Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8AgiICplARtqvaLN3rVlbPQGE7I.roa
File: 8AgiICplARtqvaLN3rVlbPQGE7I.roa (raw, json)
Hash identifier: EDJa630mySOZ3b7An0FxUBZ6jQjp2Gcdqs49Qs7vWgs=
Subject key identifier: F0:08:22:20:2A:65:01:1B:6A:BD:A2:CD:DE:B5:65:6C:F4:06:13:B2
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196CE0EFBB22418FBAC9C2A06967330336A
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8AgiICplARtqvaLN3rVlbPQGE7I.roa
Signing time: Wed 14 May 2025 09:10:10 +0000
ROA not before: Wed 14 May 2025 09:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206085
IP address blocks: 2a0f:63c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:0e:fb:b2:24:18:fb:ac:9c:2a:06:96:73:30:33:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 14 09:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f00822202a65011b6abda2cddeb5656cf40613b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0e:58:46:1d:24:68:24:77:29:f3:10:b1:a5:
e5:3c:ac:1d:85:de:3b:b0:0e:4e:57:cc:c6:d1:4e:
d6:cb:97:b6:6c:00:a4:c1:f2:6a:c1:3a:87:49:24:
45:03:7b:cf:94:70:2a:c0:44:a7:f0:85:9e:69:43:
5e:b1:2c:74:48:90:31:c9:f8:ad:bd:4a:b7:c2:7b:
42:b1:41:3e:df:ae:34:f7:c4:4d:28:40:c7:d1:cd:
ed:4e:d3:e0:c2:47:ea:5d:20:8c:a9:66:b9:bd:17:
73:e5:8f:2a:a8:a6:82:9b:7c:af:c6:68:20:e1:89:
47:0f:cf:fb:e7:46:b8:dc:03:e4:9d:92:7d:7f:e1:
53:33:ad:81:81:1b:ac:80:a1:7c:36:ca:f3:3a:75:
cb:3e:5f:a7:2d:34:52:22:13:72:43:c3:88:9c:d6:
81:e9:7e:65:83:39:07:86:02:b5:c4:10:e3:9a:1e:
2b:ac:c2:18:32:fb:ef:40:35:46:52:17:fe:36:a8:
fa:1d:8f:0e:57:bf:c4:d4:35:8a:ca:de:77:a4:8a:
ee:28:b6:70:2e:c7:9a:a5:ac:53:80:8c:5b:c7:1e:
81:76:2b:98:1b:e7:ed:c8:bb:28:9a:3e:b6:ff:bc:
8a:e3:ae:37:92:95:ea:fe:80:e7:62:55:7d:dd:a7:
d2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:08:22:20:2A:65:01:1B:6A:BD:A2:CD:DE:B5:65:6C:F4:06:13:B2
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8AgiICplARtqvaLN3rVlbPQGE7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c5::/32
Signature Algorithm: sha256WithRSAEncryption
02:7a:cd:39:ac:83:c9:b7:99:11:eb:ad:f3:15:da:17:7b:fc:
e4:ae:e3:58:97:0e:be:71:9d:0c:0c:8d:02:79:21:4d:99:71:
6d:91:c5:d9:73:f7:2f:7a:e1:c8:9d:6b:09:cb:19:29:a8:78:
e2:a1:8f:e5:34:aa:65:82:55:0f:ac:35:8c:c8:0a:7c:6c:79:
10:f2:5b:6f:09:70:10:ef:31:45:1e:48:16:b6:4d:3f:0b:01:
dc:88:1c:26:c0:a5:a2:f9:80:ee:cf:4d:e5:9d:c4:ba:46:fc:
e1:42:51:95:77:e4:a3:74:f8:56:79:7b:90:d5:8b:dc:3c:df:
20:4f:1b:c7:41:8c:8d:86:75:f8:3a:8a:e5:52:86:4e:91:2d:
6c:e3:c7:ad:bc:a3:19:fb:da:56:a8:06:77:7e:e7:3c:40:6a:
08:77:b0:56:76:a1:dd:6f:73:35:67:ac:15:1e:1a:50:7f:f8:
07:14:f8:28:76:98:ff:8d:f0:0b:e5:39:20:6e:6a:06:ed:8d:
86:6a:4a:56:47:6d:4e:70:2d:c8:f9:cb:55:a0:56:53:c1:7c:
f6:af:72:26:05:67:6c:f7:8b:0e:36:8e:00:9e:21:6e:b2:a0:
45:54:35:84:74:f6:fd:3e:73:b3:43:71:52:22:9f:98:5f:00:
8d:0b:43:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbODvuyJBj7rJwqBpZzMDNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTE0MDkxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDA4MjIyMDJhNjUwMTFiNmFiZGEyY2RkZWI1NjU2Y2Y0MDYxM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ5YRh0kaCR3KfMQsaXlPKwdhd47
sA5OV8zG0U7Wy5e2bACkwfJqwTqHSSRFA3vPlHAqwESn8IWeaUNesSx0SJAxyfit
vUq3wntCsUE+364098RNKEDH0c3tTtPgwkfqXSCMqWa5vRdz5Y8qqKaCm3yvxmgg
4YlHD8/750a43APknZJ9f+FTM62BgRusgKF8NsrzOnXLPl+nLTRSIhNyQ8OInNaB
6X5lgzkHhgK1xBDjmh4rrMIYMvvvQDVGUhf+Nqj6HY8OV7/E1DWKyt53pIruKLZw
LseapaxTgIxbxx6BdiuYG+ftyLsomj62/7yK4643kpXq/oDnYlV93afSBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPAIIiAqZQEbar2izd61ZWz0BhOyMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvOEFnaUlDcGxBUnRxdmFMTjNyVmxiUFFHRTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9jxTAN
BgkqhkiG9w0BAQsFAAOCAQEAAnrNOayDybeZEeut8xXaF3v85K7jWJcOvnGdDAyN
AnkhTZlxbZHF2XP3L3rhyJ1rCcsZKah44qGP5TSqZYJVD6w1jMgKfGx5EPJbbwlw
EO8xRR5IFrZNPwsB3IgcJsClovmA7s9N5Z3Eukb84UJRlXfko3T4Vnl7kNWL3Dzf
IE8bx0GMjYZ1+DqK5VKGTpEtbOPHrbyjGfvaVqgGd37nPEBqCHewVnah3W9zNWes
FR4aUH/4BxT4KHaY/43wC+U5IG5qBu2NhmpKVkdtTnAtyPnLVaBWU8F89q9yJgVn
bPeLDjaOAJ4hbrKgRVQ1hHT2/T5zs0NxUiKfmF8AjQtDNA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:09:40 2025 by rpki-client