Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qP-ljFIZwxDHqtXoeZTlA3LFnMQ.roa
File: qP-ljFIZwxDHqtXoeZTlA3LFnMQ.roa (raw, json)
Hash identifier: D4ZJ1otWT2E4xoZhtkVLy+1+bK1l0mAAxLn6w3oGmdM=
Subject key identifier: A8:FF:A5:8C:52:19:C3:10:C7:AA:D5:E8:79:94:E5:03:72:C5:9C:C4
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019709216F5B58655E7396335037CC5F4A53
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qP-ljFIZwxDHqtXoeZTlA3LFnMQ.roa
Signing time: Sun 25 May 2025 20:27:55 +0000
ROA not before: Sun 25 May 2025 20:27:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209961
IP address blocks: 2a0b:a4c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:09:21:6f:5b:58:65:5e:73:96:33:50:37:cc:5f:4a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 25 20:27:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8ffa58c5219c310c7aad5e87994e50372c59cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:e3:65:a7:fd:bf:65:a4:d9:9f:b1:b9:7c:
b9:68:45:82:31:ce:89:d5:8b:15:a1:08:ef:d9:4a:
5f:84:81:ce:95:9e:4b:d0:a5:77:7e:ea:25:15:b0:
32:27:08:37:03:0d:37:f4:67:50:cf:7e:7d:c1:14:
e5:14:6f:21:10:a1:4c:15:84:1f:d5:3a:d3:f8:b4:
ce:6e:59:d2:35:d3:41:53:f6:d9:32:60:15:f2:25:
37:f2:dd:6b:5b:07:aa:d7:04:5c:09:a2:53:d1:ef:
9f:07:07:99:f6:8c:84:86:f9:68:fa:35:d3:ac:4a:
08:95:53:d2:08:26:63:24:f9:03:dd:35:ad:d5:34:
63:87:90:7a:8f:66:5a:a9:05:cf:18:04:d5:44:64:
e1:13:7a:98:9a:c4:3a:d5:5f:3e:d6:63:0a:bd:53:
bf:b2:ec:d5:00:68:95:3d:9a:f6:b7:f2:d0:26:f5:
7f:3d:e3:8d:b6:01:6a:63:cb:33:ac:7d:72:12:58:
8b:bb:01:05:76:09:ef:d5:db:11:a3:01:3c:28:62:
64:0d:da:6c:a7:18:ee:f1:69:75:a1:30:02:87:f6:
43:56:09:f7:00:05:85:50:67:ff:81:59:06:b7:16:
eb:c4:4c:d4:13:64:f6:5b:b4:20:fb:5c:ba:ab:ac:
46:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FF:A5:8C:52:19:C3:10:C7:AA:D5:E8:79:94:E5:03:72:C5:9C:C4
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qP-ljFIZwxDHqtXoeZTlA3LFnMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c3::/32
Signature Algorithm: sha256WithRSAEncryption
51:6f:4b:21:7a:91:29:e1:6d:96:e3:29:9a:46:39:14:dc:82:
7d:cc:1a:70:5b:b4:a7:02:a6:56:82:17:b0:19:0c:ac:dc:69:
7f:08:1f:32:44:7a:10:de:1e:db:9a:41:36:e5:4f:2f:90:88:
0f:f9:9e:a1:19:7a:27:48:9b:f0:56:e5:2f:dc:06:94:b9:c6:
54:d1:c4:53:7d:ad:f2:fd:6e:6d:46:ac:c9:81:b5:b3:49:06:
35:37:9c:32:99:1d:e1:50:da:2d:1b:7d:9c:4e:ce:52:87:ef:
d0:d3:9e:50:8a:f3:0c:4f:b8:d2:09:02:72:89:b6:0c:30:a6:
bf:7e:cd:9a:9b:78:f3:84:45:5b:2b:72:a0:ae:e8:ed:ce:17:
b8:e4:88:73:bd:24:41:24:92:56:3f:ec:d8:06:c1:21:25:b7:
f3:fa:cd:5a:30:23:13:26:80:8e:7e:37:bf:ab:e8:e5:2f:76:
63:99:9e:a7:7c:11:da:75:29:41:df:33:8c:09:8b:df:63:4b:
de:5d:8c:13:1e:aa:8a:10:e2:ad:77:cd:13:58:eb:db:e0:2a:
27:71:ec:91:10:4b:fc:11:aa:9b:90:11:bc:3b:7a:d6:9b:fa:
5d:3a:33:3b:fc:b2:f8:1a:22:7b:39:43:3e:e9:ec:fe:ab:7e:
44:85:ca:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcJIW9bWGVec5YzUDfMX0pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTI1MjAyNzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZmYTU4YzUyMTljMzEwYzdhYWQ1ZTg3OTk0ZTUwMzcyYzU5Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyfjZaf9v2Wk2Z+xuXy5aEWCMc6J
1YsVoQjv2UpfhIHOlZ5L0KV3fuolFbAyJwg3Aw039GdQz359wRTlFG8hEKFMFYQf
1TrT+LTOblnSNdNBU/bZMmAV8iU38t1rWweq1wRcCaJT0e+fBweZ9oyEhvlo+jXT
rEoIlVPSCCZjJPkD3TWt1TRjh5B6j2ZaqQXPGATVRGThE3qYmsQ61V8+1mMKvVO/
suzVAGiVPZr2t/LQJvV/PeONtgFqY8szrH1yEliLuwEFdgnv1dsRowE8KGJkDdps
pxju8Wl1oTACh/ZDVgn3AAWFUGf/gVkGtxbrxEzUE2T2W7Qg+1y6q6xGWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKj/pYxSGcMQx6rV6HmU5QNyxZzEMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvcVAtbGpGSVp3eERIcXRYb2VaVGxBM0xGbk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgukwzAN
BgkqhkiG9w0BAQsFAAOCAQEAUW9LIXqRKeFtluMpmkY5FNyCfcwacFu0pwKmVoIX
sBkMrNxpfwgfMkR6EN4e25pBNuVPL5CID/meoRl6J0ib8FblL9wGlLnGVNHEU32t
8v1ubUasyYG1s0kGNTecMpkd4VDaLRt9nE7OUofv0NOeUIrzDE+40gkCcom2DDCm
v37Nmpt484RFWytyoK7o7c4XuOSIc70kQSSSVj/s2AbBISW38/rNWjAjEyaAjn43
v6vo5S92Y5mep3wR2nUpQd8zjAmL32NL3l2MEx6qihDirXfNE1jr2+AqJ3HskRBL
/BGqm5ARvDt61pv6XTozO/yy+BoiezlDPuns/qt+RIXKnw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:53:44 2025 by rpki-client