Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/xA_i4dsUn_maKHKNBvryWatyEvo.roa
File: xA_i4dsUn_maKHKNBvryWatyEvo.roa (raw, json)
Hash identifier: D4Hdjka8C7gSAYoyFKgIR24gk3ePGXnXc2N/2B0MDNM=
Subject key identifier: C4:0F:E2:E1:DB:14:9F:F9:9A:28:72:8D:06:FA:F2:59:AB:72:12:FA
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01973F91EF4CAF809C046F399E08B3D51BAD
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/xA_i4dsUn_maKHKNBvryWatyEvo.roa
Signing time: Thu 05 Jun 2025 10:10:17 +0000
ROA not before: Thu 05 Jun 2025 10:10:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 2a13:5040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:91:ef:4c:af:80:9c:04:6f:39:9e:08:b3:d5:1b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jun 5 10:10:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c40fe2e1db149ff99a28728d06faf259ab7212fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f5:23:9f:db:d5:fd:a2:e4:ca:3a:b0:78:07:
e4:bb:b5:ff:79:37:27:39:4f:34:7d:c7:2d:1a:ab:
69:80:ab:9b:45:63:ad:cd:40:f6:d0:f5:c3:99:4d:
e9:0d:18:b0:f6:e5:3b:2f:94:1e:12:1b:c2:0b:c8:
75:9e:d6:2c:ad:76:f2:8f:f7:dc:e7:35:91:11:13:
01:72:ea:ce:e5:58:35:90:37:b6:95:26:d6:68:a2:
43:85:d7:e9:97:91:a4:5f:08:e6:85:4b:0d:08:64:
fb:66:95:9b:d6:93:6c:b5:16:bd:1d:ac:fe:4a:ca:
1f:a8:16:87:c2:18:ec:bc:46:73:cb:5e:92:7d:4f:
02:bb:78:07:45:95:1e:84:77:2d:a2:ff:74:07:b8:
81:92:62:ab:d7:60:a6:84:19:69:e4:08:78:21:32:
e6:58:e5:00:cb:03:3c:51:de:a3:50:ff:66:9d:57:
6d:81:a9:cc:63:ad:b5:2c:b3:cf:5f:c9:64:ce:fe:
74:89:f7:60:fd:94:dd:1e:e4:36:3e:e8:26:a2:84:
29:3d:7d:80:8e:3a:4d:ce:49:76:f3:9d:78:3f:a9:
00:f7:da:9e:ed:a8:a6:6d:95:6e:c5:04:cd:65:b4:
c5:5a:b3:83:27:27:3d:48:47:24:fd:35:cf:fa:65:
7a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0F:E2:E1:DB:14:9F:F9:9A:28:72:8D:06:FA:F2:59:AB:72:12:FA
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/xA_i4dsUn_maKHKNBvryWatyEvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5040::/29
Signature Algorithm: sha256WithRSAEncryption
ce:85:b3:c2:81:f8:90:35:ea:1c:6f:03:34:00:bd:00:fb:3f:
84:1b:db:58:22:75:20:91:34:d5:d2:26:9a:aa:39:a4:e9:ba:
cc:c9:22:af:dd:34:bb:70:56:92:19:aa:be:11:69:96:e0:96:
73:7d:ee:64:f9:66:f1:f4:33:2b:67:7b:d0:b2:46:9e:55:e1:
b9:84:71:e0:c1:59:ba:1f:02:7e:10:5e:7e:c7:84:c9:b0:78:
73:54:e1:58:80:71:d1:a6:fe:47:09:4b:fd:89:fb:87:12:12:
6e:88:ad:5b:8d:a3:5c:c2:d1:89:62:50:e7:2b:6d:11:7b:cb:
ec:77:a1:11:0a:ac:98:39:fc:3f:da:a9:76:b5:b4:ff:f8:f9:
7a:cd:ca:ea:be:79:76:40:69:cf:fd:63:23:07:23:92:70:32:
dc:a0:c5:63:f0:64:83:22:a4:49:e7:bd:d8:21:8e:a5:72:ad:
08:be:c4:46:94:84:7d:f3:d2:5b:31:de:f7:62:b7:e9:21:46:
07:a0:2e:99:a2:21:e2:3c:25:e2:f2:47:2e:e4:13:0c:ff:e5:
37:0c:e9:c9:44:ec:0d:38:b0:b5:9f:97:2b:57:31:bc:18:c2:
19:94:69:fd:2a:95:5f:24:ac:0f:47:a1:39:c3:cc:33:09:38:
ba:d1:6c:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZc/ke9Mr4CcBG85ngiz1RutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNjA1MTAxMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBmZTJlMWRiMTQ5ZmY5OWEyODcyOGQwNmZhZjI1OWFiNzIxMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvUjn9vV/aLkyjqweAfku7X/eTcn
OU80fcctGqtpgKubRWOtzUD20PXDmU3pDRiw9uU7L5QeEhvCC8h1ntYsrXbyj/fc
5zWRERMBcurO5Vg1kDe2lSbWaKJDhdfpl5GkXwjmhUsNCGT7ZpWb1pNstRa9Haz+
SsofqBaHwhjsvEZzy16SfU8Cu3gHRZUehHctov90B7iBkmKr12CmhBlp5Ah4ITLm
WOUAywM8Ud6jUP9mnVdtganMY621LLPPX8lkzv50ifdg/ZTdHuQ2PugmooQpPX2A
jjpNzkl28514P6kA99qe7aimbZVuxQTNZbTFWrODJyc9SEck/TXP+mV6ZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMQP4uHbFJ/5mihyjQb68lmrchL6MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEveEFfaTRkc1VuX21hS0hLTkJ2cnlXYXR5RXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNQQDAN
BgkqhkiG9w0BAQsFAAOCAQEAzoWzwoH4kDXqHG8DNAC9APs/hBvbWCJ1IJE01dIm
mqo5pOm6zMkir900u3BWkhmqvhFpluCWc33uZPlm8fQzK2d70LJGnlXhuYRx4MFZ
uh8CfhBefseEybB4c1ThWIBx0ab+RwlL/Yn7hxISboitW42jXMLRiWJQ5yttEXvL
7HehEQqsmDn8P9qpdrW0//j5es3K6r55dkBpz/1jIwcjknAy3KDFY/BkgyKkSee9
2CGOpXKtCL7ERpSEffPSWzHe92K36SFGB6AumaIh4jwl4vJHLuQTDP/lNwzpyUTs
DTiwtZ+XK1cxvBjCGZRp/SqVXySsD0ehOcPMMwk4utFsxQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:12:22 2025 by rpki-client