Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IuuuDW7Zw8Rc8DiWamkXHoqcwQc.roa
File: IuuuDW7Zw8Rc8DiWamkXHoqcwQc.roa (raw, json)
Hash identifier: WmnpLoU/2BbW0CpkvDu+CkkeDaM2H7zs1FVFlzgXVJg=
Subject key identifier: 22:EB:AE:0D:6E:D9:C3:C4:5C:F0:38:96:6A:69:17:1E:8A:9C:C1:07
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019928A5D2972E2930B5F716712587644994
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IuuuDW7Zw8Rc8DiWamkXHoqcwQc.roa
Signing time: Mon 08 Sep 2025 09:26:20 +0000
ROA not before: Mon 08 Sep 2025 09:26:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41095
IP address blocks: 2a06:1180:10::/48 maxlen: 48
2a06:35c4:100::/48 maxlen: 48
2a06:dfc0::/29 maxlen: 32
2a07:bb40::/29 maxlen: 32
2a09:17c0:b19a::/48 maxlen: 48
2a0a:2d00:10::/48 maxlen: 48
2a0a:2d00:20::/48 maxlen: 48
2a0c:7881:100::/48 maxlen: 48
2a0e:15c0:6::/48 maxlen: 48
2a0e:1a83:1::/48 maxlen: 48
2a0e:f600:2::/48 maxlen: 48
2a0f:1200:11::/48 maxlen: 48
2a0f:1200:100::/48 maxlen: 48
2a0f:1581:10::/48 maxlen: 48
2a0f:2d82:100::/48 maxlen: 48
2a0f:31c3:100::/48 maxlen: 48
2a0f:3d80:2::/48 maxlen: 48
2a0f:7d00:10::/48 maxlen: 48
2a0f:dd40::/29 maxlen: 32
2a0f:df46:100::/48 maxlen: 48
2a0f:e1c0:acab::/48 maxlen: 48
2a0f:e202:fc06::/48 maxlen: 48
2a0f:e6c2:100::/48 maxlen: 48
2a0f:e7c4:22::/48 maxlen: 48
2a0f:e842:100::/48 maxlen: 48
2a0f:ea00::/29 maxlen: 32
2a0f:ea43:10::/48 maxlen: 48
2a10:30c0::/29 maxlen: 32
2a10:6400::/29 maxlen: 32
2a10:67c2:1::/48 maxlen: 48
2a12:ac43:acab::/48 maxlen: 48
2a12:ecc4:2213::/48 maxlen: 48
2a13:18c0:100::/48 maxlen: 48
2a13:18c6:99::/48 maxlen: 48
2a13:8c86:140::/48 maxlen: 48
2a13:9282:100::/48 maxlen: 48
2a13:9d00::/29 maxlen: 32
2a13:c500::/29 maxlen: 32
2a13:c900:44::/48 maxlen: 48
2a13:c900:55::/48 maxlen: 48
2a13:e102:10::/48 maxlen: 48
2a13:fd00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:28:a5:d2:97:2e:29:30:b5:f7:16:71:25:87:64:49:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 8 09:26:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22ebae0d6ed9c3c45cf038966a69171e8a9cc107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fe:14:81:aa:ae:8a:08:d6:02:9b:11:3e:95:
d0:ee:af:56:34:a7:b0:45:1d:6f:40:c2:47:1e:50:
54:18:85:68:82:17:a5:3f:42:78:58:b4:78:02:ac:
50:c3:72:be:57:44:0e:7a:c7:22:19:77:95:07:97:
64:96:2b:1c:77:58:26:e2:9c:60:43:63:c6:83:7e:
eb:96:0c:13:38:ad:05:b6:c3:b2:38:69:12:e9:f3:
4d:d6:e6:62:8e:3e:c7:0b:47:aa:03:db:1a:38:77:
01:c8:41:5f:b4:5d:c9:7a:ca:48:78:b9:1f:c0:21:
49:5e:bc:5b:6c:7f:5c:c9:cb:bd:06:b9:8a:66:e1:
b8:7d:00:97:f1:06:1e:d4:0c:47:12:77:64:c7:e4:
ca:f2:83:83:51:98:e2:9d:fd:f3:32:51:d6:aa:72:
2a:b4:81:f6:d5:74:a7:63:12:de:33:49:5d:22:f9:
f3:97:05:b2:89:15:57:8a:43:3e:57:6d:3a:d5:23:
25:a5:82:ec:2d:61:fa:e5:59:de:e2:da:71:e9:40:
89:42:99:cf:b2:d3:62:74:41:20:59:65:5d:b1:c3:
8b:86:0b:6d:6a:73:47:f5:2a:ed:13:9b:16:80:1c:
1d:3d:84:3f:7c:2b:49:66:46:bd:d1:8d:23:e6:50:
3e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EB:AE:0D:6E:D9:C3:C4:5C:F0:38:96:6A:69:17:1E:8A:9C:C1:07
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IuuuDW7Zw8Rc8DiWamkXHoqcwQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1180:10::/48
2a06:35c4:100::/48
2a06:dfc0::/29
2a07:bb40::/29
2a09:17c0:b19a::/48
2a0a:2d00:10::/48
2a0a:2d00:20::/48
