Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/m5mJIZ0jpozcvDGXsACAvmLAzpM.roa
File: m5mJIZ0jpozcvDGXsACAvmLAzpM.roa (raw, json)
Hash identifier: LEZHu7OFPTNX9wUVXLSgUyzxAsybTM0N79+7ctnT/RA=
Subject key identifier: 9B:99:89:21:9D:23:A6:8C:DC:BC:31:97:B0:00:80:BE:62:C0:CE:93
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0196ED964505719CF08994931611F07F0D3A
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/m5mJIZ0jpozcvDGXsACAvmLAzpM.roa
Signing time: Tue 20 May 2025 12:06:10 +0000
ROA not before: Tue 20 May 2025 12:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203396
IP address blocks: 2a04:9a00:1021::/48 maxlen: 48
2a04:9a00:1022::/48 maxlen: 48
2a04:9a06:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:96:45:05:71:9c:f0:89:94:93:16:11:f0:7f:0d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 20 12:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b9989219d23a68cdcbc3197b00080be62c0ce93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:6e:1d:a9:17:4b:8c:18:91:11:d2:fc:b3:
76:a0:84:11:31:c9:f8:85:05:2e:a6:32:dd:1d:83:
59:36:63:5a:9c:c9:aa:53:64:f5:2c:0a:8f:9a:16:
f3:19:b9:68:b6:ee:2b:7e:54:13:f4:3f:3d:dc:cf:
e2:b4:00:ec:f5:c2:14:18:c0:43:51:b2:27:3e:d6:
6c:3c:25:16:90:06:11:be:ac:c1:11:a2:81:63:ab:
d0:90:e7:28:67:13:cb:1c:df:b7:0a:b4:74:ff:b3:
bb:1d:b6:92:33:f0:cf:87:3c:90:d5:52:6e:f7:ba:
de:a9:23:79:a9:aa:5f:71:dd:4f:2e:11:fa:7e:6e:
7b:59:af:d7:1e:17:43:0f:89:6e:77:43:80:4a:53:
1d:8c:59:85:c3:a2:c6:58:68:00:23:9e:9c:7c:fc:
a5:e4:c2:ac:9a:e4:ab:a9:00:55:6c:d3:40:f3:94:
bb:9f:e5:d0:5a:55:e8:c9:f1:9f:eb:6e:8a:7e:db:
4c:2a:7e:a9:90:a8:70:03:c1:d8:e5:5c:9e:d1:61:
5f:78:1b:97:e4:31:b4:a6:57:aa:e9:97:53:a4:e5:
bb:a4:0f:75:7a:cc:91:f7:3c:3b:f3:11:b2:29:f1:
76:ae:8b:d2:70:9c:e4:f2:ae:4b:ad:22:c1:0a:28:
4d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:99:89:21:9D:23:A6:8C:DC:BC:31:97:B0:00:80:BE:62:C0:CE:93
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/m5mJIZ0jpozcvDGXsACAvmLAzpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1021::-2a04:9a00:1022:ffff:ffff:ffff:ffff:ffff
2a04:9a06:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4a:47:76:64:1f:31:63:93:0d:9e:e0:31:c5:f4:8b:b4:f2:6b:
57:0a:af:80:a6:09:e3:f9:61:d7:b5:71:92:59:e3:f1:fd:5b:
29:2d:25:f2:06:a7:05:3f:c7:c5:6f:52:08:fc:7d:44:3e:0d:
45:3c:f9:c6:49:83:3c:ab:59:a2:ce:76:f5:f4:27:fa:3c:96:
e8:c8:41:34:4e:1b:37:0c:2e:73:df:64:6f:a9:8d:53:19:7b:
31:36:92:6e:53:ed:f1:5f:9b:fa:7a:59:8c:16:8f:b5:08:72:
b0:2c:51:10:a2:18:0a:96:49:37:1d:ab:2b:9a:a7:24:5e:f9:
90:17:21:c5:4c:07:54:36:e6:a3:ee:52:9b:a5:06:90:83:b0:
22:b8:3c:03:ad:c9:38:4f:fa:00:a3:ed:b8:ed:ae:a2:66:37:
6a:12:28:00:72:a9:d7:1c:eb:6e:0d:48:d7:bc:00:9b:05:27:
62:0b:9c:e8:90:00:b9:4a:01:eb:82:73:93:4f:24:0e:98:dd:
84:fb:a8:07:26:87:ce:bc:30:9c:74:86:98:d6:07:56:d6:d8:
35:47:8a:3e:57:28:53:24:c0:96:f4:b7:e8:f6:84:7f:25:4c:
8b:06:63:b4:22:ad:9f:c3:e2:9a:0e:48:ed:01:fe:32:9e:0e:
eb:4b:5d:41
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbtlkUFcZzwiZSTFhHwfw06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwNTIwMTIwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk5ODkyMTlkMjNhNjhjZGNiYzMxOTdiMDAwODBiZTYyYzBjZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkxuHakXS4wYkRHS/LN2oIQRMcn4
hQUupjLdHYNZNmNanMmqU2T1LAqPmhbzGblotu4rflQT9D893M/itADs9cIUGMBD
UbInPtZsPCUWkAYRvqzBEaKBY6vQkOcoZxPLHN+3CrR0/7O7HbaSM/DPhzyQ1VJu
97reqSN5qapfcd1PLhH6fm57Wa/XHhdDD4lud0OASlMdjFmFw6LGWGgAI56cfPyl
5MKsmuSrqQBVbNNA85S7n+XQWlXoyfGf626KfttMKn6pkKhwA8HY5Vye0WFfeBuX
5DG0pleq6ZdTpOW7pA91esyR9zw78xGyKfF2rovScJzk8q5LrSLBCihNZQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJuZiSGdI6aM3Lwxl7AAgL5iwM6TMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvbTVtSklaMGpwb3pjdkRHWHNBQ0F2bUxBenBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcMBIDBwAqBJoA
ECEDBwAqBJoAECIDBgQqBJoGEDANBgkqhkiG9w0BAQsFAAOCAQEASkd2ZB8xY5MN
nuAxxfSLtPJrVwqvgKYJ4/lh17Vxklnj8f1bKS0l8ganBT/HxW9SCPx9RD4NRTz5
xkmDPKtZos529fQn+jyW6MhBNE4bNwwuc99kb6mNUxl7MTaSblPt8V+b+npZjBaP
tQhysCxREKIYCpZJNx2rK5qnJF75kBchxUwHVDbmo+5Sm6UGkIOwIrg8A63JOE/6
AKPtuO2uomY3ahIoAHKp1xzrbg1I17wAmwUnYguc6JAAuUoB64Jzk08kDpjdhPuo
ByaHzrwwnHSGmNYHVtbYNUeKPlcoUyTAlvS36PaEfyVMiwZjtCKtn8Pimg5I7QH+
Mp4O60tdQQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:43:53 2025 by rpki-client