39:48:12:f9:49:38:24:f9:31:67:88:7a:0a:41:70:07:
02:bd:06:85:05:d2:90:d1:c5:29:44:66:3e:01:d1:ff:ee:d4:
71:44:b1:af:e4:82:9c:05:eb:51:ee:09:ab:cb:20:e5:f0:44:
3e:68:c2:18:37:04:a5:da:f3:de:7d:bc:13:c4:58:ea:2b:25:
bf:8e:f9:3a:06:26:27:f0:b0:ee:19:06:24:82:49:c4:a0:98:
e0:f7:2c:1b:48:1c:d9:2e:fa:87:b9:28:ea:9d:6f:2a:4d:09:
74:8b:39:64:cb:1b:2d:aa:5c:aa:e6:84:52:20:ca:c6:e5:17:
d2:64:0f:e8:9b:3e:f7:7e:62:18:82:71:dd:52:c3:15:0f:fd:
49:ba:12:e8:d9:7e:4e:2f:2a:42:ad:9b:df:c9:c7:a5:d2:af:
4f:da:b7:ab:ff:c0:8c:f7:16:88:2b:7a:f6:8c:29:f3:d0:25:
c3:90:1a:73:f1:f4:bc:17:48:50:de:0f:b3:bf:7e:db:c0:f7:
97:53:8e:2a:78:6a:19:c1:02:b7:43:1a:bb:23:95:87:4f:16:
d2:65:02:2f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZldu7ULpivBItVnNeCZrc+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwOTE4MTY1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQxNWU3Njk3NjNjYWJhMDM3ZWIyNGRhYmZmNWMwMmRhMjQ5YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0CZVJiCoXA2kvQ7QtHhszOd+xFd
ySp8hozadToe3VXm38g6Omyel3ZhiDOjOHb1W++YaJFyxRIf7kOzibz18MmcQb+s
+vvlAUKBxaJcIAmxH7YYAHqw7VKYbDKQXwEyk2u71SaE9zt2q/7Y47WZzRiRzZNx
rN8Vtz+eGMieOVoWbs2fudmOCPPdUpn7qGqj2mRYtAHlx8HFgjew5vc3Ev6CTo+r
qZHPbi4zdwk6EWRnd//Qa2xfV0sApT+7CufE5pCTLe7YIKdLYb6stmEf/Zes+rD0
6PgZzvpxMtVLxICsgzmqBYaFtdtOwWMhzVNGIWGfXLK9B/nIZSF8ZaRUaQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHpBXnaXY8q6A36yTav/XALaJJo6MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvZWtGZWRwZGp5cm9EZnJKTnFfOWNBdG9rbWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AwUDIAEwgAMF
AyoLPgADBQMqDINAAwYEKg6ngQADBQMqE4AAAwUDKhQ1wAMFAyoUa8ADBQMqFHLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSaD/kozjepTjdxONIFkBkqI7M+FxrSg/DtmEK
/3B5YIIC6d/7pDlIEvlJOCT5MWeIegpBcAcCvQaFBdKQ0cUpRGY+AdH/7tRxRLGv
5IKcBetR7gmryyDl8EQ+aMIYNwSl2vPefbwTxFjqKyW/jvk6BiYn8LDuGQYkgknE
oJjg9ywbSBzZLvqHuSjqnW8qTQl0izlkyxstqlyq5oRSIMrG5RfSZA/omz73fmIY
gnHdUsMVD/1JuhLo2X5OLypCrZvfycel0q9P2rer/8CM9xaIK3r2jCnz0CXDkBpz
8fS8F0hQ3g+zv37bwPeXU44qeGoZwQK3Qxq7I5WHTxbSZQIv
-----END CERTIFICATE-----
Generated at Wed Oct 8 14:06:39 2025 by rpki-client