Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/B0Y963Ym8G97yUdy6EGcxKIyrcU.roa
File: B0Y963Ym8G97yUdy6EGcxKIyrcU.roa (raw, json)
Hash identifier: Wao2+az0V0GHaVKw5bKO+AnDXEcdThgJWPQTM7j4WM8=
Subject key identifier: 07:46:3D:EB:76:26:F0:6F:7B:C9:47:72:E8:41:9C:C4:A2:32:AD:C5
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0198F302B392719DE42C13B2510A3E9B180D
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/B0Y963Ym8G97yUdy6EGcxKIyrcU.roa
Signing time: Thu 28 Aug 2025 23:28:17 +0000
ROA not before: Thu 28 Aug 2025 23:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207480
IP address blocks: 2a01:e901:160::/48 maxlen: 48
2a01:e901:162::/48 maxlen: 48
2a01:e901:170::/48 maxlen: 48
2a01:e901:172::/48 maxlen: 48
2a01:e901:182::/48 maxlen: 48
2a01:e901:192::/48 maxlen: 48
2a01:e901:1a2::/48 maxlen: 48
2a01:e901:1b2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 04:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f3:02:b3:92:71:9d:e4:2c:13:b2:51:0a:3e:9b:18:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Aug 28 23:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07463deb7626f06f7bc94772e8419cc4a232adc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7f:cf:b0:97:70:d7:26:3a:2d:08:c6:04:c9:
ac:14:1f:83:f9:58:76:3c:11:2d:7b:55:91:49:e7:
96:37:40:3c:05:d4:44:06:e8:77:94:3b:7f:af:44:
00:91:d9:d9:8d:83:c7:18:d9:2c:96:88:1b:88:72:
75:55:82:2e:9a:ca:3d:73:81:bc:66:e8:85:a5:ac:
67:91:44:99:5d:48:21:c0:79:a4:d1:e4:91:1f:45:
38:33:23:9c:10:17:b0:40:37:d3:a8:d5:25:27:6e:
19:ca:b3:4d:8b:ed:00:27:d2:7c:14:5e:69:ac:ac:
ab:5e:31:69:1f:6b:a1:45:e2:57:ec:49:db:94:f9:
28:ec:13:e1:9a:bc:ed:05:a1:50:f7:13:90:ef:ef:
d2:1c:05:be:9f:0a:20:be:ab:cf:93:23:5f:ad:2d:
06:9f:b8:df:ff:3a:b4:30:8b:ca:5b:d1:8d:d6:9c:
be:c3:90:4c:a9:07:ba:ea:41:c1:62:99:9a:20:f0:
a8:fc:79:29:ba:f9:d7:3b:c9:3f:fe:9e:c5:42:0d:
82:b8:98:aa:8f:83:5d:bb:cf:47:b3:fb:ff:5e:f1:
23:a6:38:88:c0:1f:29:d5:e9:40:50:27:52:4c:95:
83:6b:3d:09:69:8b:ac:49:15:cf:c5:76:20:d4:ef:
f4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:46:3D:EB:76:26:F0:6F:7B:C9:47:72:E8:41:9C:C4:A2:32:AD:C5
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/B0Y963Ym8G97yUdy6EGcxKIyrcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:160::/48
2a01:e901:162::/48
2a01:e901:170::/48
2a01:e901:172::/48
2a01:e901:182::/48
2a01:e901:192::/48
2a01:e901:1a2::/48
2a01:e901:1b2::/48
Signature Algorithm: sha256WithRSAEncryption
9f:89:a7:76:4b:14:ca:3d:2f:53:99:95:03:1c:e1:10:74:6d:
38:92:35:5f:c9:b8:a4:12:49:e3:02:03:93:60:4c:72:07:c1:
96:22:a8:f7:7e:bf:df:ab:61:20:d5:af:d3:37:1c:0e:55:00:
bd:21:c3:d1:92:4b:3f:cf:8c:0a:51:3d:40:25:d0:45:98:34:
af:7c:b9:e8:d4:10:d0:50:39:d3:46:c0:67:d5:6a:07:00:89:
68:14:42:96:af:a8:ac:ea:42:4e:8f:f5:16:00:ad:35:c0:6d:
95:7d:7e:37:65:09:65:c9:bb:fa:7d:98:0a:0c:01:b2:39:5b:
79:cb:5a:2b:cf:62:29:58:a6:69:0e:6b:8d:55:12:78:f1:4a:
54:17:4c:4f:b6:9b:b8:5d:ca:fd:68:8a:71:4f:51:c2:b0:3d:
e4:d9:2e:54:84:cd:fe:93:6e:2f:d3:43:34:ac:a8:5c:e2:09:
c3:c1:31:29:99:b1:0e:7c:96:31:0d:7d:ea:d5:bf:6a:dc:57:
50:6a:27:c5:dc:2f:9a:9d:77:02:f6:57:f6:0a:ce:76:77:22:
20:df:f2:5c:fa:cd:92:ef:93:12:d2:7e:f1:72:42:7c:f7:c2:
20:b3:21:4b:7a:a1:31:87:56:89:11:33:58:b6:ee:24:cd:59:
fa:52:4c:00
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZjzArOScZ3kLBOyUQo+mxgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwODI4MjMyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQ2M2RlYjc2MjZmMDZmN2JjOTQ3NzJlODQxOWNjNGEyMzJhZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX/PsJdw1yY6LQjGBMmsFB+D+Vh2
PBEte1WRSeeWN0A8BdREBuh3lDt/r0QAkdnZjYPHGNkslogbiHJ1VYIumso9c4G8
ZuiFpaxnkUSZXUghwHmk0eSRH0U4MyOcEBewQDfTqNUlJ24ZyrNNi+0AJ9J8FF5p
rKyrXjFpH2uhReJX7EnblPko7BPhmrztBaFQ9xOQ7+/SHAW+nwogvqvPkyNfrS0G
n7jf/zq0MIvKW9GN1py+w5BMqQe66kHBYpmaIPCo/HkpuvnXO8k//p7FQg2CuJiq
j4Ndu89Hs/v/XvEjpjiIwB8p1elAUCdSTJWDaz0JaYusSRXPxXYg1O/01QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAdGPet2JvBve8lHcuhBnMSiMq3FMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvQjBZOTYzWW04Rzk3eVVkeTZFR2N4S0l5cmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAKgHpAQFg
AwcAKgHpAQFiAwcAKgHpAQFwAwcAKgHpAQFyAwcAKgHpAQGCAwcAKgHpAQGSAwcA
KgHpAQGiAwcAKgHpAQGyMA0GCSqGSIb3DQEBCwUAA4IBAQCfiad2SxTKPS9TmZUD
HOEQdG04kjVfybikEknjAgOTYExyB8GWIqj3fr/fq2Eg1a/TNxwOVQC9IcPRkks/
z4wKUT1AJdBFmDSvfLno1BDQUDnTRsBn1WoHAIloFEKWr6is6kJOj/UWAK01wG2V
fX43ZQllybv6fZgKDAGyOVt5y1orz2IpWKZpDmuNVRJ48UpUF0xPtpu4Xcr9aIpx
T1HCsD3k2S5UhM3+k24v00M0rKhc4gnDwTEpmbEOfJYxDX3q1b9q3FdQaifF3C+a
nXcC9lf2Cs52dyIg3/Jc+s2S75MS0n7xckJ898IgsyFLeqExh1aJETNYtu4kzVn6
UkwA
-----END CERTIFICATE-----
Generated at Fri Sep 5 13:46:12 2025 by rpki-client