
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xhS3r_-FeRTaEVx2M5Anu_RUjvk.roa
File: xhS3r_-FeRTaEVx2M5Anu_RUjvk.roa (raw, json)
Hash identifier: 2mVyB8q3g3pxfxd67OdKpOdgMn/SmTmXnOi/Y8nOb7I=
Subject key identifier: C6:14:B7:AF:FF:85:79:14:DA:11:5C:76:33:90:27:BB:F4:54:8E:F9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019743FF5B33F494D994D890B06918C3EC17
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xhS3r_-FeRTaEVx2M5Anu_RUjvk.roa
Signing time: Fri 06 Jun 2025 06:48:17 +0000
ROA not before: Fri 06 Jun 2025 06:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 2a05:b300::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:ff:5b:33:f4:94:d9:94:d8:90:b0:69:18:c3:ec:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 6 06:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c614b7afff857914da115c76339027bbf4548ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:da:7a:66:a3:50:16:d7:15:ee:67:9c:5b:8c:
3b:8b:b5:f8:d4:a9:81:e5:4e:24:a3:b2:a2:98:02:
00:3d:9c:ef:22:0f:ef:86:95:90:d4:90:e1:ab:14:
fa:22:8a:2b:20:d2:79:7c:f7:ab:b5:14:78:3b:08:
5b:9b:b5:52:09:f9:26:0a:c9:cf:ef:6d:e5:94:11:
34:e5:5b:7e:29:3b:f6:4f:fb:d4:89:44:29:06:e5:
8a:0e:6a:7b:99:1a:4e:4a:5c:4c:88:3a:bd:2f:2a:
cb:55:88:ee:64:16:64:2d:7c:58:4c:75:b4:c8:01:
4f:34:58:4e:e1:d5:9a:a7:56:71:5d:30:5d:56:7e:
de:91:dc:bf:49:7b:d1:aa:81:bc:86:7f:c0:f4:63:
83:0e:43:a9:90:c1:39:2a:b0:7c:0f:74:ea:4c:69:
20:33:95:d8:d2:19:cb:1c:98:a6:15:2f:6e:3f:ae:
5d:9a:ab:a4:fb:6e:f6:03:63:d6:fd:b0:1a:1f:25:
db:dc:d7:94:a5:38:60:36:c4:88:75:14:07:b0:17:
3f:14:32:de:f5:7e:b7:92:c2:45:31:b4:54:e8:c3:
62:6e:00:77:80:97:14:6a:63:bd:8e:8e:0c:30:17:
9c:b2:0c:51:9b:5a:41:79:1e:be:87:5c:c9:1a:51:
01:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:14:B7:AF:FF:85:79:14:DA:11:5C:76:33:90:27:BB:F4:54:8E:F9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xhS3r_-FeRTaEVx2M5Anu_RUjvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a0e:8880::/29
2a12:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
95:a6:67:cc:c1:a0:4f:90:5b:52:1c:59:c3:d9:39:b4:0b:ea:
1e:2c:6e:6a:e9:5a:26:56:0a:ec:bf:c5:49:01:cc:22:04:d3:
cc:52:94:4b:bc:ea:dd:2c:eb:ed:45:71:89:fa:63:0d:24:ca:
55:da:9e:85:d2:85:56:37:89:80:bf:3c:ed:f2:dc:88:78:d3:
51:8b:3b:f4:b4:d0:14:68:ac:e3:aa:1c:0f:2a:71:22:e3:64:
6f:39:a6:64:d1:96:cc:d4:b0:da:99:71:47:b2:1a:de:3b:27:
b3:60:16:f6:ad:fd:47:c7:d6:ac:2b:a0:22:21:89:39:33:89:
c5:9e:65:9a:46:84:18:e4:08:dc:73:1a:35:2a:b0:54:97:60:
a9:8e:8a:2a:06:88:ed:bc:c4:e8:24:4a:21:58:d4:61:d2:e1:
92:d0:35:6a:8f:f0:c2:db:55:7b:4e:9c:f4:e8:95:5a:c6:79:
a3:3f:b5:1f:75:a8:54:4e:a7:41:f3:65:a2:fe:64:71:cb:11:
3f:dd:11:51:64:25:91:91:37:b3:83:7c:71:e0:51:a8:b3:9a:
05:d8:c4:5a:88:9b:73:5f:a0:76:91:22:82:8d:5f:89:a5:b9:
44:45:63:5f:ee:20:ed:90:f9:49:80:eb:55:c3:61:c2:74:68:
ad:a6:d3:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZdD/1sz9JTZlNiQsGkYw+wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjA2MDY0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE0YjdhZmZmODU3OTE0ZGExMTVjNzYzMzkwMjdiYmY0NTQ4ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Np6ZqNQFtcV7mecW4w7i7X41KmB
5U4ko7KimAIAPZzvIg/vhpWQ1JDhqxT6IoorINJ5fPertRR4Owhbm7VSCfkmCsnP
723llBE05Vt+KTv2T/vUiUQpBuWKDmp7mRpOSlxMiDq9LyrLVYjuZBZkLXxYTHW0
yAFPNFhO4dWap1ZxXTBdVn7ekdy/SXvRqoG8hn/A9GODDkOpkME5KrB8D3TqTGkg
M5XY0hnLHJimFS9uP65dmquk+272A2PW/bAaHyXb3NeUpThgNsSIdRQHsBc/FDLe
9X63ksJFMbRU6MNibgB3gJcUamO9jo4MMBecsgxRm1pBeR6+h1zJGlEBBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMYUt6//hXkU2hFcdjOQJ7v0VI75MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveGhTM3JfLUZlUlRhRVZ4Mk01QW51X1JVanZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgWzAAMF
AyoOiIADBQMqEroAMA0GCSqGSIb3DQEBCwUAA4IBAQCVpmfMwaBPkFtSHFnD2Tm0
C+oeLG5q6VomVgrsv8VJAcwiBNPMUpRLvOrdLOvtRXGJ+mMNJMpV2p6F0oVWN4mA
vzzt8tyIeNNRizv0tNAUaKzjqhwPKnEi42RvOaZk0ZbM1LDamXFHshreOyezYBb2
rf1Hx9asK6AiIYk5M4nFnmWaRoQY5Ajccxo1KrBUl2CpjooqBojtvMToJEohWNRh
0uGS0DVqj/DC21V7Tpz06JVaxnmjP7UfdahUTqdB82Wi/mRxyxE/3RFRZCWRkTez
g3xx4FGos5oF2MRaiJtzX6B2kSKCjV+JpblERWNf7iDtkPlJgOtVw2HCdGitptOL
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:27:19 2025 by rpki-client