Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8fLlWDWbI3nXKyu-s9jh3o4ZcH8.roa
File: 8fLlWDWbI3nXKyu-s9jh3o4ZcH8.roa (raw, json)
Hash identifier: udkp4voRAi/BP6hr/Pyhip1/MtljW7VlffvafvowfTw=
Subject key identifier: F1:F2:E5:58:35:9B:23:79:D7:2B:2B:BE:B3:D8:E1:DE:8E:19:70:7F
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019927CBFDFD6122C151AA0EDA9D59D6B5E4
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8fLlWDWbI3nXKyu-s9jh3o4ZcH8.roa
Signing time: Mon 08 Sep 2025 05:28:24 +0000
ROA not before: Mon 08 Sep 2025 05:28:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:4b41::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
2a13:8580::/32 maxlen: 32
2a13:93c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:27:cb:fd:fd:61:22:c1:51:aa:0e:da:9d:59:d6:b5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 8 05:28:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1f2e558359b2379d72b2bbeb3d8e1de8e19707f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6c:1f:ad:6b:3c:eb:02:fe:8e:9f:af:21:e8:
f8:7b:7d:04:5e:0e:05:12:fa:6e:8d:bc:be:5e:2a:
1f:92:d1:9f:98:f1:0e:31:09:07:ec:56:c2:29:5d:
b4:67:87:20:15:83:6f:97:59:3e:68:45:b3:b9:a9:
17:bc:08:06:f6:04:6b:d8:1c:de:2c:21:72:af:0a:
ec:55:84:60:d7:d3:a6:91:0b:5e:e0:56:98:be:46:
11:eb:c1:28:2c:6c:0b:3f:02:f4:c0:26:c5:5f:e6:
e0:8e:c7:68:27:ae:9d:7c:90:9f:f8:f1:1e:0a:d0:
ae:1a:7f:bc:f8:00:ed:e3:a3:28:6a:89:60:79:56:
24:54:8b:1a:c0:3c:20:a9:b8:f2:9d:69:86:cb:a8:
3d:d5:98:b4:81:25:ca:2e:55:bd:fc:66:47:dd:7e:
42:26:16:b2:c7:46:92:b1:32:e7:77:ec:b4:4a:b5:
2d:4a:e9:7a:82:99:4f:32:5d:ea:81:de:9c:a8:8c:
4a:70:29:ca:5c:80:88:b5:d1:f4:94:d7:61:22:82:
e7:41:2f:b2:84:72:27:c5:22:97:49:71:f8:af:42:
f0:65:23:0e:02:4a:79:b3:81:fa:ea:39:d4:28:cd:
3c:99:1d:50:d3:3a:33:70:b7:3c:15:e7:1d:8f:20:
64:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F2:E5:58:35:9B:23:79:D7:2B:2B:BE:B3:D8:E1:DE:8E:19:70:7F
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8fLlWDWbI3nXKyu-s9jh3o4ZcH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b41::/32
2a12:c304::/30
2a13:8580::/32
2a13:93c1::/32
Signature Algorithm: sha256WithRSAEncryption
58:86:64:77:71:15:e4:8e:44:1c:31:05:98:ef:5b:1d:3d:4d:
ae:bc:ee:98:21:4a:b2:3f:27:0c:95:81:55:b5:2d:93:25:ef:
d4:7c:d8:4f:97:3b:e3:16:fd:13:33:bd:a5:aa:23:3d:cf:c2:
e4:0f:51:0f:16:58:da:55:ac:f9:5d:28:16:18:dd:f9:76:96:
c0:a4:e2:15:8b:1d:5b:bd:01:60:14:10:3e:5b:5a:05:14:b5:
ba:53:33:92:38:53:75:f9:e6:39:6b:bc:e1:e2:d6:f2:1a:8c:
a2:01:96:b5:af:f7:e8:1e:c6:f8:1d:fb:f2:10:2a:91:e4:06:
c5:af:bb:b5:44:82:ba:77:13:6f:35:84:4c:a4:ac:3b:e2:bf:
73:17:64:33:fa:44:12:98:a3:31:21:34:46:1f:e4:c7:b2:af:
ff:aa:95:a4:b4:5e:98:29:56:c2:39:b8:80:f7:d8:3d:d3:8b:
bd:83:cc:b7:84:88:24:11:8e:48:46:96:cd:52:ac:99:be:ca:
30:38:7c:91:87:3b:49:2c:07:fe:d2:50:fa:ac:1b:2f:96:18:
cb:1c:5c:46:ca:85:26:96:d8:8c:f3:a5:24:07:5f:06:1a:f2:
2b:65:e6:e6:ba:52:fc:43:d1:3d:4c:a5:0e:80:40:9b:d2:26:
b9:1f:2e:fb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZkny/39YSLBUaoO2p1Z1rXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTA4MDUyODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWYyZTU1ODM1OWIyMzc5ZDcyYjJiYmViM2Q4ZTFkZThlMTk3MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42wfrWs86wL+jp+vIej4e30EXg4F
Evpujby+XiofktGfmPEOMQkH7FbCKV20Z4cgFYNvl1k+aEWzuakXvAgG9gRr2Bze
LCFyrwrsVYRg19OmkQte4FaYvkYR68EoLGwLPwL0wCbFX+bgjsdoJ66dfJCf+PEe
CtCuGn+8+ADt46MoaolgeVYkVIsawDwgqbjynWmGy6g91Zi0gSXKLlW9/GZH3X5C
Jhayx0aSsTLnd+y0SrUtSul6gplPMl3qgd6cqIxKcCnKXICItdH0lNdhIoLnQS+y
hHInxSKXSXH4r0LwZSMOAkp5s4H66jnUKM08mR1Q0zozcLc8FecdjyBk3wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPHy5Vg1myN51ysrvrPY4d6OGXB/MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOGZMbFdEV2JJM25YS3l1LXM5amgzbzRaY0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFLQQMF
AioSwwQDBQAqE4WAAwUAKhOTwTANBgkqhkiG9w0BAQsFAAOCAQEAWIZkd3EV5I5E
HDEFmO9bHT1NrrzumCFKsj8nDJWBVbUtkyXv1HzYT5c74xb9EzO9paojPc/C5A9R
DxZY2lWs+V0oFhjd+XaWwKTiFYsdW70BYBQQPltaBRS1ulMzkjhTdfnmOWu84eLW
8hqMogGWta/36B7G+B378hAqkeQGxa+7tUSCuncTbzWETKSsO+K/cxdkM/pEEpij
MSE0Rh/kx7Kv/6qVpLRemClWwjm4gPfYPdOLvYPMt4SIJBGOSEaWzVKsmb7KMDh8
kYc7SSwH/tJQ+qwbL5YYyxxcRsqFJpbYjPOlJAdfBhryK2Xm5rpS/EPRPUylDoBA
m9ImuR8u+w==
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:03:14 2025 by rpki-client