Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/eguZgyzn4RgvZ5SogE0v06sHlTc.roa
File: eguZgyzn4RgvZ5SogE0v06sHlTc.roa (raw, json)
Hash identifier: IMwHEuFwdNikTZY4g3hVnE82GuZvfj/ScCgvlNFlRDY=
Subject key identifier: 7A:0B:99:83:2C:E7:E1:18:2F:67:94:A8:80:4D:2F:D3:AB:07:95:37
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0198FB9EAAD0F8CAB6416E493F578ADC53BD
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/eguZgyzn4RgvZ5SogE0v06sHlTc.roa
Signing time: Sat 30 Aug 2025 15:35:36 +0000
ROA not before: Sat 30 Aug 2025 15:35:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12389
IP address blocks: 2a09:6285::/32 maxlen: 32
2a13:3880::/32 maxlen: 32
2a13:3881::/32 maxlen: 32
2a13:3882::/32 maxlen: 32
2a13:3883::/32 maxlen: 32
2a13:3884::/32 maxlen: 32
2a13:3885::/32 maxlen: 32
2a13:3886::/32 maxlen: 32
2a13:3887::/32 maxlen: 32
2a13:93c2::/32 maxlen: 32
2a13:93c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:fb:9e:aa:d0:f8:ca:b6:41:6e:49:3f:57:8a:dc:53:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 30 15:35:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a0b99832ce7e1182f6794a8804d2fd3ab079537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7f:e0:5d:03:aa:dc:a6:24:0a:df:a6:24:d8:
ae:be:d9:aa:0f:27:e1:a1:24:2d:ca:b8:02:5b:e4:
d5:10:4e:93:43:f0:15:3f:ef:7b:d3:95:24:cb:d1:
f6:83:10:02:82:02:65:f8:23:10:3d:d5:27:b7:03:
e5:09:77:bb:ae:dc:37:a0:8d:7e:a0:bd:49:21:43:
4c:c3:27:9f:59:24:f4:94:e2:d9:b7:1d:05:72:11:
0b:3e:56:e1:f5:2d:d6:ac:39:7d:5c:34:47:91:a8:
91:57:30:58:b2:85:dd:3a:ff:dd:b8:74:53:32:e3:
18:b5:d6:d6:3e:f6:2a:74:e8:07:ea:99:18:85:13:
d2:f6:09:08:fd:d7:44:80:7b:e4:8c:95:b8:72:f5:
96:e7:0d:e5:8d:ca:21:ce:ca:2c:c4:34:e7:97:d6:
f1:f9:57:04:ee:c0:e7:5c:1c:7a:a5:f2:3a:64:56:
8c:f6:20:f5:0a:7c:2d:33:73:d6:e5:da:97:15:c8:
34:fd:44:6d:8b:f8:4f:3c:12:c0:98:de:02:e5:13:
e5:2f:ab:28:54:58:d2:b3:a5:a2:25:9f:eb:59:90:
5a:a4:35:74:cf:59:e6:b7:c9:45:9a:71:ca:a6:11:
c9:ac:a1:91:be:a2:cd:cc:38:6d:a6:36:68:6a:a5:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0B:99:83:2C:E7:E1:18:2F:67:94:A8:80:4D:2F:D3:AB:07:95:37
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/eguZgyzn4RgvZ5SogE0v06sHlTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6285::/32
2a13:3880::/29
2a13:93c2::/32
2a13:93c4::/32
Signature Algorithm: sha256WithRSAEncryption
3d:22:a7:38:23:28:46:98:21:15:1c:09:74:09:23:3f:1c:c2:
be:de:fc:82:ce:ee:74:88:11:88:ef:05:06:a0:fb:60:6f:1c:
1a:f5:c7:4f:62:4b:34:a9:67:5c:8e:1c:cc:22:ee:5c:bf:ed:
e4:18:ff:66:76:22:b3:76:82:0f:7b:a4:d1:c6:22:40:51:9c:
02:26:e5:b5:4e:d7:60:c9:3b:de:88:90:b8:c3:15:06:13:3d:
17:56:b1:94:b0:26:86:27:a4:1a:a7:2d:c4:10:73:a2:ee:eb:
1b:6f:e8:32:d5:20:64:97:88:2a:b3:c5:55:77:9f:87:f1:55:
b4:85:d3:7b:ad:17:ae:92:f7:71:e3:0a:02:19:9c:6e:b4:14:
a4:4f:8a:f1:1d:34:99:58:90:02:eb:4e:73:66:8f:21:b2:26:
52:f1:c0:39:b3:fb:8f:c7:8d:d1:c8:10:aa:0a:8c:bb:50:c8:
eb:97:b5:af:18:a3:8c:81:ab:bb:29:93:f1:15:77:31:ef:ad:
e0:e6:7c:37:02:57:64:32:38:86:f2:3a:df:c1:5f:af:9f:bd:
db:72:c7:30:07:73:0b:0b:24:f0:ae:c7:84:a2:86:3e:69:a5:
c2:f0:05:6c:a1:da:29:a2:a7:c8:25:dd:a9:c9:8e:b9:bc:92:
86:c8:fc:37
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZj7nqrQ+Mq2QW5JP1eK3FO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwODMwMTUzNTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBiOTk4MzJjZTdlMTE4MmY2Nzk0YTg4MDRkMmZkM2FiMDc5NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3/gXQOq3KYkCt+mJNiuvtmqDyfh
oSQtyrgCW+TVEE6TQ/AVP+9705Uky9H2gxACggJl+CMQPdUntwPlCXe7rtw3oI1+
oL1JIUNMwyefWST0lOLZtx0FchELPlbh9S3WrDl9XDRHkaiRVzBYsoXdOv/duHRT
MuMYtdbWPvYqdOgH6pkYhRPS9gkI/ddEgHvkjJW4cvWW5w3ljcohzsosxDTnl9bx
+VcE7sDnXBx6pfI6ZFaM9iD1CnwtM3PW5dqXFcg0/URti/hPPBLAmN4C5RPlL6so
VFjSs6WiJZ/rWZBapDV0z1nmt8lFmnHKphHJrKGRvqLNzDhtpjZoaqVQKwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHoLmYMs5+EYL2eUqIBNL9OrB5U3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZWd1Wmd5em40Umd2WjVTb2dFMHYwNnNIbFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKglihQMF
AyoTOIADBQAqE5PCAwUAKhOTxDANBgkqhkiG9w0BAQsFAAOCAQEAPSKnOCMoRpgh
FRwJdAkjPxzCvt78gs7udIgRiO8FBqD7YG8cGvXHT2JLNKlnXI4czCLuXL/t5Bj/
ZnYis3aCD3uk0cYiQFGcAibltU7XYMk73oiQuMMVBhM9F1axlLAmhiekGqctxBBz
ou7rG2/oMtUgZJeIKrPFVXefh/FVtIXTe60XrpL3ceMKAhmcbrQUpE+K8R00mViQ
AutOc2aPIbImUvHAObP7j8eN0cgQqgqMu1DI65e1rxijjIGruymT8RV3Me+t4OZ8
NwJXZDI4hvI638Ffr5+923LHMAdzCwsk8K7HhKKGPmmlwvAFbKHaKaKnyCXdqcmO
ubyShsj8Nw==
-----END CERTIFICATE-----
Generated at Sat Sep 6 21:13:18 2025 by rpki-client