Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/11jEC650m0CZG4LpQL4zmUd5QaY.roa
File: 11jEC650m0CZG4LpQL4zmUd5QaY.roa (raw, json)
Hash identifier: 7UGZEAgneJXq9Giu9H7nZKjtUjxT92keVlw2sUKbxho=
Subject key identifier: D7:58:C4:0B:AE:74:9B:40:99:1B:82:E9:40:BE:33:99:47:79:41:A6
Certificate issuer: /CN=ba23b07a3c0ac9e333f52e8b5d41a768a3d39025
Certificate serial: 019972E9B7D4FAE34610ED1DF54D2B5DE234
Authority key identifier: BA:23:B0:7A:3C:0A:C9:E3:33:F5:2E:8B:5D:41:A7:68:A3:D3:90:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/11jEC650m0CZG4LpQL4zmUd5QaY.roa
Signing time: Mon 22 Sep 2025 19:32:23 +0000
ROA not before: Mon 22 Sep 2025 19:32:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215593
IP address blocks: 2a0e:8340::/48 maxlen: 48
2a0e:8340:1::/48 maxlen: 48
2a0e:8340:2::/48 maxlen: 48
2a0e:8340:3::/48 maxlen: 48
2a0e:8340:4::/48 maxlen: 48
2a0e:8341::/32 maxlen: 32
2a0e:8342::/32 maxlen: 32
2a0e:8343::/32 maxlen: 32
2a0e:8344::/32 maxlen: 32
2a0e:8345::/32 maxlen: 32
2a0e:8346::/32 maxlen: 32
2a0e:8347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:72:e9:b7:d4:fa:e3:46:10:ed:1d:f5:4d:2b:5d:e2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba23b07a3c0ac9e333f52e8b5d41a768a3d39025
Validity
Not Before: Sep 22 19:32:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d758c40bae749b40991b82e940be3399477941a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:f5:17:1b:10:32:ba:b1:47:b5:f1:da:01:
c0:77:87:99:bb:1b:ea:5c:45:d7:96:da:47:64:cd:
d6:5a:d1:35:34:6e:22:bf:aa:3f:57:22:2f:70:6f:
72:d7:47:bd:2b:45:50:9f:00:38:7d:1e:3e:83:28:
39:c9:7b:52:37:66:06:18:8c:e3:20:d1:46:77:a1:
05:27:12:4e:75:79:ab:41:bb:7e:f4:6e:78:be:cf:
5b:98:b3:24:f7:f2:42:bc:ba:25:f8:a5:5b:a1:98:
ba:1c:e5:52:b0:2d:66:c0:f9:76:3d:e4:cf:c0:a0:
3d:38:fe:1e:3c:93:4e:1e:02:05:bc:2b:2a:82:ea:
d7:6f:7e:8a:f6:93:47:74:34:5c:28:39:a9:88:5a:
a1:9c:d6:00:0b:67:4f:e2:77:ea:fc:12:b1:95:88:
bb:5c:d8:a4:6f:b4:74:84:9a:0b:8b:27:f8:20:13:
4c:96:7a:d3:fb:77:39:d5:23:07:f7:74:f2:97:e9:
92:91:00:b5:01:29:02:53:22:fe:30:71:80:b2:6f:
99:08:5b:ee:77:7a:07:71:e7:1b:7d:cd:1c:75:86:
95:61:92:25:34:0c:91:27:5a:13:a1:43:c0:cd:51:
d9:13:85:b7:1d:8c:ea:dc:b9:c3:29:c5:3a:b0:18:
b3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:58:C4:0B:AE:74:9B:40:99:1B:82:E9:40:BE:33:99:47:79:41:A6
X509v3 Authority Key Identifier:
keyid:BA:23:B0:7A:3C:0A:C9:E3:33:F5:2E:8B:5D:41:A7:68:A3:D3:90:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/11jEC650m0CZG4LpQL4zmUd5QaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8340::-2a0e:8340:4:ffff:ffff:ffff:ffff:ffff