2a0c:7881:100::/48
2a0e:15c0:6::/48
2a0e:1a83:1::/48
2a0e:f600:2::/48
2a0f:1200:11::/48
2a0f:1200:100::/48
2a0f:1581:10::/48
2a0f:2d82:100::/48
2a0f:31c3:100::/48
2a0f:3d80:2::/48
2a0f:7d00:10::/48
2a0f:dd40::/29
2a0f:df46:100::/48
2a0f:e1c0:acab::/48
2a0f:e202:fc06::/48
2a0f:e6c2:100::/48
2a0f:e7c4:22::/48
2a0f:e842:100::/48
2a0f:ea00::/29
2a0f:ea43:10::/48
2a10:30c0::/29
2a10:6400::/29
2a10:67c2:1::/48
2a12:ac43:acab::/48
2a12:ecc4:2213::/48
2a13:18c0:100::/48
2a13:18c6:99::/48
2a13:8c86:140::/48
2a13:9282:100::/48
2a13:9d00::/29
2a13:c500::/29
2a13:c900:44::/48
2a13:c900:55::/48
2a13:e102:10::/48
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
2d:6e:ea:28:c3:9f:f6:2d:25:25:0d:6b:60:4b:b2:db:4c:b5:
01:82:cb:2e:3e:16:f5:df:b6:89:b3:d6:31:ba:ea:f3:70:12:
7e:22:7b:fd:90:a5:bb:9e:5d:2d:92:ff:2a:65:61:01:1e:56:
a9:b6:2a:b6:da:f2:40:14:ad:29:a8:d6:2d:e8:63:18:f9:e1:
ac:bf:35:1f:41:6f:b3:87:ff:39:c7:f6:a6:e5:e7:7f:65:ff:
f0:15:7b:10:3e:a1:40:dc:bf:4e:84:36:f5:2f:66:a1:89:70:
fa:a3:74:48:69:9d:fa:a0:dd:15:2c:0e:85:90:ac:3a:49:1f:
c8:85:e2:ed:e3:9f:9c:f9:e5:3d:4a:74:15:61:72:b3:36:bc:
15:3f:34:08:ba:d0:74:86:98:c3:cc:50:06:72:4c:e7:c6:fb:
8f:bc:36:43:4d:09:3f:b2:8b:bb:64:71:cc:06:d3:24:cd:95:
a2:22:17:cb:46:1e:51:8f:e5:98:e3:db:d3:e6:0a:57:cf:06:
9a:72:4e:a9:87:3a:07:05:d9:9c:0a:b8:9b:3a:56:5e:85:9c:
57:e8:27:af:01:4c:a8:e5:ea:2f:a2:64:38:27:3b:aa:81:d7:
56:68:3c:15:c7:a8:45:1a:7f:07:bc:4a:82:d4:f8:8e:94:65:
46:e9:39:d2
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgISAZkopdKXLikwtfcWcSWHZEmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTA4MDkyNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmViYWUwZDZlZDljM2M0NWNmMDM4OTY2YTY5MTcxZThhOWNjMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof4UgaquigjWApsRPpXQ7q9WNKew
RR1vQMJHHlBUGIVoghelP0J4WLR4AqxQw3K+V0QOesciGXeVB5dkliscd1gm4pxg
Q2PGg37rlgwTOK0FtsOyOGkS6fNN1uZijj7HC0eqA9saOHcByEFftF3JespIeLkf
wCFJXrxbbH9cycu9BrmKZuG4fQCX8QYe1AxHEndkx+TK8oODUZjinf3zMlHWqnIq
tIH21XSnYxLeM0ldIvnzlwWyiRVXikM+V2061SMlpYLsLWH65Vne4tpx6UCJQpnP
stNidEEgWWVdscOLhgttanNH9SrtE5sWgBwdPYQ/fCtJZka90Y0j5lA+UwIDAQAB
o4IDdTCCA3EwHQYDVR0OBBYEFCLrrg1u2cPEXPA4lmppFx6KnMEHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSXV1dURXN1p3OFJjOERpV2Fta1hIb3Fjd1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiQYIKwYBBQUHAQcBAf8EggF4MIIBdDCCAXAEAgACMIIB
aAMHACoGEYAAEAMHACoGNcQBAAMFAyoG38ADBQMqB7tAAwcAKgkXwLGaAwcAKgot
AAAQAwcAKgotAAAgAwcAKgx4gQEAAwcAKg4VwAAGAwcAKg4agwABAwcAKg72AAAC
AwcAKg8SAAARAwcAKg8SAAEAAwcAKg8VgQAQAwcAKg8tggEAAwcAKg8xwwEAAwcA
Kg89gAACAwcAKg99AAAQAwUDKg/dQAMHACoP30YBAAMHACoP4cCsqwMHACoP4gL8
BgMHACoP5sIBAAMHACoP58QAIgMHACoP6EIBAAMFAyoP6gADBwAqD+pDABADBQMq
EDDAAwUDKhBkAAMHACoQZ8IAAQMHACoSrEOsqwMHACoS7MQiEwMHACoTGMABAAMH
ACoTGMYAmQMHACoTjIYBQAMHACoTkoIBAAMFAyoTnQADBQMqE8UAAwcAKhPJAABE
AwcAKhPJAABVAwcAKhPhAgAQAwUDKhP9ADANBgkqhkiG9w0BAQsFAAOCAQEALW7q
KMOf9i0lJQ1rYEuy20y1AYLLLj4W9d+2ibPWMbrq83ASfiJ7/ZClu55dLZL/KmVh
AR5WqbYqttryQBStKajWLehjGPnhrL81H0Fvs4f/Ocf2puXnf2X/8BV7ED6hQNy/
ToQ29S9moYlw+qN0SGmd+qDdFSwOhZCsOkkfyIXi7eOfnPnlPUp0FWFysza8FT80
CLrQdIaYw8xQBnJM58b7j7w2Q00JP7KLu2RxzAbTJM2VoiIXy0YeUY/lmOPb0+YK
V88GmnJOqYc6BwXZnAq4mzpWXoWcV+gnrwFMqOXqL6JkOCc7qoHXVmg8FceoRRp/
B7xKgtT4jpRlRuk50g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:10:10 2025 by rpki-client