Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cChDvfksd3-sWlScCbQC_1fZGsg.roa
File: cChDvfksd3-sWlScCbQC_1fZGsg.roa (raw, json)
Hash identifier: vpPWQrY7YWLQTo0+O8acr5ovIcEjGNp2BFo+j2FNXuY=
Subject key identifier: 70:28:43:BD:F9:2C:77:7F:AC:5A:54:9C:09:B4:02:FF:57:D9:1A:C8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A07A8F1A4AD42658C2CAFF618BB0ECC48
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cChDvfksd3-sWlScCbQC_1fZGsg.roa
Signing time: Tue 21 Oct 2025 16:45:03 +0000
ROA not before: Tue 21 Oct 2025 16:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205544
IP address blocks: 2a09:17c0:b19a::/48 maxlen: 48
2a0e:1a83:88::/48 maxlen: 48
2a0f:1206:77::/48 maxlen: 48
2a0f:14c0::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:bc02::/32 maxlen: 32
2a0f:e1c0:3::/48 maxlen: 48
2a0f:e1c7:100::/48 maxlen: 48
2a0f:e200:5::/48 maxlen: 48
2a0f:e202:97::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:ea40:8::/48 maxlen: 48
2a0f:ea44:88::/48 maxlen: 48
2a0f:ea47:ff49::/48 maxlen: 48
2a11:3240::/29 maxlen: 29
2a11:4800::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:3f00::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5900::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
2a12:dc00::/29 maxlen: 29
2a12:ecc0:3::/48 maxlen: 48
2a13:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:a8:f1:a4:ad:42:65:8c:2c:af:f6:18:bb:0e:cc:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 21 16:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=702843bdf92c777fac5a549c09b402ff57d91ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9d:33:42:ac:2e:51:63:6b:0b:06:67:af:be:
b9:7c:6e:dc:c5:e3:24:f9:ef:6d:f4:5a:69:52:a1:
38:75:5b:c5:56:3e:f9:af:5f:53:01:82:35:f8:b5:
d6:e4:30:e2:4f:9f:a3:43:f9:2f:a4:e8:3e:e0:af:
f2:a0:66:41:81:2d:73:4c:8d:d6:9d:b3:21:55:31:
c7:7c:1e:ae:08:75:e3:fb:30:ca:45:8e:20:94:84:
a4:8f:4c:47:99:44:56:f0:5f:73:c3:66:da:4c:9a:
07:c6:09:64:ad:50:2e:36:8f:51:1f:1a:ed:a0:cb:
03:f7:60:b6:1e:eb:71:44:51:93:4f:5c:d0:2a:28:
f8:ff:a2:4d:21:78:ce:4a:7d:43:e6:9f:0d:d2:76:
9f:66:e2:b0:30:d3:8b:1e:bb:c6:e6:ba:4b:91:e2:
35:e6:2f:f5:e3:ce:0e:b7:92:e6:3a:82:b4:b3:22:
a0:d1:d5:f3:fc:96:77:81:61:dc:dd:6b:09:5a:3e:
7a:92:21:98:ed:9f:d1:b6:de:65:6c:a7:fe:e6:0d:
ab:b8:98:2b:77:7d:3a:8b:f5:90:ae:77:17:dc:2a:
38:c8:61:cc:fa:0e:2d:83:27:9f:96:0f:e2:b4:b7:
10:de:56:b8:08:89:58:18:29:ed:13:d6:8d:c5:3a:
8c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:28:43:BD:F9:2C:77:7F:AC:5A:54:9C:09:B4:02:FF:57:D9:1A:C8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cChDvfksd3-sWlScCbQC_1fZGsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:b19a::/48
2a0e:1a83:88::/48
2a0f:1206:77::/48
2a0f:14c0::/29
2a0f:1540::/29
2a0f:1640::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:1a40::/29
2a0f:1fc0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:3740::/29
2a0f:bc02::/32
2a0f:e1c0:3::/48
2a0f:e1c7:100::/48
