Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1rcsjipl9DWSC3kx0AnWXb4pDsE.roa
File: 1rcsjipl9DWSC3kx0AnWXb4pDsE.roa (raw, json)
Hash identifier: QcQxN7GeVnq9nxeAPOj+zd3xMiW4MUfDGVyGg8BrcWk=
Subject key identifier: D6:B7:2C:8E:2A:65:F4:35:92:0B:79:31:D0:09:D6:5D:BE:29:0E:C1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01974013F0BDA14A4100A9FCA10E3AB87AAE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1rcsjipl9DWSC3kx0AnWXb4pDsE.roa
Signing time: Thu 05 Jun 2025 12:32:17 +0000
ROA not before: Thu 05 Jun 2025 12:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a06:a5c0::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a07:bb40::/29 maxlen: 29
2a09:b700::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0f:e00::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:3240::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a0f:e9c0::/29 maxlen: 29
2a10:30c0::/29 maxlen: 29
2a10:3140::/29 maxlen: 29
2a10:31c0::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3540::/29 maxlen: 29
2a10:36c0::/29 maxlen: 29
2a10:3740::/29 maxlen: 29
2a10:5400::/29 maxlen: 29
2a10:6400::/29 maxlen: 29
2a10:6500::/29 maxlen: 29
2a10:6b00::/29 maxlen: 29
2a10:6d00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
2a10:7500::/29 maxlen: 29
2a10:7900::/29 maxlen: 29
2a10:7b00::/29 maxlen: 29
2a10:7d00::/29 maxlen: 29
2a11:4800::/29 maxlen: 32
2a11:7440::/29 maxlen: 29
2a11:89c0::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:2c80::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5e00::/29 maxlen: 29
2a12:d100::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:2bc0::/29 maxlen: 29
2a13:3080::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:a100::/29 maxlen: 29
2a13:df00::/29 maxlen: 29
2a13:f900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:13:f0:bd:a1:4a:41:00:a9:fc:a1:0e:3a:b8:7a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 5 12:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6b72c8e2a65f435920b7931d009d65dbe290ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:39:5b:72:17:a0:92:97:64:0c:0d:68:f6:1a:
c6:83:e9:33:1a:ff:f4:41:b2:af:0a:69:85:be:60:
65:7c:7d:22:8a:8f:ae:e0:fc:7a:4d:d8:40:03:c4:
26:2c:5d:e3:65:b5:a2:f8:eb:f0:b2:a2:83:38:1c:
23:02:cf:20:d4:88:0b:5e:20:ad:af:2b:3b:38:8a:
f7:c1:2b:d8:f5:61:27:29:b4:69:76:55:17:3e:61:
a1:25:92:f7:cc:e6:12:cd:6f:cc:6b:8f:57:13:e5:
3b:4b:3b:e2:f3:9d:81:1d:61:45:72:46:e1:ef:c9:
0c:5f:3e:3a:f5:e5:6c:e5:0d:9f:e8:dd:35:d5:19:
3b:5c:9c:7c:4b:62:f2:49:e7:b8:cb:56:ee:c8:91:
8c:17:04:19:22:3e:c3:b9:7c:aa:f1:8d:ac:96:cf:
8e:36:95:3b:9d:19:f2:82:e0:68:f8:7a:a1:cf:fc:
1e:68:2a:b0:88:fc:c9:b3:ef:72:48:ea:8e:01:60:
a0:f2:a0:b4:31:f1:c3:69:fb:cc:4d:38:21:2f:b3:
45:7b:5a:25:1d:d4:10:3e:04:50:f4:2a:f6:7f:8e:
9c:d6:17:4a:1a:1a:27:8b:11:45:7f:49:74:f5:2c:
1c:ac:7a:33:8e:f4:df:ca:ff:40:4e:a3:ca:32:4c:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B7:2C:8E:2A:65:F4:35:92:0B:79:31:D0:09:D6:5D:BE:29:0E:C1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1rcsjipl9DWSC3kx0AnWXb4pDsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a5c0::/29
2a06:dfc0::/29
2a07:bb40::/29
2a09:b700::/29
2a0d:8f80::/29
2a0f:e00::/29
2a0f:19c0::/29
2a0f:2300::/29
2a0f:2840::/29
2a0f:2d40::/29
2a0f:3240::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:9e00::/29
