Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/omudH-IhTok8-Xx-5K17deIC-o4.roa
File: omudH-IhTok8-Xx-5K17deIC-o4.roa (raw, json)
Hash identifier: rVxcDqfZmnQGSxh4Gg5QTyJ7pQzW2q4v3SnWBpmVxeU=
Subject key identifier: A2:6B:9D:1F:E2:21:4E:89:3C:F9:7C:7E:E4:AD:7B:75:E2:02:FA:8E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0198C7AD26A64497A3E82FAE666873C27705
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/omudH-IhTok8-Xx-5K17deIC-o4.roa
Signing time: Wed 20 Aug 2025 13:31:10 +0000
ROA not before: Wed 20 Aug 2025 13:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205417
IP address blocks: 2a0c:9a40:8710::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:ad:26:a6:44:97:a3:e8:2f:ae:66:68:73:c2:77:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Aug 20 13:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a26b9d1fe2214e893cf97c7ee4ad7b75e202fa8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:c6:81:49:34:6b:44:34:fd:2f:b9:cf:f2:
be:ca:01:18:6a:ea:5a:e1:31:4c:91:cb:45:ff:03:
6d:03:e7:80:6b:de:b2:67:8f:b4:25:85:36:b7:8f:
0b:08:df:af:a4:f9:72:06:6d:44:03:7c:78:ca:4b:
08:da:94:31:5e:72:5d:4b:21:e0:d9:89:44:28:8f:
0c:90:a6:02:04:38:23:f8:af:a0:12:af:0a:65:fb:
28:0d:3f:e8:f0:ff:2b:21:aa:68:30:b2:bb:01:4c:
1e:7b:9d:74:1c:7b:45:5c:9a:cd:8d:40:86:35:e4:
26:47:bc:6e:1d:de:98:93:2b:5e:94:7a:d6:6a:1a:
23:9b:7f:86:7b:96:3b:35:9b:4d:08:eb:91:49:d0:
c8:5b:f8:78:ae:52:0f:68:05:72:09:e0:21:88:04:
f9:c6:df:18:fc:98:4f:81:95:e9:0b:f6:d4:2f:8d:
85:f8:df:e8:e9:84:e4:03:60:e1:cb:5c:16:98:95:
18:29:4c:4c:c4:c4:1b:01:38:37:ef:e0:ff:f4:4d:
0e:20:32:0c:a5:1b:9f:f9:ba:c4:9d:a0:85:ce:17:
ec:74:7e:93:7e:fe:1e:18:b5:f8:63:f8:7c:98:c8:
04:17:67:8b:04:e9:b9:6e:14:92:de:85:50:e7:40:
de:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6B:9D:1F:E2:21:4E:89:3C:F9:7C:7E:E4:AD:7B:75:E2:02:FA:8E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/omudH-IhTok8-Xx-5K17deIC-o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8710::/44
Signature Algorithm: sha256WithRSAEncryption
16:2a:42:b2:e0:09:77:d9:93:97:02:a3:8f:60:fa:77:fc:fe:
13:95:7d:3f:bb:e5:6b:f9:3b:35:be:70:5e:0f:8d:c8:43:c5:
9c:d3:7c:c9:0c:d4:5e:e2:40:1d:25:08:3e:66:1b:5b:63:97:
d4:ad:1b:0f:ab:6d:b4:b4:fa:4b:26:db:08:46:30:1d:c2:f1:
a8:6b:80:71:ac:60:e5:bc:85:dd:3c:8d:1a:83:b9:ce:39:ef:
fb:64:c7:c2:d8:b3:cc:15:e8:7b:c9:c3:79:27:4f:b5:36:11:
a5:06:cc:1f:d0:3f:a1:b4:b3:90:ff:38:7c:89:fc:38:d4:b3:
d0:35:b7:fb:73:34:5a:cd:1f:51:a9:fb:35:54:2e:c4:6d:f5:
30:f3:d0:b1:37:26:c4:04:b1:7b:98:fb:c6:1d:99:c6:1e:70:
2e:01:73:07:4e:e1:89:ac:88:4e:cc:8a:3f:6e:10:4e:a6:27:
cd:1b:4a:18:61:51:7d:86:30:40:01:98:f7:ef:f9:c1:2d:13:
40:d2:cb:ac:93:df:3b:31:7b:7c:b5:88:af:44:40:d3:a1:47:
61:57:8d:03:62:a4:c1:a9:ba:d3:b7:35:e2:d1:2d:b7:29:05:
e6:5f:44:70:3f:ed:af:88:a2:e5:16:3a:bd:32:88:2c:7a:75:
0c:30:01:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZjHrSamRJej6C+uZmhzwncFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwODIwMTMzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZiOWQxZmUyMjE0ZTg5M2NmOTdjN2VlNGFkN2I3NWUyMDJmYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDbGgUk0a0Q0/S+5z/K+ygEYaupa
4TFMkctF/wNtA+eAa96yZ4+0JYU2t48LCN+vpPlyBm1EA3x4yksI2pQxXnJdSyHg
2YlEKI8MkKYCBDgj+K+gEq8KZfsoDT/o8P8rIapoMLK7AUwee510HHtFXJrNjUCG
NeQmR7xuHd6YkytelHrWahojm3+Ge5Y7NZtNCOuRSdDIW/h4rlIPaAVyCeAhiAT5
xt8Y/JhPgZXpC/bUL42F+N/o6YTkA2Dhy1wWmJUYKUxMxMQbATg37+D/9E0OIDIM
pRuf+brEnaCFzhfsdH6Tfv4eGLX4Y/h8mMgEF2eLBOm5bhSS3oVQ50De1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKJrnR/iIU6JPPl8fuSte3XiAvqOMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvb211ZEgtSWhUb2s4LVh4LTVLMTdkZUlDLW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAWKkKy4Al32ZOXAqOPYPp3/P4TlX0/u+Vr+Ts1
vnBeD43IQ8Wc03zJDNRe4kAdJQg+ZhtbY5fUrRsPq220tPpLJtsIRjAdwvGoa4Bx
rGDlvIXdPI0ag7nOOe/7ZMfC2LPMFeh7ycN5J0+1NhGlBswf0D+htLOQ/zh8ifw4
1LPQNbf7czRazR9Rqfs1VC7EbfUw89CxNybEBLF7mPvGHZnGHnAuAXMHTuGJrIhO
zIo/bhBOpifNG0oYYVF9hjBAAZj37/nBLRNA0susk987MXt8tYivREDToUdhV40D
YqTBqbrTtzXi0S23KQXmX0RwP+2viKLlFjq9MogsenUMMAEB
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:09:48 2025 by rpki-client