Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GIab6rFJHIYHT2SbEg2tiM1zOXo.roa
File: GIab6rFJHIYHT2SbEg2tiM1zOXo.roa (raw, json)
Hash identifier: /7PU/PdXLFQRHkGoWvJ2FmeFSZynndibqPEgu1BCMKs=
Subject key identifier: 18:86:9B:EA:B1:49:1C:86:07:4F:64:9B:12:0D:AD:88:CD:73:39:7A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01970BED5E2EBFF2227E69C2DEA424917845
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GIab6rFJHIYHT2SbEg2tiM1zOXo.roa
Signing time: Mon 26 May 2025 09:29:54 +0000
ROA not before: Mon 26 May 2025 09:29:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197992
IP address blocks: 2a06:5280::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
2a0d:a9c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a10:3040::/29 maxlen: 29
2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:90c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
2a13:2f40::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a13:9100::/29 maxlen: 29
2a13:9480::/29 maxlen: 29
2a13:9b00::/29 maxlen: 29
2a13:9d00::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:ed:5e:2e:bf:f2:22:7e:69:c2:de:a4:24:91:78:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 26 09:29:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18869beab1491c86074f649b120dad88cd73397a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:1d:18:af:d8:73:23:e2:95:32:a8:84:59:
16:59:87:36:a7:34:4f:c9:08:b6:7b:f4:b7:a5:d2:
4a:2a:ba:5d:e1:a5:b3:c4:14:43:e8:69:2b:e8:67:
f3:fb:76:43:4c:80:cc:67:d0:4c:05:5d:39:44:c0:
60:d5:b9:bd:99:61:e5:73:21:61:63:1c:30:51:71:
df:e6:cf:54:c2:70:63:21:86:8f:a3:47:b7:6c:69:
9a:a5:a3:68:dc:93:76:2c:4c:cf:57:21:6f:8f:f6:
9f:fc:de:20:ed:ef:98:78:76:14:22:89:4c:73:b8:
ed:19:b5:57:20:b9:62:0f:5c:44:eb:9f:ec:fc:31:
7d:4d:d6:f2:15:ea:bc:7b:ba:cc:ad:15:3b:a8:f5:
70:df:ca:c3:bc:d0:47:eb:37:46:3d:81:1e:0d:b8:
7b:5d:ec:cb:99:e3:a9:c7:23:d1:1d:15:74:3a:d6:
16:4e:da:86:ad:26:1d:76:1e:01:d7:54:22:21:b5:
e5:10:a6:2f:f5:b1:b6:0b:9e:08:d4:5f:12:b0:d0:
62:a6:5b:2c:fe:bb:a0:67:f6:a3:28:d8:06:4b:ad:
78:da:70:5c:2e:27:20:fa:1d:c3:7a:32:62:6c:45:
43:76:a7:26:1d:2c:f6:e3:f6:10:dc:ca:2b:ee:37:
73:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:86:9B:EA:B1:49:1C:86:07:4F:64:9B:12:0D:AD:88:CD:73:39:7A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GIab6rFJHIYHT2SbEg2tiM1zOXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a07:95c0::/29
2a0d:1140::/29
2a0d:a9c0::/29
2a0f:16c0::/29
2a0f:1a40::/29
2a0f:27c0::/29
2a0f:2e40::/29
2a0f:3640::/29
2a0f:3740::/29
2a0f:7280::/29
2a0f:9600::/29
2a0f:ec00::/29
2a10:3040::/29
2a10:3640::/29
2a10:6300::/29
2a10:6900::/29
2a11:1880::/29
2a11:3f80::/29
