Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/1-B2R-GqYD9hP7s0C3NBoCj-VNkE.roa
File: 1-B2R-GqYD9hP7s0C3NBoCj-VNkE.roa (raw, json)
Hash identifier: ZOT8fcQn6mXuR7Nt7wxqiMRNnXCqSmMF7Ydjm3uUWkE=
Subject key identifier: F8:1D:91:F8:6A:98:0F:D8:4F:EE:CD:02:DC:D0:68:0A:3F:95:36:41
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 01987AEB7A8E00E4DF217A3651A7597CF35B
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/1-B2R-GqYD9hP7s0C3NBoCj-VNkE.roa
Signing time: Tue 05 Aug 2025 15:48:29 +0000
ROA not before: Tue 05 Aug 2025 15:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a03:5000:431::/48 maxlen: 48
2a03:5000:432::/48 maxlen: 48
2a03:5000:471::/48 maxlen: 48
2a03:5000:481::/48 maxlen: 48
2a03:5000:501::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:eb:7a:8e:00:e4:df:21:7a:36:51:a7:59:7c:f3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Aug 5 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f81d91f86a980fd84feecd02dcd0680a3f953641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:88:c0:fa:09:e9:81:d0:87:3d:0d:fa:74:
c2:ef:f3:49:d7:83:83:4c:5a:33:58:3a:c2:70:19:
8a:14:4a:9f:37:b8:83:d1:ca:65:0d:5a:de:6a:f1:
b0:62:c3:8c:72:d8:1c:ea:b6:31:03:ec:f6:98:95:
3a:0d:97:24:1c:60:01:07:4c:d3:37:be:0e:e9:5c:
fb:dd:a0:76:e1:19:77:75:bb:f4:7d:70:60:e6:47:
cd:e3:77:ec:ce:44:d7:f3:c3:e2:c1:69:69:c8:dd:
73:62:e5:f8:b8:c5:21:69:bb:89:8d:33:1c:8c:6d:
40:a3:4b:d8:4a:83:b5:5d:6e:c6:87:11:fa:6c:f7:
02:19:75:5a:7b:4b:93:1d:cf:85:2e:3b:d2:d0:1d:
c4:34:10:50:89:43:5f:b0:35:5a:7b:46:e1:7d:f1:
c5:de:12:5a:55:50:c8:7b:43:bd:6b:17:ba:de:c4:
5d:8d:3d:9e:46:10:f3:42:43:92:88:8f:1c:6d:d7:
36:b0:35:43:68:7c:17:8e:60:c5:fb:4a:84:77:62:
42:38:16:44:73:39:83:4c:2e:38:56:ee:4f:f1:c1:
cc:76:f9:4a:a0:78:19:70:b3:7d:df:23:7c:83:00:
18:7d:90:60:20:dd:69:02:3b:3e:f6:b1:12:f2:29:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1D:91:F8:6A:98:0F:D8:4F:EE:CD:02:DC:D0:68:0A:3F:95:36:41
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/1-B2R-GqYD9hP7s0C3NBoCj-VNkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:431::-2a03:5000:432:ffff:ffff:ffff:ffff:ffff
2a03:5000:471::/48
2a03:5000:481::/48
2a03:5000:501::/48
Signature Algorithm: sha256WithRSAEncryption
09:94:08:3f:e1:88:0c:ca:d4:d4:b0:d0:4f:c6:85:10:a0:7d:
42:95:5e:3f:94:a7:ce:ad:8f:42:c6:11:8a:9c:ff:45:66:81:
0f:ae:9a:2f:d7:d8:1a:a2:91:5c:1c:7f:6d:82:f4:0d:26:94:
34:98:20:cb:36:a1:26:2b:7f:55:67:ff:56:bd:bc:5d:0a:43:
dd:78:3b:c6:33:eb:f2:10:6c:ea:f8:f2:65:05:40:9c:c3:54:
2e:c9:7e:3b:46:6d:83:2f:be:cd:59:35:c2:8a:c4:6a:a9:e1:
66:be:90:d0:d5:b4:a3:a8:cb:91:e9:d4:84:84:45:19:9b:a6:
c2:4a:f6:b2:bc:9f:50:54:9a:4d:31:e0:14:32:bc:90:6c:68:
a9:db:c2:b9:ce:24:24:10:cd:e2:f8:51:0e:95:83:cd:ea:39:
52:4f:33:08:c7:ac:47:55:62:78:6a:8f:0e:e1:ad:7b:75:71:
d9:fc:3e:7d:98:cc:85:b6:81:e4:a2:58:e4:7d:a3:c3:6b:99:
3b:37:10:7a:ee:15:65:12:3d:12:12:92:06:be:b6:3a:6d:85:
0c:f3:3d:fc:ca:59:f2:8b:e6:f8:7c:39:7f:78:d6:07:17:03:
85:89:7a:be:2d:91:57:d1:54:aa:69:89:ab:6b:d0:f8:c7:49:
4d:c0:96:02
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZh663qOAOTfIXo2UadZfPNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwODA1MTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODFkOTFmODZhOTgwZmQ4NGZlZWNkMDJkY2QwNjgwYTNmOTUzNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLKIwPoJ6YHQhz0N+nTC7/NJ14OD
TFozWDrCcBmKFEqfN7iD0cplDVreavGwYsOMctgc6rYxA+z2mJU6DZckHGABB0zT
N74O6Vz73aB24Rl3dbv0fXBg5kfN43fszkTX88PiwWlpyN1zYuX4uMUhabuJjTMc
jG1Ao0vYSoO1XW7GhxH6bPcCGXVae0uTHc+FLjvS0B3ENBBQiUNfsDVae0bhffHF
3hJaVVDIe0O9axe63sRdjT2eRhDzQkOSiI8cbdc2sDVDaHwXjmDF+0qEd2JCOBZE
czmDTC44Vu5P8cHMdvlKoHgZcLN93yN8gwAYfZBgIN1pAjs+9rES8ik0gwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPgdkfhqmA/YT+7NAtzQaAo/lTZBMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvMS1CMlItR3FZRDloUDdzMEMzTkJvQ2otVk5rRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjgvMGZmNDQ5LWFkOTgtNDgyZC1hYzc1LTg2NDIzOGJjMDQ5
Yi8xL0pNeHJuRGY2b05vN1FTQUh3TEVMTEZ2eXowNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLzASAwcAKgNQ
AAQxAwcAKgNQAAQyAwcAKgNQAARxAwcAKgNQAASBAwcAKgNQAAUBMA0GCSqGSIb3
DQEBCwUAA4IBAQAJlAg/4YgMytTUsNBPxoUQoH1ClV4/lKfOrY9CxhGKnP9FZoEP
rpov19gaopFcHH9tgvQNJpQ0mCDLNqEmK39VZ/9WvbxdCkPdeDvGM+vyEGzq+PJl
BUCcw1QuyX47Rm2DL77NWTXCisRqqeFmvpDQ1bSjqMuR6dSEhEUZm6bCSvayvJ9Q
VJpNMeAUMryQbGip28K5ziQkEM3i+FEOlYPN6jlSTzMIx6xHVWJ4ao8O4a17dXHZ
/D59mMyFtoHkoljkfaPDa5k7NxB67hVlEj0SEpIGvrY6bYUM8z38ylnyi+b4fDl/
eNYHFwOFiXq+LZFX0VSqaYmra9D4x0lNwJYC
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:48:15 2025 by rpki-client