Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/RCH2kVQlQUO17HMYzk76BfdxCEQ.roa
File: RCH2kVQlQUO17HMYzk76BfdxCEQ.roa (raw, json)
Hash identifier: iV46J/iePFG/Qa9djXhjZAshKme3of/6WGBYVg9eSW4=
Subject key identifier: 44:21:F6:91:54:25:41:43:B5:EC:73:18:CE:4E:FA:05:F7:71:08:44
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 0198AC82B67A7765CBD69BB2989770996B56
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/RCH2kVQlQUO17HMYzk76BfdxCEQ.roa
Signing time: Fri 15 Aug 2025 06:55:04 +0000
ROA not before: Fri 15 Aug 2025 06:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205534
IP address blocks: 2a14:c380:370::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 18:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:82:b6:7a:77:65:cb:d6:9b:b2:98:97:70:99:6b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Aug 15 06:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4421f69154254143b5ec7318ce4efa05f7710844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:6a:85:4b:10:4c:23:bf:c8:44:41:62:2e:
ea:5e:7e:a0:23:de:2d:22:e8:b7:08:58:45:de:14:
43:0a:2f:2d:c6:58:7c:7e:b8:31:21:cf:a4:ba:e3:
2f:db:3b:f7:87:48:dc:28:24:76:99:ec:ad:e3:b5:
f8:03:3b:e2:9b:a7:04:e7:f7:7e:78:fa:10:5b:ff:
10:1f:8e:4a:9e:a3:fc:ba:cd:da:f7:4a:e4:dd:d8:
3d:2c:f8:50:9e:70:ed:64:5a:c1:d9:df:28:20:b0:
c0:b9:08:81:fa:52:34:42:84:91:85:61:e4:24:7a:
52:ef:13:15:b6:3f:3a:3e:67:69:47:f6:d7:e0:3b:
fc:19:ee:ea:08:67:9c:74:8a:dc:07:3e:fb:0c:de:
4d:a5:ad:85:68:26:44:4f:af:de:95:f5:07:1f:e5:
f5:96:86:e7:3e:dc:51:32:fb:22:64:0c:49:08:cb:
20:55:ee:37:2b:a6:54:d7:14:a5:06:7c:76:e9:35:
04:d2:95:aa:8e:a6:37:42:82:e9:a0:8d:52:7f:fb:
48:ea:3f:78:5b:14:14:e5:5d:c9:47:ea:a6:04:a7:
30:aa:f6:ae:a4:32:4a:77:cf:01:75:d1:0d:ba:ad:
b8:a4:8c:2e:e4:ee:17:d6:9c:69:25:9a:33:d8:f9:
51:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:21:F6:91:54:25:41:43:B5:EC:73:18:CE:4E:FA:05:F7:71:08:44
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/RCH2kVQlQUO17HMYzk76BfdxCEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:370::/44
Signature Algorithm: sha256WithRSAEncryption
06:22:be:d7:85:0d:a8:31:00:69:cb:89:d8:4e:66:3b:ec:0d:
d7:88:5b:35:8c:cc:61:6f:46:14:bb:1a:ec:c6:9e:e2:61:44:
f5:bd:19:9f:63:18:3c:08:02:ac:3e:81:09:0e:b9:75:00:53:
fc:28:cb:08:e5:33:ad:c0:04:7f:c8:22:ad:07:f3:76:25:1c:
b9:4b:fa:01:27:c4:74:df:a6:f2:13:eb:6d:fa:00:65:30:80:
8b:6c:bd:d3:1d:41:f9:44:69:15:d3:9e:f9:48:89:2a:7e:63:
9a:36:e5:4d:5d:78:c0:4e:ce:4c:1b:5e:46:8c:7e:7a:ab:c1:
78:e5:3e:8b:f8:ca:24:61:07:fb:a3:f0:d5:13:9c:79:45:e8:
ab:80:ee:22:96:85:65:f9:6e:ee:60:27:47:30:e6:f9:cb:73:
a9:9f:d2:0f:29:1b:7a:49:73:95:45:a9:34:cd:4b:fc:bf:a0:
cb:4d:30:9c:3e:78:53:e5:eb:b3:01:c5:e0:52:f0:9d:89:19:
7d:41:d8:8a:fe:b5:82:83:ed:22:e7:ad:15:42:a3:62:df:ff:
4b:bb:ab:21:de:78:19:e7:bd:04:c5:87:41:db:4c:ea:4d:a1:
40:b0:ca:ec:46:d3:a5:1a:c5:83:c2:d1:e9:77:46:25:02:51:
7b:5a:de:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZisgrZ6d2XL1puymJdwmWtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwODE1MDY1NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIxZjY5MTU0MjU0MTQzYjVlYzczMThjZTRlZmEwNWY3NzEwODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxxqhUsQTCO/yERBYi7qXn6gI94t
Iui3CFhF3hRDCi8txlh8frgxIc+kuuMv2zv3h0jcKCR2meyt47X4Azvim6cE5/d+
ePoQW/8QH45KnqP8us3a90rk3dg9LPhQnnDtZFrB2d8oILDAuQiB+lI0QoSRhWHk
JHpS7xMVtj86PmdpR/bX4Dv8Ge7qCGecdIrcBz77DN5Npa2FaCZET6/elfUHH+X1
lobnPtxRMvsiZAxJCMsgVe43K6ZU1xSlBnx26TUE0pWqjqY3QoLpoI1Sf/tI6j94
WxQU5V3JR+qmBKcwqvaupDJKd88BddENuq24pIwu5O4X1pxpJZoz2PlRHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEQh9pFUJUFDtexzGM5O+gX3cQhEMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvUkNIMmtWUWxRVU8xN0hNWXprNzZCZmR4Q0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhTDgANw
MA0GCSqGSIb3DQEBCwUAA4IBAQAGIr7XhQ2oMQBpy4nYTmY77A3XiFs1jMxhb0YU
uxrsxp7iYUT1vRmfYxg8CAKsPoEJDrl1AFP8KMsI5TOtwAR/yCKtB/N2JRy5S/oB
J8R036byE+tt+gBlMICLbL3THUH5RGkV0575SIkqfmOaNuVNXXjATs5MG15GjH56
q8F45T6L+MokYQf7o/DVE5x5ReirgO4iloVl+W7uYCdHMOb5y3Opn9IPKRt6SXOV
Rak0zUv8v6DLTTCcPnhT5euzAcXgUvCdiRl9QdiK/rWCg+0i560VQqNi3/9Lu6sh
3ngZ570ExYdB20zqTaFAsMrsRtOlGsWDwtHpd0YlAlF7Wt56
-----END CERTIFICATE-----
Generated at Thu Aug 21 04:08:26 2025 by rpki-client