2a0e:8341::-2a0e:8347:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:1c:9f:fc:60:f4:38:c3:aa:c4:44:c0:95:87:1b:99:07:4b:
b9:55:58:d0:e5:ae:ea:1b:a4:2d:ef:62:00:4c:09:36:0d:d2:
1f:12:90:cd:fe:dc:e8:3c:f9:28:09:f8:d6:9c:fa:95:bb:41:
31:6b:e6:3b:b7:42:08:0c:a3:8f:86:07:3a:78:fa:aa:cd:52:
7c:a0:b5:b3:8b:9a:9a:f7:d0:af:19:fa:28:77:86:de:95:8a:
37:ac:b3:32:a7:f6:6d:d2:6b:d9:c9:bd:2e:aa:c4:98:cf:19:
e2:29:d3:87:1b:d1:b1:7c:b6:5d:fc:3d:51:2c:51:f5:7e:f4:
e5:c4:a5:07:f5:e0:c5:1d:e8:e8:93:7d:10:6f:c1:5c:42:04:
b0:9e:51:0b:91:9f:a1:ed:58:2f:bb:9c:e4:bc:52:f3:02:18:
29:3a:2a:7d:ef:4b:bd:9d:a7:b4:78:0e:8a:18:86:89:c1:59:
4f:56:95:9a:6b:fe:36:27:54:44:25:0e:39:51:2a:d4:c3:4a:
d4:1b:39:29:45:78:cf:e2:fc:90:99:f9:bd:3a:29:06:e9:e0:
30:ef:f1:c6:de:60:8f:7f:c4:28:df:fd:60:7d:61:b4:24:e3:
4a:a0:8b:43:08:b7:1f:8d:63:70:af:5e:78:89:3a:52:99:33:
2f:3d:8e:e7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZly6bfU+uNGEO0d9U0rXeI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMjNiMDdhM2MwYWM5ZTMzM2Y1MmU4YjVkNDFhNzY4YTNk
MzkwMjUwHhcNMjUwOTIyMTkzMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU4YzQwYmFlNzQ5YjQwOTkxYjgyZTk0MGJlMzM5OTQ3Nzk0MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnX1FxsQMrqxR7Xx2gHAd4eZuxvq
XEXXltpHZM3WWtE1NG4iv6o/VyIvcG9y10e9K0VQnwA4fR4+gyg5yXtSN2YGGIzj
INFGd6EFJxJOdXmrQbt+9G54vs9bmLMk9/JCvLol+KVboZi6HOVSsC1mwPl2PeTP
wKA9OP4ePJNOHgIFvCsqgurXb36K9pNHdDRcKDmpiFqhnNYAC2dP4nfq/BKxlYi7
XNikb7R0hJoLiyf4IBNMlnrT+3c51SMH93Tyl+mSkQC1ASkCUyL+MHGAsm+ZCFvu
d3oHcecbfc0cdYaVYZIlNAyRJ1oToUPAzVHZE4W3HYzq3LnDKcU6sBizjQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNdYxAuudJtAmRuC6UC+M5lHeUGmMB8GA1UdIwQY
MBaAFLojsHo8CsnjM/Uui11Bp2ij05AlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWlPd2Vqd0t5ZU16OVM2TFhVR25hS1BUa0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xMGQ1YjItODVlMy00OWVkLWJkYzEt
ODA2OWM0Njc3MWNjLzEvMTFqRUM2NTBtMENaRzRMcFFMNHptVWQ1UWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xMGQ1YjItODVlMy00OWVkLWJkYzEtODA2OWM0Njc3MWNj
LzEvdWlPd2Vqd0t5ZU16OVM2TFhVR25hS1BUa0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiMBADBQYqDoNA
AwcAKg6DQAAEMA4DBQAqDoNBAwUDKg6DQDANBgkqhkiG9w0BAQsFAAOCAQEAUxyf
/GD0OMOqxETAlYcbmQdLuVVY0OWu6hukLe9iAEwJNg3SHxKQzf7c6Dz5KAn41pz6
lbtBMWvmO7dCCAyjj4YHOnj6qs1SfKC1s4uamvfQrxn6KHeG3pWKN6yzMqf2bdJr
2cm9LqrEmM8Z4inThxvRsXy2Xfw9USxR9X705cSlB/XgxR3o6JN9EG/BXEIEsJ5R
C5Gfoe1YL7uc5LxS8wIYKToqfe9LvZ2ntHgOihiGicFZT1aVmmv+NidURCUOOVEq
1MNK1Bs5KUV4z+L8kJn5vTopBungMO/xxt5gj3/EKN/9YH1htCTjSqCLQwi3H41j
cK9eeIk6UpkzLz2O5w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:29:13 2025 by rpki-client