Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/k3qjfn2AAdeFPjY3Bp8KUgRaMPA.roa
File: k3qjfn2AAdeFPjY3Bp8KUgRaMPA.roa (raw, json)
Hash identifier: 4Ifjp85NogHztb45WtYR2OYxyvQl/OdGpjlDDi7JSNQ=
Subject key identifier: 93:7A:A3:7E:7D:80:01:D7:85:3E:36:37:06:9F:0A:52:04:5A:30:F0
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 0198DAE2C4E5F6BE7349FF0EBB57579677E7
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/k3qjfn2AAdeFPjY3Bp8KUgRaMPA.roa
Signing time: Sun 24 Aug 2025 07:02:31 +0000
ROA not before: Sun 24 Aug 2025 07:02:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216061
IP address blocks: 2a03:9381:1::/48 maxlen: 48
2a03:9381:2::/48 maxlen: 48
2a03:9381:3::/48 maxlen: 48
2a03:9381:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 16:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:da:e2:c4:e5:f6:be:73:49:ff:0e:bb:57:57:96:77:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: Aug 24 07:02:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=937aa37e7d8001d7853e3637069f0a52045a30f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:86:5d:ec:51:a9:ea:cb:29:46:32:bd:d9:
0f:1e:1c:21:c3:19:29:81:2a:27:db:eb:a2:f1:19:
23:61:cc:bf:d3:a1:e5:c0:06:3a:23:96:36:ac:6d:
46:76:e8:c9:0e:58:69:fc:75:19:bc:07:62:55:35:
03:b1:2a:39:4c:e2:97:99:13:58:d9:98:c9:b0:e2:
ec:e6:e1:7b:de:2b:53:1d:63:03:6c:ce:9c:c5:8e:
bc:83:b7:18:30:b8:78:3d:d4:d1:d4:f3:c7:ff:36:
14:b3:6d:fb:35:21:9c:0d:a3:74:d9:6e:87:6b:90:
f9:f9:cb:47:3a:2c:62:62:00:98:ec:0f:7f:87:e7:
41:99:f7:b5:19:5e:e3:6f:2a:7e:d9:3b:5b:46:bf:
23:80:a1:dc:fb:cd:92:c2:9c:91:e7:45:66:f8:7a:
ff:2f:f7:b5:85:5a:be:29:cd:89:66:9e:09:1c:22:
32:0e:3b:40:d7:94:d6:ac:fd:c1:3e:75:85:fb:36:
42:27:b8:7f:e7:ff:be:a3:a3:52:40:5b:f4:5b:47:
e0:25:cb:04:cf:88:ae:73:78:58:5a:86:c5:cd:ad:
a2:ac:99:c9:a9:af:be:db:53:5c:9b:ce:dd:df:19:
26:4c:19:81:00:c6:79:80:ba:ca:03:f7:2b:d2:45:
0b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7A:A3:7E:7D:80:01:D7:85:3E:36:37:06:9F:0A:52:04:5A:30:F0
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/k3qjfn2AAdeFPjY3Bp8KUgRaMPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9381:1::-2a03:9381:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
de:3f:40:27:34:a4:5e:56:f7:d5:93:ff:fc:27:d7:f0:18:57:
67:f1:3c:02:63:03:74:8d:a7:0f:d8:e6:b4:93:f4:b3:e9:91:
df:5f:97:3b:94:4c:48:9e:39:41:fc:d3:56:0d:17:5e:f4:bb:
d2:79:95:6f:e4:6d:a5:8e:7e:77:b8:63:9c:53:db:f9:cf:fb:
5f:3c:56:ec:26:6c:76:6e:c0:71:5b:26:54:9a:d9:e9:1c:d9:
d6:dc:c4:9b:0a:b8:e6:11:47:d1:7c:a8:2b:88:dd:24:f4:7b:
4c:ef:8e:d4:e2:e9:de:15:ff:61:75:47:37:44:35:df:a0:63:
7d:bf:0e:89:47:bb:8a:ad:c8:19:28:de:82:c5:dc:ff:e4:ae:
d0:66:81:0a:8a:b4:0e:aa:69:b7:c4:ec:3b:1b:7c:ca:e8:9a:
25:64:be:2f:71:b6:ff:34:55:7d:c8:61:c3:0b:09:de:d1:a6:
8f:40:58:d6:76:45:22:ab:1f:65:45:c9:7a:92:52:ad:3d:4f:
fe:12:0d:a7:cb:bf:98:69:1b:a1:fa:b7:fc:cc:0a:13:a4:41:
ad:6e:4a:0a:3a:8a:e9:91:7f:4e:d7:0a:e9:8c:5b:d2:5f:c2:
d0:ff:a5:e4:7f:df:87:cd:61:92:88:52:a1:88:e6:9c:66:61:
ef:ae:79:95
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZja4sTl9r5zSf8Ou1dXlnfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjUwODI0MDcwMjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdhYTM3ZTdkODAwMWQ3ODUzZTM2MzcwNjlmMGE1MjA0NWEzMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpmGXexRqerLKUYyvdkPHhwhwxkp
gSon2+ui8RkjYcy/06HlwAY6I5Y2rG1GdujJDlhp/HUZvAdiVTUDsSo5TOKXmRNY
2ZjJsOLs5uF73itTHWMDbM6cxY68g7cYMLh4PdTR1PPH/zYUs237NSGcDaN02W6H
a5D5+ctHOixiYgCY7A9/h+dBmfe1GV7jbyp+2TtbRr8jgKHc+82SwpyR50Vm+Hr/
L/e1hVq+Kc2JZp4JHCIyDjtA15TWrP3BPnWF+zZCJ7h/5/++o6NSQFv0W0fgJcsE
z4iuc3hYWobFza2irJnJqa++21Ncm87d3xkmTBmBAMZ5gLrKA/cr0kULZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJN6o359gAHXhT42NwafClIEWjDwMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvazNxamZuMkFBZGVGUGpZM0JwOEtVZ1JhTVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqA5OB
AAEDBwAqA5OBAAQwDQYJKoZIhvcNAQELBQADggEBAN4/QCc0pF5W99WT//wn1/AY
V2fxPAJjA3SNpw/Y5rST9LPpkd9flzuUTEieOUH801YNF170u9J5lW/kbaWOfne4
Y5xT2/nP+188VuwmbHZuwHFbJlSa2ekc2dbcxJsKuOYRR9F8qCuI3ST0e0zvjtTi
6d4V/2F1RzdENd+gY32/DolHu4qtyBko3oLF3P/krtBmgQqKtA6qabfE7DsbfMro
miVkvi9xtv80VX3IYcMLCd7Rpo9AWNZ2RSKrH2VFyXqSUq09T/4SDafLv5hpG6H6
t/zMChOkQa1uSgo6iumRf07XCumMW9JfwtD/peR/34fNYZKIUqGI5pxmYe+ueZU=
-----END CERTIFICATE-----
Generated at Tue Sep 9 00:50:41 2025 by rpki-client