2a11:90c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b740::/29
2a11:f040::/29
2a12:cd00::/29
2a13:2f40::/29
2a13:4f00::/29
2a13:9100::/29
2a13:9480::/29
2a13:9b00::/29
2a13:9d00::/29
2a13:c700::/29
Signature Algorithm: sha256WithRSAEncryption
96:70:1d:3e:db:30:72:0b:d3:28:23:a4:f2:75:5d:f3:7c:77:
31:68:e7:05:5f:51:20:33:87:b2:be:2f:30:aa:e7:ec:a0:b8:
d6:25:0f:26:b9:64:d5:a6:a1:7a:ab:0d:e5:8f:bb:f0:5b:7b:
35:42:36:0a:7b:31:be:f4:70:9f:ea:fe:57:23:aa:cb:7e:0c:
92:f8:78:3d:6d:18:41:d1:1d:18:17:82:e0:b5:f6:1b:78:b0:
d7:a4:74:a1:09:40:7e:be:14:16:d8:45:bf:c5:46:f9:8f:75:
ec:56:73:fd:f2:58:2f:12:a8:97:85:2c:c1:8c:cb:f9:1d:19:
09:8a:77:35:ad:9a:4a:fc:51:d2:b1:7c:f7:d6:97:8c:45:66:
40:c3:d4:dd:8e:ef:63:84:58:65:cd:7f:c2:07:cb:54:13:12:
dc:2b:f2:e0:70:7c:3d:84:ac:82:e5:c7:e4:40:d6:79:22:de:
23:b2:4d:e2:8e:e5:89:dc:ba:25:fd:85:0d:aa:45:f3:69:bc:
a8:95:21:03:d6:ed:da:93:22:02:03:c7:aa:4c:a4:6b:9b:eb:
58:95:2f:77:8e:63:ac:fa:95:88:13:46:9c:fd:42:53:c4:33:
a2:91:52:3a:4c:16:8c:a3:ce:44:b9:7c:22:a9:39:0a:8c:54:
47:67:8e:9b
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZcL7V4uv/IifmnC3qQkkXhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI2MDkyOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg2OWJlYWIxNDkxYzg2MDc0ZjY0OWIxMjBkYWQ4OGNkNzMzOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOkdGK/YcyPilTKohFkWWYc2pzRP
yQi2e/S3pdJKKrpd4aWzxBRD6Gkr6Gfz+3ZDTIDMZ9BMBV05RMBg1bm9mWHlcyFh
YxwwUXHf5s9UwnBjIYaPo0e3bGmapaNo3JN2LEzPVyFvj/af/N4g7e+YeHYUIolM
c7jtGbVXILliD1xE65/s/DF9TdbyFeq8e7rMrRU7qPVw38rDvNBH6zdGPYEeDbh7
XezLmeOpxyPRHRV0OtYWTtqGrSYddh4B11QiIbXlEKYv9bG2C54I1F8SsNBiplss
/rugZ/ajKNgGS6142nBcLicg+h3DejJibEVDdqcmHSz24/YQ3Mor7jdzowIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFBiGm+qxSRyGB09kmxINrYjNczl6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR0lhYjZyRkpISVlIVDJTYkVnMnRpTTF6T1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAIwgeADBQMq
BlKAAwUDKgeVwAMFAyoNEUADBQMqDanAAwUDKg8WwAMFAyoPGkADBQMqDyfAAwUD
Kg8uQAMFAyoPNkADBQMqDzdAAwUDKg9ygAMFAyoPlgADBQMqD+wAAwUDKhAwQAMF
AyoQNkADBQMqEGMAAwUDKhBpAAMFAyoRGIADBQMqET+AAwUDKhGQwAMFAyoRk0AD
BQMqEZ4AAwUDKhG3QAMFAyoR8EADBQMqEs0AAwUDKhMvQAMFAyoTTwADBQMqE5EA
AwUDKhOUgAMFAyoTmwADBQMqE50AAwUDKhPHADANBgkqhkiG9w0BAQsFAAOCAQEA
lnAdPtswcgvTKCOk8nVd83x3MWjnBV9RIDOHsr4vMKrn7KC41iUPJrlk1aaheqsN
5Y+78Ft7NUI2CnsxvvRwn+r+VyOqy34Mkvh4PW0YQdEdGBeC4LX2G3iw16R0oQlA
fr4UFthFv8VG+Y917FZz/fJYLxKol4UswYzL+R0ZCYp3Na2aSvxR0rF899aXjEVm
QMPU3Y7vY4RYZc1/wgfLVBMS3Cvy4HB8PYSsguXH5EDWeSLeI7JN4o7lidy6Jf2F
DapF82m8qJUhA9bt2pMiAgPHqkyka5vrWJUvd45jrPqViBNGnP1CU8QzopFSOkwW
jKPORLl8Iqk5CoxUR2eOmw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:00:26 2025 by rpki-client