2a0f:a200::/29
2a0f:e540::/29
2a0f:e600::/29
2a0f:e9c0::/29
2a10:30c0::/29
2a10:3140::/29
2a10:31c0::/29
2a10:3340::/29
2a10:3540::/29
2a10:36c0::/29
2a10:3740::/29
2a10:5400::/29
2a10:6400::/29
2a10:6500::/29
2a10:6b00::/29
2a10:6d00::/29
2a10:7100::/29
2a10:7300::/29
2a10:7500::/29
2a10:7900::/29
2a10:7b00::/29
2a10:7d00::/29
2a11:4800::/29
2a11:7440::/29
2a11:89c0::/29
2a11:e580::/29
2a12:2c80::/29
2a12:4b00::/29
2a12:5e00::/29
2a12:d100::/29
2a12:d540::/29
2a12:d5c0::/29
2a13:200::/29
2a13:2bc0::/29
2a13:3080::/29
2a13:8f00::/29
2a13:9680::/29
2a13:a100::/29
2a13:df00::/29
2a13:f900::/29
Signature Algorithm: sha256WithRSAEncryption
17:28:b6:a7:5f:42:95:69:28:c2:92:2e:ba:66:c6:c5:03:79:
e2:44:e0:2f:b2:ac:32:e8:9f:2e:2f:3d:bb:17:e8:52:47:b8:
17:53:92:94:03:d5:fd:3e:30:21:47:ff:75:a4:e8:7c:a0:b9:
ca:fe:ab:86:d9:84:76:9e:e7:d7:34:14:e4:cd:3a:22:21:45:
2a:44:af:60:7d:05:02:41:67:b9:7d:f6:e1:80:b6:98:ab:61:
e3:76:d3:5b:9a:2d:19:92:f0:fd:63:17:90:58:00:ef:a9:f1:
44:f6:d8:d9:37:b0:5e:5f:25:3f:cb:d7:34:90:b7:4e:02:78:
55:72:1b:20:65:0d:a5:fa:17:07:05:27:df:47:d3:22:05:08:
d9:83:40:14:05:c7:ab:e7:3e:53:a2:8d:09:9c:24:cb:0b:8f:
7f:5e:20:c1:ca:ce:8f:2e:3f:c9:9a:9a:8d:b8:af:eb:b0:d5:
cf:4b:ec:36:af:69:30:5c:df:f8:d9:c5:ef:c3:82:38:d8:83:
d7:8f:03:bb:1f:74:22:93:2e:a3:13:64:a7:f8:b5:c7:5a:82:
4e:fe:98:f4:68:05:bc:51:8f:d7:6a:76:02:7a:c3:34:22:75:
1b:89:f5:95:71:2b:8f:a6:b5:67:2c:77:1d:b7:94:41:5e:b0:
09:f5:85:a1
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZdAE/C9oUpBAKn8oQ46uHquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjA1MTIzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI3MmM4ZTJhNjVmNDM1OTIwYjc5MzFkMDA5ZDY1ZGJlMjkwZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDlbchegkpdkDA1o9hrGg+kzGv/0
QbKvCmmFvmBlfH0iio+u4Px6TdhAA8QmLF3jZbWi+OvwsqKDOBwjAs8g1IgLXiCt
rys7OIr3wSvY9WEnKbRpdlUXPmGhJZL3zOYSzW/Ma49XE+U7Szvi852BHWFFckbh
78kMXz469eVs5Q2f6N011Rk7XJx8S2LySee4y1buyJGMFwQZIj7DuXyq8Y2sls+O
NpU7nRnyguBo+Hqhz/weaCqwiPzJs+9ySOqOAWCg8qC0MfHDafvMTTghL7NFe1ol
HdQQPgRQ9Cr2f46c1hdKGhonixFFf0l09SwcrHozjvTfyv9ATqPKMkzOKQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFNa3LI4qZfQ1kgt5MdAJ1l2+KQ7BMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMXJjc2ppcGw5RFdTQzNreDBBbldYYjRwRHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgACMIIB
egMFAyoGpcADBQMqBt/AAwUDKge7QAMFAyoJtwADBQMqDY+AAwUDKg8OAAMFAyoP
GcADBQMqDyMAAwUDKg8oQAMFAyoPLUADBQMqDzJAAwUDKg81wAMFAyoPNsADBQMq
D54AAwUDKg+iAAMFAyoP5UADBQMqD+YAAwUDKg/pwAMFAyoQMMADBQMqEDFAAwUD
KhAxwAMFAyoQM0ADBQMqEDVAAwUDKhA2wAMFAyoQN0ADBQMqEFQAAwUDKhBkAAMF
AyoQZQADBQMqEGsAAwUDKhBtAAMFAyoQcQADBQMqEHMAAwUDKhB1AAMFAyoQeQAD
BQMqEHsAAwUDKhB9AAMFAyoRSAADBQMqEXRAAwUDKhGJwAMFAyoR5YADBQMqEiyA
AwUDKhJLAAMFAyoSXgADBQMqEtEAAwUDKhLVQAMFAyoS1cADBQMqEwIAAwUDKhMr
wAMFAyoTMIADBQMqE48AAwUDKhOWgAMFAyoToQADBQMqE98AAwUDKhP5ADANBgkq
hkiG9w0BAQsFAAOCAQEAFyi2p19ClWkowpIuumbGxQN54kTgL7KsMuifLi89uxfo
Uke4F1OSlAPV/T4wIUf/daTofKC5yv6rhtmEdp7n1zQU5M06IiFFKkSvYH0FAkFn
uX324YC2mKth43bTW5otGZLw/WMXkFgA76nxRPbY2TewXl8lP8vXNJC3TgJ4VXIb
IGUNpfoXBwUn30fTIgUI2YNAFAXHq+c+U6KNCZwkywuPf14gwcrOjy4/yZqajbiv
67DVz0vsNq9pMFzf+NnF78OCONiD148Dux90IpMuoxNkp/i1x1qCTv6Y9GgFvFGP
12p2AnrDNCJ1G4n1lXErj6a1Zyx3HbeUQV6wCfWFoQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:34:36 2025 by rpki-client