Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/vlLT27bJ2fd88umItQkeTf_ulKk.roa
File: vlLT27bJ2fd88umItQkeTf_ulKk.roa (raw, json)
Hash identifier: g1ccNVtlB2xSMwJbNSiNXXcODVJm6ozAEqNANBxK8LE=
Subject key identifier: BE:52:D3:DB:B6:C9:D9:F7:7C:F2:E9:88:B5:09:1E:4D:FF:EE:94:A9
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 0197131BBF48486AD220BC478AD7D9EF2B62
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/vlLT27bJ2fd88umItQkeTf_ulKk.roa
Signing time: Tue 27 May 2025 18:57:54 +0000
ROA not before: Tue 27 May 2025 18:57:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/44 maxlen: 48
2a01:e140::/48 maxlen: 48
2a01:e140:2::/48 maxlen: 48
2a01:e140:3::/48 maxlen: 48
2a01:e140:10::/44 maxlen: 48
2a01:e140:10::/48 maxlen: 48
2a01:e140:11::/48 maxlen: 48
2a01:e140:12::/48 maxlen: 48
2a01:e140:100::/44 maxlen: 48
2a01:e140:201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.mft
rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 15:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:1b:bf:48:48:6a:d2:20:bc:47:8a:d7:d9:ef:2b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: May 27 18:57:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be52d3dbb6c9d9f77cf2e988b5091e4dffee94a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:b8:be:2b:52:7b:c8:6f:f0:b3:32:97:9f:
d9:b1:8c:0b:33:3b:c5:eb:3e:7d:42:b2:84:80:9b:
e7:d7:9d:ae:ce:f0:23:06:a4:71:b4:b0:21:7c:9e:
78:d9:39:ca:4c:7c:a2:8d:13:26:a4:a3:86:60:16:
e0:ec:04:2d:f5:84:1f:ed:a2:3d:cf:7b:de:20:a3:
1f:2b:e0:11:71:f4:63:b9:bf:06:a7:47:59:9e:ad:
1c:b4:6e:ca:58:99:a8:b1:b1:75:4c:97:a5:56:79:
92:6d:02:53:87:9d:70:17:6d:a0:07:dc:14:f9:b2:
d5:07:d4:4b:37:12:47:5a:9c:7b:7f:22:a4:50:6c:
42:2d:5f:ca:b3:a4:08:ae:00:e7:41:c7:8a:31:c3:
21:97:d7:0f:04:f2:03:1b:71:95:5b:05:e1:5f:5b:
22:36:e3:64:40:b7:d5:7e:be:2f:5b:3a:da:eb:a3:
35:e4:53:8f:be:74:45:0b:26:e9:b3:fe:63:37:55:
31:88:b3:55:1b:be:81:9e:43:b6:42:9e:c4:fd:b7:
89:4e:4f:b3:27:5d:09:a9:7d:fc:f2:6f:42:c4:27:
28:cf:80:19:f0:50:c9:c1:3a:b9:6c:cd:cb:d2:87:
32:c8:31:61:37:75:45:f6:82:7b:c5:50:e5:78:cc:
81:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:52:D3:DB:B6:C9:D9:F7:7C:F2:E9:88:B5:09:1E:4D:FF:EE:94:A9
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/vlLT27bJ2fd88umItQkeTf_ulKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::/43
2a01:e140:100::/44
2a01:e140:201::/48
Signature Algorithm: sha256WithRSAEncryption
3c:94:c7:ad:c8:62:6e:08:9f:7e:a7:1a:a3:73:1d:b1:bd:a5:
f2:2f:44:f1:83:cb:40:be:c8:00:42:17:2d:b8:64:63:3c:08:
4a:36:84:4f:f0:2b:b9:5a:33:ff:1d:68:4d:d1:0a:fb:6c:97:
98:5a:1b:cd:2f:8f:0f:96:f5:fb:91:92:07:3d:4b:d9:c8:84:
9f:a5:86:9c:54:4c:7f:0f:56:5d:f4:00:bf:e4:d2:d6:ea:fc:
76:a0:f9:b6:77:ce:1c:6c:66:00:6f:69:9f:fc:ff:ef:47:bb:
73:0f:29:9f:7b:eb:b0:da:62:e8:0b:13:eb:ba:35:ef:b9:00:
74:ac:f6:d2:2b:cb:4c:3f:1d:ee:2f:c0:c1:39:26:21:b2:6f:
a1:cd:7e:94:02:98:7a:dd:0f:00:64:1d:5d:b5:37:94:d9:97:
e4:4f:bc:a1:6f:e5:ba:6c:e3:6e:69:4b:7f:4c:2e:2c:99:ef:
74:9d:ab:58:7e:c0:95:aa:9f:1b:40:5d:17:4f:40:60:57:e0:
1c:c7:83:04:7b:86:fb:b3:fe:14:13:ba:c2:e2:c5:94:2a:1e:
d8:65:9a:a6:59:7e:6b:a8:42:54:23:f7:4b:74:51:aa:a5:46:
47:19:49:75:d0:94:0a:d5:37:bd:b9:20:14:91:42:45:fe:23:
86:b9:7a:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZcTG79ISGrSILxHitfZ7ytiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjUwNTI3MTg1NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUyZDNkYmI2YzlkOWY3N2NmMmU5ODhiNTA5MWU0ZGZmZWU5NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1y4vitSe8hv8LMyl5/ZsYwLMzvF
6z59QrKEgJvn152uzvAjBqRxtLAhfJ542TnKTHyijRMmpKOGYBbg7AQt9YQf7aI9
z3veIKMfK+ARcfRjub8Gp0dZnq0ctG7KWJmosbF1TJelVnmSbQJTh51wF22gB9wU
+bLVB9RLNxJHWpx7fyKkUGxCLV/Ks6QIrgDnQceKMcMhl9cPBPIDG3GVWwXhX1si
NuNkQLfVfr4vWzra66M15FOPvnRFCybps/5jN1UxiLNVG76BnkO2Qp7E/beJTk+z
J10JqX388m9CxCcoz4AZ8FDJwTq5bM3L0ocyyDFhN3VF9oJ7xVDleMyBTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL5S09u2ydn3fPLpiLUJHk3/7pSpMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvdmxMVDI3YkoyZmQ4OHVtSXRRa2VUZl91bEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgtYzllYzNhOThmOWEz
LzEvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcFKgHhQAAA
AwcEKgHhQAEAAwcAKgHhQAIBMA0GCSqGSIb3DQEBCwUAA4IBAQA8lMetyGJuCJ9+
pxqjcx2xvaXyL0Txg8tAvsgAQhctuGRjPAhKNoRP8Cu5WjP/HWhN0Qr7bJeYWhvN
L48PlvX7kZIHPUvZyISfpYacVEx/D1Zd9AC/5NLW6vx2oPm2d84cbGYAb2mf/P/v
R7tzDymfe+uw2mLoCxPrujXvuQB0rPbSK8tMPx3uL8DBOSYhsm+hzX6UAph63Q8A
ZB1dtTeU2ZfkT7yhb+W6bONuaUt/TC4sme90natYfsCVqp8bQF0XT0BgV+Acx4ME
e4b7s/4UE7rC4sWUKh7YZZqmWX5rqEJUI/dLdFGqpUZHGUl10JQK1Te9uSAUkUJF
/iOGuXoQ
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:34:19 2025 by rpki-client