Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/6KE1f3SfODbhrqqvZsF_D0ZoDAA.roa
File: 6KE1f3SfODbhrqqvZsF_D0ZoDAA.roa (raw, json)
Hash identifier: 7SUdbi1IDvxV+Lt689k30G+Djz3Cscug0smzMx3jLH8=
Subject key identifier: E8:A1:35:7F:74:9F:38:36:E1:AE:AA:AF:66:C1:7F:0F:46:68:0C:00
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01990646F016925733F32A22E6DEF187DEDB
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/6KE1f3SfODbhrqqvZsF_D0ZoDAA.roa
Signing time: Mon 01 Sep 2025 17:15:36 +0000
ROA not before: Mon 01 Sep 2025 17:15:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:8b86::/32 maxlen: 32
2a0e:6744::/32 maxlen: 32
2a0e:c443::/32 maxlen: 32
2a12:3cc5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:46:f0:16:92:57:33:f3:2a:22:e6:de:f1:87:de:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Sep 1 17:15:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8a1357f749f3836e1aeaaaf66c17f0f46680c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:4a:8a:90:5e:85:3a:fa:05:ec:1d:b0:46:
bd:96:c5:2f:26:48:9d:e9:0b:51:72:ec:34:b3:c2:
94:10:8c:3b:47:62:e6:10:6c:92:5d:29:63:48:59:
e5:0e:a9:66:f5:24:c5:ab:08:0b:89:c8:0c:99:67:
2c:c8:bd:bd:98:2e:d3:c2:cf:27:c8:03:1b:42:b7:
59:0f:3e:19:a9:63:13:15:59:9c:3d:4c:69:c0:1c:
ff:91:40:e2:38:5f:1b:7d:06:76:06:da:1b:98:4f:
af:e7:b1:9c:02:61:70:46:1d:c0:16:32:af:2f:7c:
74:64:c0:30:ad:68:2a:13:d5:91:25:c0:07:aa:4e:
aa:77:b4:e5:ee:ea:3b:24:28:25:1f:c6:d2:3b:cd:
04:c4:5d:5d:79:2f:ef:06:93:ae:b0:06:e9:99:f7:
ae:32:83:f9:70:7e:a9:23:5e:c5:fa:d3:6a:71:ee:
f7:6b:9f:00:4e:84:e1:79:f1:99:9b:80:4e:2e:1d:
f7:fa:c8:74:f9:2b:93:b4:c2:2b:0c:2e:bf:92:09:
fa:75:52:e2:80:89:2a:ea:1a:ad:86:2c:8d:96:ff:
c7:c7:91:b4:dc:7c:eb:16:f7:2f:7a:5d:40:a6:63:
2a:3c:7d:d5:c6:6a:9f:0b:0a:47:4e:eb:50:52:26:
9f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A1:35:7F:74:9F:38:36:E1:AE:AA:AF:66:C1:7F:0F:46:68:0C:00
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/6KE1f3SfODbhrqqvZsF_D0ZoDAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b86::/32
2a0e:6744::/32
2a0e:c443::/32
2a12:3cc5::/32
Signature Algorithm: sha256WithRSAEncryption
80:eb:1d:73:f9:41:f0:bf:81:e7:34:a2:ed:52:34:60:e2:1d:
4b:cf:b2:8b:65:69:50:9e:1b:6c:65:d3:fa:32:89:03:45:e5:
3d:8e:43:ac:41:5e:b3:94:a9:96:f0:97:f0:51:a1:0d:60:63:
f1:0a:ad:bf:f4:29:8f:5d:d3:58:28:52:f8:d0:c2:b1:1b:04:
17:f8:5c:b1:ac:8e:f1:55:9e:09:82:42:40:44:92:a1:02:a2:
31:d0:4b:50:c4:48:fd:f8:e8:f0:35:5f:2f:66:83:08:a6:79:
1c:ab:b9:a2:88:58:19:cd:c6:b9:6a:dd:1d:a7:3b:58:65:99:
c4:aa:b1:f9:1c:b9:60:3c:4b:61:e8:92:a8:af:8e:48:15:28:
d3:11:76:88:24:03:84:f6:3e:cb:35:92:05:7f:25:dc:34:55:
dc:19:43:1d:05:b4:65:d4:67:85:12:c3:4c:9e:df:d8:b6:d6:
f8:c8:a9:29:4a:de:d8:e4:ee:26:96:c3:d4:1a:02:ab:47:1f:
da:1f:7c:68:ef:22:cf:a6:8f:fa:a0:e0:28:f6:fd:3f:89:5d:
6f:b0:17:00:87:4f:5c:79:2b:21:13:03:03:90:46:56:03:9e:
97:dc:8f:20:70:7f:85:65:66:b1:93:ef:33:d3:41:b0:1a:d1:
7e:4e:46:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZkGRvAWklcz8yoi5t7xh97bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwOTAxMTcxNTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGExMzU3Zjc0OWYzODM2ZTFhZWFhYWY2NmMxN2YwZjQ2NjgwYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAdKipBehTr6BewdsEa9lsUvJkid
6QtRcuw0s8KUEIw7R2LmEGySXSljSFnlDqlm9STFqwgLicgMmWcsyL29mC7Tws8n
yAMbQrdZDz4ZqWMTFVmcPUxpwBz/kUDiOF8bfQZ2BtobmE+v57GcAmFwRh3AFjKv
L3x0ZMAwrWgqE9WRJcAHqk6qd7Tl7uo7JCglH8bSO80ExF1deS/vBpOusAbpmfeu
MoP5cH6pI17F+tNqce73a58AToThefGZm4BOLh33+sh0+SuTtMIrDC6/kgn6dVLi
gIkq6hqthiyNlv/Hx5G03HzrFvcvel1ApmMqPH3VxmqfCwpHTutQUiafpQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOihNX90nzg24a6qr2bBfw9GaAwAMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvNktFMWYzU2ZPRGJocnFxdlpzRl9EMFpvREFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgmLhgMF
ACoOZ0QDBQAqDsRDAwUAKhI8xTANBgkqhkiG9w0BAQsFAAOCAQEAgOsdc/lB8L+B
5zSi7VI0YOIdS8+yi2VpUJ4bbGXT+jKJA0XlPY5DrEFes5SplvCX8FGhDWBj8Qqt
v/Qpj13TWChS+NDCsRsEF/hcsayO8VWeCYJCQESSoQKiMdBLUMRI/fjo8DVfL2aD
CKZ5HKu5oohYGc3GuWrdHac7WGWZxKqx+Ry5YDxLYeiSqK+OSBUo0xF2iCQDhPY+
yzWSBX8l3DRV3BlDHQW0ZdRnhRLDTJ7f2LbW+MipKUre2OTuJpbD1BoCq0cf2h98
aO8iz6aP+qDgKPb9P4ldb7AXAIdPXHkrIRMDA5BGVgOel9yPIHB/hWVmsZPvM9NB
sBrRfk5GTA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 15:26:15 2025 by rpki-client