Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/i6hYT-Eas3ddpueS4mPQdsM-EL0.roa
File: i6hYT-Eas3ddpueS4mPQdsM-EL0.roa (raw, json)
Hash identifier: E4J7sd6jf6UicJPF6/uz61jhUW4rTo3/6ARKE+KorSw=
Subject key identifier: 8B:A8:58:4F:E1:1A:B3:77:5D:A6:E7:92:E2:63:D0:76:C3:3E:10:BD
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01991528430124588CDFDFC4C2A8019CCD24
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/i6hYT-Eas3ddpueS4mPQdsM-EL0.roa
Signing time: Thu 04 Sep 2025 14:36:24 +0000
ROA not before: Thu 04 Sep 2025 14:36:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.1.40.0/24 maxlen: 24
2a06:fe40::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a0e:8400::/29 maxlen: 29
2a11:ed80::/29 maxlen: 29
2a12:f80::/29 maxlen: 29
2a12:2f00::/29 maxlen: 29
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:28:43:01:24:58:8c:df:df:c4:c2:a8:01:9c:cd:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 4 14:36:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ba8584fe11ab3775da6e792e263d076c33e10bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:25:dc:a5:45:cf:7c:9c:db:6b:20:c8:44:b2:
04:8d:bd:5e:d7:68:a1:64:5d:a2:35:09:d9:af:9a:
29:55:e8:4b:ec:8a:31:42:7e:7c:36:1c:7b:71:a2:
8e:3b:7b:e1:21:e6:89:d2:af:5c:6b:53:f2:21:2f:
dd:f7:2c:43:38:cc:37:40:c8:96:78:18:dc:ea:5c:
f2:81:32:ae:11:df:8f:3a:76:55:0a:a6:52:e1:a4:
0d:f0:1b:4e:ee:34:de:ac:e6:1b:93:d2:b7:3a:eb:
af:2d:65:1c:bf:83:63:bf:06:bc:b5:74:90:81:af:
8e:b4:d9:6a:b4:3f:28:d6:aa:0e:0e:0c:7d:0b:7f:
ce:10:d3:a6:8d:9b:d1:14:68:2a:03:92:89:e5:60:
cb:8e:a1:19:39:13:4b:de:0d:c0:39:2d:d9:45:bd:
c0:d2:ae:cd:54:d5:c2:57:d3:06:35:ea:00:b5:e9:
45:da:52:4b:9d:b4:dd:43:df:4d:f0:59:c0:1c:7e:
bf:5a:1e:07:63:5c:eb:89:95:54:f8:ff:45:f5:65:
6d:c8:88:2e:5a:fb:8d:82:b8:34:4b:66:b4:07:dc:
7d:14:b2:ec:10:91:24:2a:98:c1:71:63:81:a2:ac:
fc:b4:8b:44:34:00:72:89:fd:f6:02:c7:6a:1a:ad:
fc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A8:58:4F:E1:1A:B3:77:5D:A6:E7:92:E2:63:D0:76:C3:3E:10:BD
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/i6hYT-Eas3ddpueS4mPQdsM-EL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
IPv6:
2a06:fe40::/32
2a0e:2c00::/29
2a0e:8400::/29
2a11:ed80::/29
2a12:f80::/29
2a12:2f00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
49:d4:5d:c7:27:20:f1:56:58:c8:3c:74:02:4d:f3:66:88:27:
7e:b2:ea:87:aa:1f:b3:98:e0:4b:b6:a5:62:c3:b8:a8:8d:77:
d3:52:3d:8d:86:f0:ad:43:90:fc:80:c2:ef:67:58:e3:98:66:
f3:30:eb:1f:f4:3f:ed:a8:50:93:01:5f:b2:9e:87:26:05:da:
ea:1f:2e:70:1c:70:48:01:26:0f:62:1d:66:2f:00:84:a4:6c:
2a:c1:95:2a:04:f3:1e:34:78:ea:1d:b7:b1:ce:4a:ce:d6:f4:
ab:99:31:50:09:1b:9d:f3:db:96:16:42:68:cd:dd:76:f8:34:
fa:7f:ee:82:d9:3b:03:5c:12:d6:09:7e:72:fd:49:b1:88:bd:
ab:58:d8:7a:25:c0:b3:84:c7:12:e0:3a:db:a4:2d:68:b4:0b:
6d:b0:e6:2f:37:34:32:2a:bf:94:98:a0:d0:ab:3e:18:4b:d2:
64:7f:ae:95:00:c5:ea:f0:98:c5:27:63:40:10:82:84:d9:a5:
d9:86:e5:f4:66:ea:97:e9:09:4b:74:98:d2:cb:6d:e8:ed:69:
c5:0c:6c:f7:a7:58:b5:9f:7d:db:91:f7:95:9a:24:cf:04:bb:
c8:63:0f:05:a8:4f:26:40:56:3d:46:4f:83:c8:8a:7d:0f:b6:
37:3d:17:f7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZkVKEMBJFiM39/EwqgBnM0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTA0MTQzNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE4NTg0ZmUxMWFiMzc3NWRhNmU3OTJlMjYzZDA3NmMzM2UxMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyXcpUXPfJzbayDIRLIEjb1e12ih
ZF2iNQnZr5opVehL7IoxQn58Nhx7caKOO3vhIeaJ0q9ca1PyIS/d9yxDOMw3QMiW
eBjc6lzygTKuEd+POnZVCqZS4aQN8BtO7jTerOYbk9K3OuuvLWUcv4Njvwa8tXSQ
ga+OtNlqtD8o1qoODgx9C3/OENOmjZvRFGgqA5KJ5WDLjqEZORNL3g3AOS3ZRb3A
0q7NVNXCV9MGNeoAtelF2lJLnbTdQ99N8FnAHH6/Wh4HY1zriZVU+P9F9WVtyIgu
WvuNgrg0S2a0B9x9FLLsEJEkKpjBcWOBoqz8tItENAByif32AsdqGq38KwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIuoWE/hGrN3XabnkuJj0HbDPhC9MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvaTZoWVQtRWFzM2RkcHVlUzRtUFFkc00tRUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAMBAIAATAGAwQABQEoMDcE
AgACMDEDBQAqBv5AAwUDKg4sAAMFAyoOhAADBQMqEe2AAwUDKhIPgAMFAyoSLwAD
BQMqEjqAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ1F3HJyDxVljIPHQCTfNmiCd+suqH
qh+zmOBLtqViw7iojXfTUj2NhvCtQ5D8gMLvZ1jjmGbzMOsf9D/tqFCTAV+ynocm
BdrqHy5wHHBIASYPYh1mLwCEpGwqwZUqBPMeNHjqHbexzkrO1vSrmTFQCRud89uW
FkJozd12+DT6f+6C2TsDXBLWCX5y/UmxiL2rWNh6JcCzhMcS4DrbpC1otAttsOYv
NzQyKr+UmKDQqz4YS9Jkf66VAMXq8JjFJ2NAEIKE2aXZhuX0ZuqX6QlLdJjSy23o
7WnFDGz3p1i1n33bkfeVmiTPBLvIYw8FqE8mQFY9Rk+DyIp9D7Y3PRf3
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:08:34 2025 by rpki-client