Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLqP_Z8JyCuBqZvcIDowtOydmws.roa
File: aLqP_Z8JyCuBqZvcIDowtOydmws.roa (raw, json)
Hash identifier: 729DaA6A6DUylCAA85kXYhtVih2EvHC7Z6svMQRJyGg=
Subject key identifier: 68:BA:8F:FD:9F:09:C8:2B:81:A9:9B:DC:20:3A:30:B4:EC:9D:9B:0B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196D0170101E7E8B40E9B2C73192B864CAF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLqP_Z8JyCuBqZvcIDowtOydmws.roa
Signing time: Wed 14 May 2025 18:38:10 +0000
ROA not before: Wed 14 May 2025 18:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:1a80:1::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0e:f200::/48 maxlen: 48
2a0f:1203::/32 maxlen: 32
2a0f:1580::/32 maxlen: 32
2a0f:1e80:d9a8::/48 maxlen: 48
2a0f:3043::/32 maxlen: 32
2a0f:31c2::/32 maxlen: 32
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d06:102::/48 maxlen: 48
2a0f:e847:acab::/48 maxlen: 48
2a10:67c2:3::/48 maxlen: 48
2a12:ac43:1::/48 maxlen: 48
2a13:18c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:17:01:01:e7:e8:b4:0e:9b:2c:73:19:2b:86:4c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 14 18:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68ba8ffd9f09c82b81a99bdc203a30b4ec9d9b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:af:3b:54:2c:8c:1c:f5:7d:dd:b4:39:88:e4:
95:bf:89:39:94:28:99:e2:2a:44:1e:16:e6:50:7f:
bf:82:1f:e0:29:dd:00:ca:86:af:1b:b6:a6:57:53:
97:eb:f5:96:cb:00:5f:f0:fc:60:f2:6d:60:6e:b2:
89:6d:06:e2:95:06:45:51:13:9b:5d:e2:a5:e7:87:
13:22:44:98:08:fb:61:10:16:57:18:2a:8a:d2:93:
85:be:b3:f4:d6:b5:40:c3:f7:de:d5:a6:51:1a:0f:
a5:14:2f:5f:6f:af:86:9a:fa:03:8d:97:f8:00:7d:
b3:93:83:45:1d:0a:e6:1f:6a:ac:0e:ee:03:86:f9:
c2:df:42:df:0d:69:e9:05:2d:57:a4:d5:0c:30:77:
43:b1:93:37:32:52:b8:09:e4:f7:4b:0b:11:b9:bc:
09:02:89:4a:e7:84:47:e3:84:15:50:96:a7:b9:42:
a1:f7:ef:3a:2e:41:5b:77:d9:f8:a7:cc:53:da:1e:
db:8b:d7:e1:75:55:f3:bd:4d:0b:66:5a:58:31:bd:
1e:5f:8a:0e:f1:fd:6f:fc:cd:24:c8:00:b7:16:ae:
89:4a:da:ee:b6:75:1a:fb:f3:f9:75:60:16:32:2c:
31:e9:bd:a8:64:86:2a:4d:1c:8f:1d:f5:2e:94:54:
36:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BA:8F:FD:9F:09:C8:2B:81:A9:9B:DC:20:3A:30:B4:EC:9D:9B:0B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLqP_Z8JyCuBqZvcIDowtOydmws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:1a80:1::/48
2a0e:c785:1::/48
2a0e:f200::/48
2a0f:1203::/32
2a0f:1580::/32
2a0f:1e80:d9a8::/48
2a0f:3043::/32
2a0f:31c2::/32
