Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1YQT4DgEGGyldQ2HE2iUnSANQ0E.roa
File: 1YQT4DgEGGyldQ2HE2iUnSANQ0E.roa (raw, json)
Hash identifier: DXx3CZGsCBvC2oAmq7J6pn9mDPgzrXabQ41rXhcm7jY=
Subject key identifier: D5:84:13:E0:38:04:18:6C:A5:75:0D:87:13:68:94:9D:20:0D:43:41
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196CE0EFCAD351C6AE6C56FA28AEF0F8CCC
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1YQT4DgEGGyldQ2HE2iUnSANQ0E.roa
Signing time: Wed 14 May 2025 09:10:10 +0000
ROA not before: Wed 14 May 2025 09:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215819
IP address blocks: 2a0f:63c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:0e:fc:ad:35:1c:6a:e6:c5:6f:a2:8a:ef:0f:8c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 14 09:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d58413e03804186ca5750d871368949d200d4341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9e:dc:ca:39:42:99:76:56:92:bf:86:a6:48:
dc:0c:78:93:5f:17:11:22:48:82:7b:98:bb:6f:95:
4c:30:ed:d9:8e:b6:10:c0:4a:96:2e:49:e9:64:26:
2a:38:33:09:24:29:f8:38:f0:4c:ba:e5:e5:75:9a:
ce:1a:22:45:fd:7f:17:4b:12:38:f9:dd:a7:90:d1:
b4:cb:33:b9:73:23:95:b6:c7:66:58:bb:12:b6:11:
1c:9b:58:e5:cc:12:99:cf:f4:ac:2b:0e:bc:19:5d:
e9:c0:b4:d3:9e:b6:a2:8c:c5:23:e9:9f:d2:63:c1:
1a:50:d1:b4:67:3d:c2:8e:21:a4:fc:da:73:fa:d3:
35:65:ed:b6:73:72:35:21:65:b5:9b:5b:ad:2e:b2:
b8:61:ae:6a:ee:08:f5:4e:46:9c:69:d7:53:6f:9f:
e9:98:4b:7b:c3:c0:73:0f:a1:6c:55:90:d4:3e:34:
b6:0b:43:17:f2:d5:81:80:93:9a:44:b3:1e:90:b8:
af:b4:87:b7:9e:b0:0e:1b:23:9e:c5:82:f6:5e:d8:
74:3c:28:97:4d:7c:ac:4b:66:c8:4d:fc:e9:14:c9:
b6:e1:92:5d:91:9d:aa:13:18:fa:dd:0b:a6:b6:37:
ab:ec:02:0d:be:09:c4:2f:8f:2d:5a:fd:ad:85:3d:
19:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:84:13:E0:38:04:18:6C:A5:75:0D:87:13:68:94:9D:20:0D:43:41
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1YQT4DgEGGyldQ2HE2iUnSANQ0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c3::/32
Signature Algorithm: sha256WithRSAEncryption
19:6f:91:f7:b5:bd:48:7a:90:4a:db:ed:57:4f:ae:8d:7e:0b:
cb:96:82:3a:9f:71:f1:4d:8b:bb:1c:f7:ad:cb:05:cc:3a:66:
9c:d4:9b:72:11:76:11:30:88:4c:ff:30:b4:ab:6b:a2:47:06:
50:cf:0d:82:cb:21:11:ec:4d:0b:a7:3a:cc:9c:40:f9:34:be:
90:b1:94:3b:4e:1d:28:cc:65:51:5e:24:06:30:08:92:94:02:
24:cb:02:ed:50:7e:f1:c2:da:96:cf:83:e2:e3:df:92:12:aa:
5b:91:06:04:c2:cc:f0:f2:ad:99:71:4a:c6:f4:bc:94:0c:20:
01:51:bd:35:db:bd:72:f8:85:53:b0:03:6f:7e:f3:21:4e:1a:
fe:44:ed:39:74:a6:19:cb:2b:0f:b7:95:b1:f9:16:e8:aa:15:
94:ff:bf:29:4f:9d:eb:72:6a:4d:51:b0:9c:37:75:72:b3:14:
33:22:ef:dc:af:6f:39:c6:6d:8c:e8:a2:59:87:c6:78:29:58:
c2:ff:47:ad:84:d9:7f:63:e0:4e:6a:49:f6:2d:4c:3e:1a:17:
c4:11:ac:6d:a6:ab:86:96:de:e8:fc:08:94:fc:9a:27:d6:98:
76:8a:57:04:40:b3:e9:6b:14:12:35:f5:89:13:94:aa:a6:45:
fc:c9:e9:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbODvytNRxq5sVvoorvD4zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTE0MDkxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg0MTNlMDM4MDQxODZjYTU3NTBkODcxMzY4OTQ5ZDIwMGQ0MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr57cyjlCmXZWkr+GpkjcDHiTXxcR
IkiCe5i7b5VMMO3ZjrYQwEqWLknpZCYqODMJJCn4OPBMuuXldZrOGiJF/X8XSxI4
+d2nkNG0yzO5cyOVtsdmWLsSthEcm1jlzBKZz/SsKw68GV3pwLTTnraijMUj6Z/S
Y8EaUNG0Zz3CjiGk/Npz+tM1Ze22c3I1IWW1m1utLrK4Ya5q7gj1TkacaddTb5/p
mEt7w8BzD6FsVZDUPjS2C0MX8tWBgJOaRLMekLivtIe3nrAOGyOexYL2Xth0PCiX
TXysS2bITfzpFMm24ZJdkZ2qExj63Qumtjer7AINvgnEL48tWv2thT0ZoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNWEE+A4BBhspXUNhxNolJ0gDUNBMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvMVlRVDREZ0VHR3lsZFEySEUyaVVuU0FOUTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9jwzAN
BgkqhkiG9w0BAQsFAAOCAQEAGW+R97W9SHqQStvtV0+ujX4Ly5aCOp9x8U2Luxz3
rcsFzDpmnNSbchF2ETCITP8wtKtrokcGUM8NgsshEexNC6c6zJxA+TS+kLGUO04d
KMxlUV4kBjAIkpQCJMsC7VB+8cLals+D4uPfkhKqW5EGBMLM8PKtmXFKxvS8lAwg
AVG9Ndu9cviFU7ADb37zIU4a/kTtOXSmGcsrD7eVsfkW6KoVlP+/KU+d63JqTVGw
nDd1crMUMyLv3K9vOcZtjOiiWYfGeClYwv9HrYTZf2PgTmpJ9i1MPhoXxBGsbaar
hpbe6PwIlPyaJ9aYdopXBECz6WsUEjX1iROUqqZF/MnpsQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:52:59 2025 by rpki-client