Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xCDVVE8qjMUyXL6nPpJtd95YBP0.roa
File: xCDVVE8qjMUyXL6nPpJtd95YBP0.roa (raw, json)
Hash identifier: fU54CdQz8GFghpY22NGt3MwnRO1QTgcDJUa/BL+6y+Y=
Subject key identifier: C4:20:D5:54:4F:2A:8C:C5:32:5C:BE:A7:3E:92:6D:77:DE:58:04:FD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01974410C0BFFD35DA49CEB165B2A47970F2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xCDVVE8qjMUyXL6nPpJtd95YBP0.roa
Signing time: Fri 06 Jun 2025 07:07:18 +0000
ROA not before: Fri 06 Jun 2025 07:07:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0f:3f80::/29 maxlen: 29
2a0f:b400::/29 maxlen: 29
2a10:3240::/29 maxlen: 29
2a10:3840::/29 maxlen: 29
2a10:5c00::/29 maxlen: 29
2a10:7700::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a11:8880::/29 maxlen: 29
2a12:4ac0::/29 maxlen: 29
2a12:dc00::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a13:9f00::/29 maxlen: 29
2a13:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 22:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:10:c0:bf:fd:35:da:49:ce:b1:65:b2:a4:79:70:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 6 07:07:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c420d5544f2a8cc5325cbea73e926d77de5804fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:e4:fe:1a:38:99:b0:c9:bf:de:35:26:52:
91:6c:54:c3:2b:35:21:90:b7:0a:62:2a:6f:e0:63:
b0:53:a7:76:46:7e:4a:d3:7b:cb:f1:aa:f0:ee:b7:
2e:55:ee:52:f6:3e:cd:18:cd:6b:7f:00:b5:5a:d7:
7b:2c:ae:82:a2:b7:db:f6:f0:e7:4a:39:78:79:7d:
01:97:76:01:bc:43:bc:30:31:f4:55:18:20:2a:f8:
86:0d:ac:84:a2:0e:5b:50:42:e9:2e:8a:2f:4c:c0:
1e:4d:cd:18:85:f1:29:2b:1e:f6:0e:b5:c3:c6:8c:
74:43:34:04:15:66:f9:7f:7d:56:96:c9:40:9f:97:
59:9c:60:48:88:74:4e:71:ea:81:3a:13:b6:28:4c:
7a:38:31:c7:fe:93:86:f0:22:92:50:62:36:5f:07:
da:54:05:6f:aa:f0:79:bf:44:e4:79:c0:68:36:da:
2a:3a:a1:a4:7b:de:06:0d:de:a5:cc:4a:55:cc:28:
11:ff:6a:d8:92:ff:ed:3e:8c:90:cc:67:41:cf:4c:
7f:a3:dc:a1:70:fe:95:a6:9e:01:3b:6f:4f:84:13:
ce:34:e7:fe:ff:9d:7e:99:bb:6d:84:f5:75:11:c7:
85:f2:09:bd:32:31:a7:e6:cf:86:2e:45:f6:a8:f4:
52:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:20:D5:54:4F:2A:8C:C5:32:5C:BE:A7:3E:92:6D:77:DE:58:04:FD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xCDVVE8qjMUyXL6nPpJtd95YBP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3f80::/29
2a0f:b400::/29
2a10:3240::/29
2a10:3840::/29
2a10:5c00::/29
2a10:7700::/29
2a11:5c80::/29
2a11:8880::/29
2a12:4ac0::/29
2a12:dc00::/29
2a13:7400::/29
2a13:9380::/29
2a13:9f00::/29
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
ac:aa:e0:c4:01:23:df:f8:57:cd:df:b4:7d:bc:0f:a9:95:68:
2a:17:7c:b0:15:60:fe:92:47:b2:ee:1c:e7:6c:ef:37:4d:dc:
7b:ed:01:66:af:e3:96:f3:6b:80:aa:ba:aa:0f:2e:4a:8d:db:
3a:4b:51:e1:2a:9d:a6:9f:52:76:82:8a:1b:72:fe:d3:46:9c:
9e:51:8d:eb:cd:be:6d:4b:be:99:e5:ab:01:d1:93:9e:0f:55:
57:d1:4a:f9:42:df:18:07:07:25:68:b0:d5:35:16:dd:10:bb:
08:ff:4c:38:93:74:c5:01:ac:c0:28:93:b8:a2:a0:a7:1f:fc:
52:d5:66:73:a4:42:da:45:0e:bc:a8:24:12:68:5a:9a:96:f5:
10:9e:09:45:06:fc:53:9a:dc:a8:66:e1:33:58:03:ad:18:63:
76:2b:f2:9c:f5:34:54:56:84:b5:a5:e4:31:fe:dc:4b:af:71:
06:00:cf:e8:52:dd:79:6c:88:49:1a:91:78:05:ea:e7:39:26:
09:a6:91:4a:34:48:f4:57:cb:15:21:bd:e7:28:2e:45:6b:4a:
19:92:ee:36:90:04:c0:bb:b7:0c:3f:7a:0d:a9:3d:58:1f:1d:
d7:0b:a1:4e:65:2e:44:e2:00:71:7f:a7:db:37:d6:89:e9:31:
e9:2b:d6:a4
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZdEEMC//TXaSc6xZbKkeXDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjA2MDcwNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDIwZDU1NDRmMmE4Y2M1MzI1Y2JlYTczZTkyNmQ3N2RlNTgwNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszHk/ho4mbDJv941JlKRbFTDKzUh
kLcKYipv4GOwU6d2Rn5K03vL8arw7rcuVe5S9j7NGM1rfwC1Wtd7LK6Corfb9vDn
Sjl4eX0Bl3YBvEO8MDH0VRggKviGDayEog5bUELpLoovTMAeTc0YhfEpKx72DrXD
xox0QzQEFWb5f31WlslAn5dZnGBIiHROceqBOhO2KEx6ODHH/pOG8CKSUGI2Xwfa
VAVvqvB5v0TkecBoNtoqOqGke94GDd6lzEpVzCgR/2rYkv/tPoyQzGdBz0x/o9yh
cP6Vpp4BO29PhBPONOf+/51+mbtthPV1EceF8gm9MjGn5s+GLkX2qPRSjwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMQg1VRPKozFMly+pz6SbXfeWAT9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveENEVlZFOHFqTVV5WEw2blBwSnRkOTVZQlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwUDKg8/gAMF
AyoPtAADBQMqEDJAAwUDKhA4QAMFAyoQXAADBQMqEHcAAwUDKhFcgAMFAyoRiIAD
BQMqEkrAAwUDKhLcAAMFAyoTdAADBQMqE5OAAwUDKhOfAAMFAyoTzwAwDQYJKoZI
hvcNAQELBQADggEBAKyq4MQBI9/4V83ftH28D6mVaCoXfLAVYP6SR7LuHOds7zdN
3HvtAWav45bza4CquqoPLkqN2zpLUeEqnaafUnaCihty/tNGnJ5RjevNvm1Lvpnl
qwHRk54PVVfRSvlC3xgHByVosNU1Ft0Quwj/TDiTdMUBrMAok7iioKcf/FLVZnOk
QtpFDryoJBJoWpqW9RCeCUUG/FOa3Khm4TNYA60YY3Yr8pz1NFRWhLWl5DH+3Euv
cQYAz+hS3XlsiEkakXgF6uc5JgmmkUo0SPRXyxUhvecoLkVrShmS7jaQBMC7tww/
eg2pPVgfHdcLoU5lLkTiAHF/p9s31onpMekr1qQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:47:52 2025 by rpki-client