2a0f:3d80:bac::/48
2a0f:7d06:102::/48
2a0f:e847:acab::/48
2a10:67c2:3::/48
2a12:ac43:1::/48
2a13:18c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
7c:d2:55:cf:0e:76:8a:4f:df:eb:73:1d:4d:04:cc:a4:df:97:
86:bd:15:e3:d9:40:9e:2a:c1:1d:42:72:0f:6b:d0:e6:28:33:
93:99:8c:e2:96:df:d1:f1:35:d5:a2:8c:5d:c5:12:71:99:f8:
8c:7e:94:9b:a7:4e:ff:89:93:f2:85:1b:66:92:34:4d:c5:79:
3f:15:2e:df:7a:ce:2d:ef:3e:aa:b7:fb:de:99:3f:5e:1f:38:
2d:ef:11:af:84:ba:ce:65:2d:57:ae:d9:fd:7c:34:95:84:ad:
4f:97:58:98:c4:b1:4c:af:8a:a6:d8:59:bc:5a:ec:31:47:c9:
82:c5:d8:6c:e5:fb:c8:7f:c4:eb:6e:e7:cb:b4:2c:60:05:07:
c6:0c:94:3a:15:25:a1:eb:b9:1c:9d:7f:ad:c6:d0:99:44:45:
5c:95:1b:16:a8:15:ef:8c:da:2a:a2:a9:e3:8a:e1:94:ba:8b:
34:cb:58:cd:2d:31:cf:63:19:b3:09:0b:a7:30:84:42:ad:30:
c6:20:04:ed:e9:67:d8:cd:cd:e5:46:24:26:4b:d0:4d:29:9a:
f6:33:0f:74:26:c9:ee:a8:50:f3:fd:b4:23:54:65:88:1f:5a:
49:59:c7:b6:15:46:82:0a:36:12:2c:d8:db:2c:2b:51:36:8c:
57:61:9a:e0
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZbQFwEB5+i0DpsscxkrhkyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTE0MTgzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJhOGZmZDlmMDljODJiODFhOTliZGMyMDNhMzBiNGVjOWQ5YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9q87VCyMHPV93bQ5iOSVv4k5lCiZ
4ipEHhbmUH+/gh/gKd0AyoavG7amV1OX6/WWywBf8Pxg8m1gbrKJbQbilQZFUROb
XeKl54cTIkSYCPthEBZXGCqK0pOFvrP01rVAw/fe1aZRGg+lFC9fb6+GmvoDjZf4
AH2zk4NFHQrmH2qsDu4DhvnC30LfDWnpBS1XpNUMMHdDsZM3MlK4CeT3SwsRubwJ
AolK54RH44QVUJanuUKh9+86LkFbd9n4p8xT2h7bi9fhdVXzvU0LZlpYMb0eX4oO
8f1v/M0kyAC3Fq6JStrutnUa+/P5dWAWMiwx6b2oZIYqTRyPHfUulFQ2zwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGi6j/2fCcgrgamb3CA6MLTsnZsLMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYUxxUF9aOEp5Q3VCcVp2Y0lEb3d0T3lkbXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQCAAIwfQMFACoM
eIQDBwAqDhqAAAEDBwAqDseFAAEDBwAqDvIAAAADBQAqDxIDAwUAKg8VgAMHACoP
HoDZqAMFACoPMEMDBQAqDzHCAwcAKg89gAusAwcAKg99BgECAwcAKg/oR6yrAwcA
KhBnwgADAwcAKhKsQwABAwcAKhMYwAACMA0GCSqGSIb3DQEBCwUAA4IBAQB80lXP
DnaKT9/rcx1NBMyk35eGvRXj2UCeKsEdQnIPa9DmKDOTmYzilt/R8TXVooxdxRJx
mfiMfpSbp07/iZPyhRtmkjRNxXk/FS7fes4t7z6qt/vemT9eHzgt7xGvhLrOZS1X
rtn9fDSVhK1Pl1iYxLFMr4qm2Fm8WuwxR8mCxdhs5fvIf8TrbufLtCxgBQfGDJQ6
FSWh67kcnX+txtCZREVclRsWqBXvjNoqoqnjiuGUuos0y1jNLTHPYxmzCQunMIRC
rTDGIATt6WfYzc3lRiQmS9BNKZr2Mw90JsnuqFDz/bQjVGWIH1pJWce2FUaCCjYS
LNjbLCtRNoxXYZrg
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:54:45 2025 by rpki-client