Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/VsI_AW9EylW2fiJ1YDcH0sZTdk4.roa
File: VsI_AW9EylW2fiJ1YDcH0sZTdk4.roa (raw, json)
Hash identifier: 66hyyMtNTHFirc0cG1RdPc+2uiQi7LyhRHEQCng1VvU=
Subject key identifier: 56:C2:3F:01:6F:44:CA:55:B6:7E:22:75:60:37:07:D2:C6:53:76:4E
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 0198EB8294B15AE2F99C97F3E94E151E317D
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/VsI_AW9EylW2fiJ1YDcH0sZTdk4.roa
Signing time: Wed 27 Aug 2025 12:31:00 +0000
ROA not before: Wed 27 Aug 2025 12:31:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205054
IP address blocks: 2a14:ae00:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:82:94:b1:5a:e2:f9:9c:97:f3:e9:4e:15:1e:31:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: Aug 27 12:31:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56c23f016f44ca55b67e2275603707d2c653764e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:a0:f9:26:f9:83:f8:55:57:ba:7e:54:ed:
d2:7b:28:74:b8:65:3d:ca:ac:41:14:6f:cc:51:4c:
16:b0:8b:ff:22:28:f4:95:42:1d:b3:5e:dc:bd:bd:
b9:cd:e6:3d:e8:84:9a:c4:c4:c9:5c:c4:fa:17:1c:
d2:0e:8c:8d:61:18:a5:39:ad:10:7a:51:9a:23:63:
a6:4d:a4:bf:b8:f2:52:fc:b0:06:14:1a:90:18:4a:
ee:07:d2:5d:98:fd:06:aa:49:1c:16:db:d3:a8:58:
d2:e0:be:87:1b:6b:97:4b:1e:22:60:ec:25:05:1c:
cb:2c:df:46:04:f5:a6:f4:11:86:c5:29:99:ea:3e:
dd:42:2f:3f:bc:de:cf:27:22:bc:e7:d7:19:b7:4e:
89:a9:c0:b9:e8:fc:7b:3a:ef:0d:c6:fe:7b:9a:36:
76:ae:37:1d:b5:46:bd:63:63:dd:5d:c8:10:c3:41:
40:37:04:61:f7:08:e3:49:7d:0d:4c:27:98:41:14:
cf:c3:3e:74:36:5b:5b:94:76:b6:26:63:39:ab:82:
2c:68:df:a2:63:74:60:84:f9:36:ec:c7:21:fb:6c:
e0:30:77:18:dd:28:49:76:9c:65:3d:1b:1e:89:b7:
31:ec:99:aa:55:54:96:6c:77:23:e2:bf:0a:03:f3:
6a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C2:3F:01:6F:44:CA:55:B6:7E:22:75:60:37:07:D2:C6:53:76:4E
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/VsI_AW9EylW2fiJ1YDcH0sZTdk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ae00:3::/48
Signature Algorithm: sha256WithRSAEncryption
44:29:69:10:9e:26:ac:d7:1c:f6:ce:ed:9e:e1:ff:17:f5:84:
b4:7d:80:88:48:8b:43:35:7e:5e:af:6d:d9:90:36:d7:05:dc:
21:86:80:10:8a:96:15:58:e8:07:4d:90:49:1c:1f:19:bb:4a:
93:1b:4d:47:4a:b9:50:d2:98:3c:73:30:fe:a2:4d:97:00:8a:
94:af:55:35:9c:a2:50:e9:99:16:66:65:c7:da:67:e1:ea:34:
54:28:e6:88:92:f0:fb:9b:33:09:82:b6:28:58:9e:92:06:f1:
7d:82:a5:5e:bb:48:4c:70:fe:51:2a:d1:6e:ac:2a:a9:2b:b6:
88:83:b5:01:3d:36:f7:68:8d:7a:84:e9:b7:f6:a2:79:ef:d0:
94:1b:4e:b7:63:17:70:cc:ee:7d:66:a1:fa:55:a9:0e:16:b1:
c1:cf:ea:1a:50:d8:55:88:ae:e1:dd:55:b7:0f:5a:ce:e7:48:
55:b6:54:ee:0c:39:55:e3:72:d4:bc:c3:6b:a8:e8:ca:aa:9f:
06:d6:d2:32:d6:31:b1:43:48:42:96:06:e6:82:db:a2:b8:ec:
82:90:7c:0c:2e:30:c0:38:e8:c0:1f:62:58:07:f1:7e:0f:b6:
7b:74:18:ec:40:89:1b:e8:f9:0f:87:3f:b2:83:45:1d:a5:ed:
35:6d:ad:f7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZjrgpSxWuL5nJfz6U4VHjF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjUwODI3MTIzMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmMyM2YwMTZmNDRjYTU1YjY3ZTIyNzU2MDM3MDdkMmM2NTM3NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl6g+Sb5g/hVV7p+VO3Seyh0uGU9
yqxBFG/MUUwWsIv/Iij0lUIds17cvb25zeY96ISaxMTJXMT6FxzSDoyNYRilOa0Q
elGaI2OmTaS/uPJS/LAGFBqQGEruB9JdmP0GqkkcFtvTqFjS4L6HG2uXSx4iYOwl
BRzLLN9GBPWm9BGGxSmZ6j7dQi8/vN7PJyK859cZt06JqcC56Px7Ou8Nxv57mjZ2
rjcdtUa9Y2PdXcgQw0FANwRh9wjjSX0NTCeYQRTPwz50NltblHa2JmM5q4IsaN+i
Y3RghPk27Mch+2zgMHcY3ShJdpxlPRseibcx7JmqVVSWbHcj4r8KA/NqhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFbCPwFvRMpVtn4idWA3B9LGU3ZOMB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvVnNJX0FXOUV5bFcyZmlKMVlEY0gwc1pUZGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhSuAAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBEKWkQnias1xz2zu2e4f8X9YS0fYCISItDNX5e
r23ZkDbXBdwhhoAQipYVWOgHTZBJHB8Zu0qTG01HSrlQ0pg8czD+ok2XAIqUr1U1
nKJQ6ZkWZmXH2mfh6jRUKOaIkvD7mzMJgrYoWJ6SBvF9gqVeu0hMcP5RKtFurCqp
K7aIg7UBPTb3aI16hOm39qJ579CUG063YxdwzO59ZqH6VakOFrHBz+oaUNhViK7h
3VW3D1rO50hVtlTuDDlV43LUvMNrqOjKqp8G1tIy1jGxQ0hClgbmgtuiuOyCkHwM
LjDAOOjAH2JYB/F+D7Z7dBjsQIkb6PkPhz+yg0Udpe01ba33
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:47:42 2025 by rpki-client