Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/5YXlOnC7KCTj7UzlNZlOxZvAU2A.roa
File: 5YXlOnC7KCTj7UzlNZlOxZvAU2A.roa (raw, json)
Hash identifier: T7MnY/lemIb/NM4Aol+M9yTWYUELeSP5U5PUK8QCRLE=
Subject key identifier: E5:85:E5:3A:70:BB:28:24:E3:ED:4C:E5:35:99:4E:C5:9B:C0:53:60
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0198B77B8D6A9A1357DAC1710041FE6AF1A8
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/5YXlOnC7KCTj7UzlNZlOxZvAU2A.roa
Signing time: Sun 17 Aug 2025 10:03:04 +0000
ROA not before: Sun 17 Aug 2025 10:03:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1a::/48 maxlen: 48
2a0d:d940:1b::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
2a0d:d940:9009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:7b:8d:6a:9a:13:57:da:c1:71:00:41:fe:6a:f1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Aug 17 10:03:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e585e53a70bb2824e3ed4ce535994ec59bc05360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f0:07:a6:71:69:53:0b:89:91:2f:fa:bc:36:
7d:3b:75:4e:d3:99:81:18:8e:66:5d:a7:a4:55:3e:
ee:52:7e:e8:c1:82:b9:4b:28:0c:55:c8:5e:d0:46:
d5:ad:12:f4:0f:10:83:53:c6:db:b3:91:6f:78:41:
09:f3:0b:9d:2e:b2:29:df:1f:7c:76:72:0b:e6:8c:
96:47:4b:8a:b5:1c:dd:9e:b0:c0:14:92:a7:be:2c:
87:df:f2:af:90:b1:f1:f0:4f:aa:53:bf:f1:6b:ef:
fe:24:ad:83:a0:31:46:56:59:2e:1b:28:e1:f6:f7:
7c:ad:f3:7d:f0:fc:dd:57:bf:48:59:c5:21:7d:e6:
99:8b:c3:f7:02:dc:89:43:64:62:f7:48:07:7d:cd:
08:54:a0:c2:db:a8:28:48:1d:f8:42:51:77:09:bf:
c8:7b:3d:6e:2d:ca:41:f9:fe:df:6e:b5:98:79:51:
47:7f:77:e0:30:7e:8e:ff:cf:f9:70:5e:8b:12:5b:
a1:f7:72:f8:34:07:4a:2a:05:51:b2:b8:85:89:43:
43:35:63:50:03:26:e1:c8:48:f3:7a:59:67:c9:cb:
61:8c:6e:6a:53:ba:17:a2:0f:5f:1e:7b:5b:80:b8:
40:61:21:f9:93:73:22:3c:92:b9:9b:21:ef:3e:63:
7b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:85:E5:3A:70:BB:28:24:E3:ED:4C:E5:35:99:4E:C5:9B:C0:53:60
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/5YXlOnC7KCTj7UzlNZlOxZvAU2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::/46
2a0d:d940:1f00::/40
2a0d:d940:9009::/48
Signature Algorithm: sha256WithRSAEncryption
0c:bf:70:d1:48:72:70:f6:b8:c9:36:b4:c0:2b:a2:d7:bb:3a:
eb:fb:d0:da:f3:8b:39:fc:d1:1e:cb:36:82:2f:26:28:19:8e:
16:cb:da:60:85:28:f9:67:b0:85:d5:2b:06:ff:56:a4:95:1c:
16:9b:82:6a:39:77:82:37:c7:e7:90:91:91:47:32:ba:fd:5d:
32:27:c3:6b:12:98:33:f6:45:4d:c1:b3:95:42:e5:33:38:e7:
c0:c3:28:a5:1b:9a:d3:43:d6:ae:38:99:85:e5:55:0c:aa:8a:
bc:34:fe:dc:de:0d:6f:97:33:13:4d:a4:17:f4:02:d6:38:7f:
fa:63:a8:d4:4c:51:57:01:9a:2e:7d:0d:4f:8c:16:eb:ed:c7:
f5:1c:2a:4c:f7:4a:3b:02:cf:cd:22:89:27:2a:41:2d:dd:1e:
0a:fe:33:a4:17:06:41:86:d9:0a:a9:22:6b:d7:8b:f5:42:be:
3d:f8:cf:09:33:5e:c2:75:15:e2:d8:c4:52:81:f1:27:99:66:
b9:46:99:97:32:dd:e9:6b:34:5c:f4:bd:39:dd:3a:46:b2:0b:
9a:21:14:7c:7f:04:f7:ee:b0:9e:b1:89:d0:45:18:dd:69:2a:
1a:4e:08:dc:06:31:ec:2f:27:92:73:62:5c:22:bf:f9:80:9c:
ae:ce:48:24
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZi3e41qmhNX2sFxAEH+avGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwODE3MTAwMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg1ZTUzYTcwYmIyODI0ZTNlZDRjZTUzNTk5NGVjNTliYzA1MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvAHpnFpUwuJkS/6vDZ9O3VO05mB
GI5mXaekVT7uUn7owYK5SygMVche0EbVrRL0DxCDU8bbs5FveEEJ8wudLrIp3x98
dnIL5oyWR0uKtRzdnrDAFJKnviyH3/KvkLHx8E+qU7/xa+/+JK2DoDFGVlkuGyjh
9vd8rfN98PzdV79IWcUhfeaZi8P3AtyJQ2Ri90gHfc0IVKDC26goSB34QlF3Cb/I
ez1uLcpB+f7fbrWYeVFHf3fgMH6O/8/5cF6LEluh93L4NAdKKgVRsriFiUNDNWNQ
AybhyEjzellnycthjG5qU7oXog9fHntbgLhAYSH5k3MiPJK5myHvPmN7WwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFOWF5Tpwuygk4+1M5TWZTsWbwFNgMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvNVlYbE9uQzdLQ1RqN1V6bE5abE94WnZBVTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAAjA3AwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBwIqDdlAABgDBgAqDdlAHwMHACoN2UCQCTAN
BgkqhkiG9w0BAQsFAAOCAQEADL9w0UhycPa4yTa0wCui17s66/vQ2vOLOfzRHss2
gi8mKBmOFsvaYIUo+WewhdUrBv9WpJUcFpuCajl3gjfH55CRkUcyuv1dMifDaxKY
M/ZFTcGzlULlMzjnwMMopRua00PWrjiZheVVDKqKvDT+3N4Nb5czE02kF/QC1jh/
+mOo1ExRVwGaLn0NT4wW6+3H9RwqTPdKOwLPzSKJJypBLd0eCv4zpBcGQYbZCqki
a9eL9UK+PfjPCTNewnUV4tjEUoHxJ5lmuUaZlzLd6Ws0XPS9Od06RrILmiEUfH8E
9+6wnrGJ0EUY3WkqGk4I3AYx7C8nknNiXCK/+YCcrs5IJA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:42:21 2025 by rpki-client