2a0f:e200:5::/48
2a0f:e202:97::/48
2a0f:e440::/29
2a0f:ea40:8::/48
2a0f:ea44:88::/48
2a0f:ea47:ff49::/48
2a11:3240::/29
2a11:4800::/29
2a11:8700::/29
2a11:e580::/29
2a12:3f00::/29
2a12:4b00::/29
2a12:5900::/29
2a12:cd00::/29
2a12:dc00::/29
2a12:ecc0:3::/48
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:80:1a:fe:70:dd:2a:39:81:f3:0d:4e:f5:95:03:6c:91:71:
d8:72:c0:83:0a:1c:16:3f:33:b0:0f:30:f1:d8:95:4f:1e:7e:
af:0b:33:06:29:54:01:31:eb:b6:64:4a:6e:d4:c0:ca:cd:c0:
3a:7d:21:94:69:67:15:3a:30:bc:2d:57:b9:96:f3:4c:5d:8d:
f4:22:d5:bf:88:d3:44:f9:63:89:44:fa:a0:8d:be:75:ca:32:
00:db:b0:80:e9:52:dd:1a:75:33:5b:2f:47:ca:59:c2:0f:30:
38:a5:c5:6a:fd:e2:f9:24:3b:fe:a2:99:9b:ce:6c:c8:b5:e2:
d8:27:a2:8f:a6:74:4c:9f:31:44:fe:9f:2f:d9:35:c0:a8:0d:
27:8a:64:26:cd:0a:57:62:d9:8c:64:f6:14:77:34:75:8e:d9:
b4:f1:c3:ed:7b:bf:9a:ee:6c:87:08:dd:22:25:fd:f3:f9:c5:
cb:17:41:02:28:78:cc:72:e5:38:42:92:e9:82:fb:5d:0c:63:
9c:26:b4:eb:47:69:2c:4d:d3:0e:d0:79:f1:1f:d7:69:b0:33:
f1:0f:6a:ae:a5:0d:e5:bb:7b:fb:72:72:47:e0:fb:ae:d7:dd:
6d:86:61:59:d8:a8:d9:f9:bb:59:7f:55:8a:d0:e4:de:61:e2:
ac:5c:2f:46
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgISAZoHqPGkrUJljCyv9hi7DsxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDIxMTY0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDI4NDNiZGY5MmM3NzdmYWM1YTU0OWMwOWI0MDJmZjU3ZDkxYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj50zQqwuUWNrCwZnr765fG7cxeMk
+e9t9FppUqE4dVvFVj75r19TAYI1+LXW5DDiT5+jQ/kvpOg+4K/yoGZBgS1zTI3W
nbMhVTHHfB6uCHXj+zDKRY4glISkj0xHmURW8F9zw2baTJoHxglkrVAuNo9RHxrt
oMsD92C2HutxRFGTT1zQKij4/6JNIXjOSn1D5p8N0nafZuKwMNOLHrvG5rpLkeI1
5i/1484Ot5LmOoK0syKg0dXz/JZ3gWHc3WsJWj56kiGY7Z/Rtt5lbKf+5g2ruJgr
d306i/WQrncX3Co4yGHM+g4tgyeflg/itLcQ3la4CIlYGCntE9aNxTqMzwIDAQAB
o4IDXjCCA1owHQYDVR0OBBYEFHAoQ735LHd/rFpUnAm0Av9X2RrIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvY0NoRHZma3NkMy1zV2xTY0NiUUNfMWZaR3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcgYIKwYBBQUHAQcBAf8EggFhMIIBXTCCAVkEAgACMIIB
UQMHACoJF8CxmgMHACoOGoMAiAMHACoPEgYAdwMFAyoPFMADBQMqDxVAAwUDKg8W
QAMFAyoPGEADBQMqDxjAAwUDKg8ZQAMFAyoPGkADBQMqDx/AAwUDKg8oQAMFAyoP
KMADBQMqDylAAwUDKg8qQAMFAyoPLUADBQMqDy3AAwUDKg8uQAMFAyoPLsADBQMq
DzDAAwUDKg8xQAMFAyoPNUADBQMqDzXAAwUDKg82wAMFAyoPN0ADBQAqD7wCAwcA
Kg/hwAADAwcAKg/hxwEAAwcAKg/iAAAFAwcAKg/iAgCXAwUDKg/kQAMHACoP6kAA
CAMHACoP6kQAiAMHACoP6kf/SQMFAyoRMkADBQMqEUgAAwUDKhGHAAMFAyoR5YAD
BQMqEj8AAwUDKhJLAAMFAyoSWQADBQMqEs0AAwUDKhLcAAMHACoS7MAAAwMFAyoT
zwAwDQYJKoZIhvcNAQELBQADggEBAFuAGv5w3So5gfMNTvWVA2yRcdhywIMKHBY/
M7APMPHYlU8efq8LMwYpVAEx67ZkSm7UwMrNwDp9IZRpZxU6MLwtV7mW80xdjfQi
1b+I00T5Y4lE+qCNvnXKMgDbsIDpUt0adTNbL0fKWcIPMDilxWr94vkkO/6imZvO
bMi14tgnoo+mdEyfMUT+ny/ZNcCoDSeKZCbNCldi2Yxk9hR3NHWO2bTxw+17v5ru
bIcI3SIl/fP5xcsXQQIoeMxy5ThCkumC+10MY5wmtOtHaSxN0w7QefEf12mwM/EP
aq6lDeW7e/tyckfg+67X3W2GYVnYqNn5u1l/VYrQ5N5h4qxcL0Y=
-----END CERTIFICATE-----
Generated at Wed Oct 22 05:21:48 2025 by rpki-client