Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sPOrY5QZw05wtZqjOmcPJxxNH1M.roa
File: sPOrY5QZw05wtZqjOmcPJxxNH1M.roa (raw, json)
Hash identifier: mEv22PsIL+19AjiIf+57cbc9L5IztRFvvnP5Tk0/Ms8=
Subject key identifier: B0:F3:AB:63:94:19:C3:4E:70:B5:9A:A3:3A:67:0F:27:1C:4D:1F:53
Certificate issuer: /CN=b1cdc26d44eaf85654481e9581043e14887765b4
Certificate serial: 0197A107624E6DA388C3E3C70FAD87AF3EB9
Authority key identifier: B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sPOrY5QZw05wtZqjOmcPJxxNH1M.roa
Signing time: Tue 24 Jun 2025 08:21:45 +0000
ROA not before: Tue 24 Jun 2025 08:21:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215185
IP address blocks: 2a0e:c5c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:07:62:4e:6d:a3:88:c3:e3:c7:0f:ad:87:af:3e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1cdc26d44eaf85654481e9581043e14887765b4
Validity
Not Before: Jun 24 08:21:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0f3ab639419c34e70b59aa33a670f271c4d1f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b6:ad:65:57:20:48:6e:d1:e8:df:dc:c6:de:
94:6e:26:45:80:a0:d5:f1:19:16:7d:9b:72:e8:27:
6e:94:b0:72:cf:9c:bc:e4:24:8c:4e:ef:31:17:06:
ff:72:ea:38:03:ed:13:39:14:9a:f8:f7:35:d7:f3:
ef:37:f6:77:c3:ef:b3:0d:57:28:15:4b:fd:f7:ca:
43:a0:b6:08:b7:0d:52:1e:66:95:a1:38:ad:44:2e:
2c:39:79:1d:29:20:f2:ab:73:4a:be:6d:47:a8:a4:
17:b1:55:a1:ce:9a:0c:d9:70:87:2e:0b:d9:0e:a5:
fd:a4:f8:25:d1:75:7a:b9:59:e1:22:07:0d:02:13:
81:ba:9d:7d:32:48:a5:dc:b4:9c:8a:d5:64:63:77:
94:2d:d3:d2:29:73:40:49:57:7a:a4:69:5d:ce:0b:
ac:ec:b4:00:d8:cc:4d:28:f7:91:b3:0c:d3:52:2d:
19:23:41:39:22:5c:4b:cd:33:28:9b:7c:34:0c:09:
8f:2a:d1:f5:2b:bf:54:9d:39:71:ef:38:e3:1d:f0:
05:5b:f1:03:e4:6e:b2:44:72:20:ba:05:93:af:37:
0c:d9:2a:f5:0b:0f:6b:69:85:c6:ed:9e:d2:f0:ca:
8f:8b:bb:1f:75:a8:08:e9:52:0d:8a:a0:21:86:24:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F3:AB:63:94:19:C3:4E:70:B5:9A:A3:3A:67:0F:27:1C:4D:1F:53
X509v3 Authority Key Identifier:
keyid:B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sPOrY5QZw05wtZqjOmcPJxxNH1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c5c1::/48
Signature Algorithm: sha256WithRSAEncryption
30:5a:46:14:ae:28:0b:a3:2b:1b:f3:9b:6a:a6:91:0d:b5:02:
31:5a:66:ca:38:4d:30:3d:28:77:20:87:4b:0b:af:a8:50:77:
b2:7b:4f:3a:fa:91:94:b9:eb:6a:6c:6f:c9:4a:c5:c4:04:d2:
79:38:20:1b:d1:fc:57:9d:52:d5:50:93:1f:12:97:c9:fb:e7:
5a:cf:94:73:06:72:95:61:b2:7a:34:a6:0f:b6:96:ca:4b:c6:
6e:67:41:eb:fa:1e:66:de:71:ca:76:e5:4d:11:80:e1:18:59:
f5:cf:e1:75:cc:b1:cf:3b:ba:0a:31:1a:bb:c3:c4:29:71:f1:
d0:e1:b7:38:38:3d:ce:6c:a8:67:b0:96:41:94:f3:65:47:7a:
a4:2a:ef:32:20:4a:60:0a:bb:f4:6e:c4:d4:0f:f6:08:91:66:
5b:df:25:90:e9:a6:de:26:f6:c6:6d:b1:e0:8b:9c:8f:5b:3a:
08:29:aa:6b:01:e3:39:00:9d:f4:2a:6d:05:dc:18:53:b3:56:
0e:05:7d:f5:6d:f1:8c:df:e1:75:27:b6:ff:cd:3e:a3:54:71:
61:27:94:d3:6a:5a:41:7e:66:8b:1b:20:8c:97:3e:e4:19:6b:
0e:90:04:53:24:cd:81:a3:2e:6a:51:a9:e1:2c:ef:f9:e2:3f:
7b:54:9b:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZehB2JObaOIw+PHD62Hrz65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxY2RjMjZkNDRlYWY4NTY1NDQ4MWU5NTgxMDQzZTE0ODg3
NzY1YjQwHhcNMjUwNjI0MDgyMTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYzYWI2Mzk0MTljMzRlNzBiNTlhYTMzYTY3MGYyNzFjNGQxZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLatZVcgSG7R6N/cxt6UbiZFgKDV
8RkWfZty6CdulLByz5y85CSMTu8xFwb/cuo4A+0TORSa+Pc11/PvN/Z3w++zDVco
FUv998pDoLYItw1SHmaVoTitRC4sOXkdKSDyq3NKvm1HqKQXsVWhzpoM2XCHLgvZ
DqX9pPgl0XV6uVnhIgcNAhOBup19Mkil3LScitVkY3eULdPSKXNASVd6pGldzgus
7LQA2MxNKPeRswzTUi0ZI0E5IlxLzTMom3w0DAmPKtH1K79UnTlx7zjjHfAFW/ED
5G6yRHIgugWTrzcM2Sr1Cw9raYXG7Z7S8MqPi7sfdagI6VINiqAhhiRvJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLDzq2OUGcNOcLWaozpnDyccTR9TMB8GA1UdIwQY
MBaAFLHNwm1E6vhWVEgelYEEPhSId2W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjIt
OGY5Y2EwZWJjY2FiLzEvc1BPclk1UVp3MDV3dFpxak9tY1BKeHhOSDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjItOGY5Y2EwZWJjY2Fi
LzEvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7FwQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwWkYUrigLoysb85tqppENtQIxWmbKOE0wPSh3
IIdLC6+oUHeye086+pGUuetqbG/JSsXEBNJ5OCAb0fxXnVLVUJMfEpfJ++daz5Rz
BnKVYbJ6NKYPtpbKS8ZuZ0Hr+h5m3nHKduVNEYDhGFn1z+F1zLHPO7oKMRq7w8Qp
cfHQ4bc4OD3ObKhnsJZBlPNlR3qkKu8yIEpgCrv0bsTUD/YIkWZb3yWQ6abeJvbG
bbHgi5yPWzoIKaprAeM5AJ30Km0F3BhTs1YOBX31bfGM3+F1J7b/zT6jVHFhJ5TT
alpBfmaLGyCMlz7kGWsOkARTJM2Boy5qUanhLO/54j97VJty
-----END CERTIFICATE-----
Generated at Thu Jul 3 01:02:52 2025 by rpki-client