Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Hjik1cLk55gmkT0mX9BBDdrm5ZY.roa
File: Hjik1cLk55gmkT0mX9BBDdrm5ZY.roa (raw, json)
Hash identifier: uDSFE3en9avge395hVHI6x6hXRKRQG+2ZatAGOgwdVY=
Subject key identifier: 1E:38:A4:D5:C2:E4:E7:98:26:91:3D:26:5F:D0:41:0D:DA:E6:E5:96
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01973F976CC861843646ECE2EEFAD068EE11
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Hjik1cLk55gmkT0mX9BBDdrm5ZY.roa
Signing time: Thu 05 Jun 2025 10:16:17 +0000
ROA not before: Thu 05 Jun 2025 10:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12389
IP address blocks: 2a09:6285::/32 maxlen: 32
2a10:4103::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a12:a341::/32 maxlen: 32
2a13:93c2::/32 maxlen: 32
2a13:93c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:97:6c:c8:61:84:36:46:ec:e2:ee:fa:d0:68:ee:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 5 10:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e38a4d5c2e4e79826913d265fd0410ddae6e596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bf:35:41:a6:d1:f9:1a:0c:09:cc:19:53:c9:
79:ac:6b:40:4c:ea:36:44:04:b9:4b:43:18:c1:76:
38:3e:69:24:b1:8d:3e:d4:dc:ab:c0:9a:d1:ee:35:
ff:d3:18:35:44:85:1e:07:7e:e6:c7:2f:a9:72:b9:
14:c1:60:0d:18:d1:34:d5:eb:6a:ef:00:ea:87:04:
b7:aa:45:d1:7e:ee:24:13:aa:6a:17:f5:1b:ca:3a:
cd:6b:d2:d4:43:c0:b5:f6:c2:9a:1f:67:86:30:31:
1f:2c:b3:cb:a1:9f:49:be:f0:bb:69:fa:3d:ef:6b:
d8:ef:1a:6d:45:c5:0c:5b:ab:70:9b:f1:e7:a2:fe:
ed:b5:dc:28:5e:80:c5:82:2c:3c:21:b3:35:6f:25:
a7:f3:6e:d9:34:0b:d6:c5:39:80:7e:ce:c9:df:1a:
c2:2b:c8:a4:d6:3b:50:ac:7e:7d:ee:42:5e:6e:d8:
75:70:9f:d0:bd:60:51:81:c6:ac:a6:b5:b7:8a:af:
62:ab:28:ee:5a:36:52:b1:43:3a:6a:96:b5:3b:de:
c8:08:c8:c8:fb:eb:71:f8:6c:23:ac:f8:89:0a:fe:
f0:2f:6f:b9:80:67:20:e0:15:ee:1e:ac:ba:03:2a:
dc:2a:9b:4a:28:be:68:8e:3a:f8:8e:5b:a5:86:48:
95:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:38:A4:D5:C2:E4:E7:98:26:91:3D:26:5F:D0:41:0D:DA:E6:E5:96
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Hjik1cLk55gmkT0mX9BBDdrm5ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6285::/32
2a10:4103::/32
2a11:4b46::/32
2a12:a341::/32
2a13:93c2::/32
2a13:93c4::/32
Signature Algorithm: sha256WithRSAEncryption
63:c0:fe:75:01:1d:53:33:27:ef:11:5f:07:27:bc:f4:d6:ce:
5a:99:28:56:d8:db:35:f5:75:6c:02:a0:1e:df:f7:b9:9b:72:
e2:72:53:85:b9:9a:e8:02:19:d7:22:fa:48:a7:47:52:9b:1f:
84:2a:61:3d:fc:a7:7e:f7:d3:ad:a8:5b:bb:16:22:88:a7:d8:
68:50:fc:dc:3b:db:1b:76:2f:4a:6c:b5:84:5b:e1:57:94:3e:
3d:b4:9b:39:f3:00:70:82:83:42:8e:55:ac:ad:3d:b9:29:c2:
11:a6:81:5f:66:f5:be:d1:8d:00:26:58:8f:38:67:4f:0f:68:
f7:b3:de:7b:37:ec:2a:54:91:ad:73:37:46:b0:89:26:fe:f7:
c1:c8:f8:71:24:56:60:6f:7f:4a:f6:45:73:b2:be:1a:61:96:
f6:3c:49:f6:be:e3:01:be:45:c9:87:3e:ba:75:62:b2:e6:ee:
8e:1d:e9:11:3b:ac:d7:5b:6f:4e:68:d5:94:12:30:ae:7c:be:
fc:f9:c4:40:b0:7e:f7:65:c9:92:08:6b:d2:35:eb:91:f1:65:
8b:2c:6b:16:b2:99:a0:ae:f4:8e:a2:2b:69:0e:9e:15:81:3b:
d9:bc:ca:56:17:11:ab:c5:60:c7:c7:cb:da:8e:91:58:e0:2e:
ae:02:e5:ed
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZc/l2zIYYQ2Ruzi7vrQaO4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNjA1MTAxNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM4YTRkNWMyZTRlNzk4MjY5MTNkMjY1ZmQwNDEwZGRhZTZlNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL81QabR+RoMCcwZU8l5rGtATOo2
RAS5S0MYwXY4PmkksY0+1NyrwJrR7jX/0xg1RIUeB37mxy+pcrkUwWANGNE01etq
7wDqhwS3qkXRfu4kE6pqF/UbyjrNa9LUQ8C19sKaH2eGMDEfLLPLoZ9JvvC7afo9
72vY7xptRcUMW6twm/Hnov7ttdwoXoDFgiw8IbM1byWn827ZNAvWxTmAfs7J3xrC
K8ik1jtQrH597kJebth1cJ/QvWBRgcasprW3iq9iqyjuWjZSsUM6apa1O97ICMjI
++tx+GwjrPiJCv7wL2+5gGcg4BXuHqy6AyrcKptKKL5ojjr4jlulhkiVewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB44pNXC5OeYJpE9Jl/QQQ3a5uWWMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSGppazFjTGs1NWdta1QwbVg5QkJEZHJtNVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKglihQMF
ACoQQQMDBQAqEUtGAwUAKhKjQQMFACoTk8IDBQAqE5PEMA0GCSqGSIb3DQEBCwUA
A4IBAQBjwP51AR1TMyfvEV8HJ7z01s5amShW2Ns19XVsAqAe3/e5m3LiclOFuZro
AhnXIvpIp0dSmx+EKmE9/Kd+99OtqFu7FiKIp9hoUPzcO9sbdi9KbLWEW+FXlD49
tJs58wBwgoNCjlWsrT25KcIRpoFfZvW+0Y0AJliPOGdPD2j3s957N+wqVJGtczdG
sIkm/vfByPhxJFZgb39K9kVzsr4aYZb2PEn2vuMBvkXJhz66dWKy5u6OHekRO6zX
W29OaNWUEjCufL78+cRAsH73ZcmSCGvSNeuR8WWLLGsWspmgrvSOoitpDp4VgTvZ
vMpWFxGrxWDHx8vajpFY4C6uAuXt
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:56:14 2025 by rpki-client