Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qQyWOsCfO5XQIxMOhzhAric-4y4.roa
File: qQyWOsCfO5XQIxMOhzhAric-4y4.roa (raw, json)
Hash identifier: +HbYARkZjy43U+xEfP2iKW/X3ErRgRdImbL3eZxiTJU=
Subject key identifier: A9:0C:96:3A:C0:9F:3B:95:D0:23:13:0E:87:38:40:AE:27:3E:E3:2E
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196DB0D1896DD2C28C2415C53158FCC7A5B
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qQyWOsCfO5XQIxMOhzhAric-4y4.roa
Signing time: Fri 16 May 2025 21:43:10 +0000
ROA not before: Fri 16 May 2025 21:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215112
IP address blocks: 2a13:cdc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:db:0d:18:96:dd:2c:28:c2:41:5c:53:15:8f:cc:7a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 16 21:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a90c963ac09f3b95d023130e873840ae273ee32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:1d:0c:a9:de:57:a4:f4:fc:6c:f2:d1:28:
ea:fd:b1:4d:d3:86:00:c8:d2:3c:b3:fe:5f:7c:12:
a2:75:c1:7a:98:c3:5f:e9:6d:52:d8:18:1f:f9:ea:
53:55:24:f5:df:e6:5a:78:64:ff:03:4a:27:fb:3f:
7f:84:84:82:d6:00:ea:85:b3:f9:5c:ea:14:b5:86:
dd:68:c8:cb:22:fb:aa:7a:63:fb:92:19:32:5e:3e:
01:ed:be:c7:d5:2c:ea:e5:44:f6:7e:5c:0b:88:6b:
bf:bd:b8:eb:43:d3:1d:49:32:93:d4:86:de:d8:0d:
ee:d3:cb:34:b3:55:31:5d:3f:f7:7d:75:7d:54:41:
dc:4a:d6:a2:81:5b:01:16:ec:dd:10:4d:4f:30:b1:
86:7c:90:8c:34:a9:71:59:f3:5b:9b:d5:ef:7f:54:
ac:51:31:a9:14:24:49:ba:94:7b:7d:b9:58:88:13:
bb:40:d6:9e:d2:39:1e:cc:e6:fd:a4:f2:c7:97:3f:
11:a2:6b:87:f3:0c:40:57:4c:e5:8d:5c:29:8d:a5:
84:2f:5a:24:03:53:16:c5:f8:94:72:ce:13:74:ca:
aa:a4:ed:e0:95:71:72:21:9f:97:6c:2c:f1:4d:d1:
6f:22:ba:f6:25:e2:5a:6b:e0:5c:e9:2f:fc:53:53:
f1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0C:96:3A:C0:9F:3B:95:D0:23:13:0E:87:38:40:AE:27:3E:E3:2E
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/qQyWOsCfO5XQIxMOhzhAric-4y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:ea:4a:cb:96:f7:6c:df:3b:b2:f0:8e:6e:cc:55:6d:3d:d1:
b1:d8:6a:12:0a:c7:a1:3c:2a:cb:fd:dc:b0:43:dc:2d:65:b4:
52:e3:a2:18:c1:6c:89:48:20:4f:8f:e5:bd:cb:35:83:c9:b9:
4c:ab:ff:10:c1:9a:74:d0:2a:37:a0:63:c7:e3:72:e8:f2:3d:
1e:0a:a9:70:7c:25:99:4a:ad:91:84:96:42:bb:ce:99:63:95:
4c:c4:73:35:4a:9d:cd:70:83:66:64:8f:ab:cc:b5:33:b8:2c:
73:b7:8b:9c:ff:3f:f6:98:2a:ed:40:04:bb:92:69:60:7a:d8:
aa:5a:90:ae:35:db:34:79:f5:8f:94:ef:1d:f2:d0:21:5b:87:
f7:b8:20:81:84:aa:da:65:76:8a:e3:3d:5b:a1:d8:31:2d:c4:
d2:ff:ac:0c:7b:34:73:fb:57:f0:f7:66:7c:a8:03:85:cc:3e:
ce:13:21:29:b4:b5:4a:e2:b9:23:e1:61:a5:d2:b9:90:8e:7b:
33:5d:34:da:09:b8:df:30:b5:84:84:10:1b:d7:cf:16:24:b2:
c1:31:dd:d1:19:7f:ff:6d:6b:66:ee:09:73:df:99:20:97:8a:
a2:ac:58:15:db:5c:57:22:66:80:60:16:ab:99:f2:ee:af:78:
3d:55:92:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbbDRiW3SwowkFcUxWPzHpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTE2MjE0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBjOTYzYWMwOWYzYjk1ZDAyMzEzMGU4NzM4NDBhZTI3M2VlMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveodDKneV6T0/Gzy0Sjq/bFN04YA
yNI8s/5ffBKidcF6mMNf6W1S2Bgf+epTVST13+ZaeGT/A0on+z9/hISC1gDqhbP5
XOoUtYbdaMjLIvuqemP7khkyXj4B7b7H1Szq5UT2flwLiGu/vbjrQ9MdSTKT1Ibe
2A3u08s0s1UxXT/3fXV9VEHcStaigVsBFuzdEE1PMLGGfJCMNKlxWfNbm9Xvf1Ss
UTGpFCRJupR7fblYiBO7QNae0jkezOb9pPLHlz8RomuH8wxAV0zljVwpjaWEL1ok
A1MWxfiUcs4TdMqqpO3glXFyIZ+XbCzxTdFvIrr2JeJaa+Bc6S/8U1PxPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKkMljrAnzuV0CMTDoc4QK4nPuMuMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvcVF5V09zQ2ZPNVhRSXhNT2h6aEFyaWMtNHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPNwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPepKy5b3bN87svCObsxVbT3RsdhqEgrHoTwqy/3c
sEPcLWW0UuOiGMFsiUggT4/lvcs1g8m5TKv/EMGadNAqN6Bjx+Ny6PI9HgqpcHwl
mUqtkYSWQrvOmWOVTMRzNUqdzXCDZmSPq8y1M7gsc7eLnP8/9pgq7UAEu5JpYHrY
qlqQrjXbNHn1j5TvHfLQIVuH97gggYSq2mV2iuM9W6HYMS3E0v+sDHs0c/tX8Pdm
fKgDhcw+zhMhKbS1SuK5I+FhpdK5kI57M1002gm43zC1hIQQG9fPFiSywTHd0Rl/
/21rZu4Jc9+ZIJeKoqxYFdtcVyJmgGAWq5ny7q94PVWS3w==
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:50:26 2025 by rpki-client