Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/6Z91pEQIiDn1LmdUBMYsbGOujqE.roa
File: 6Z91pEQIiDn1LmdUBMYsbGOujqE.roa (raw, json)
Hash identifier: mfhTSMOtoWe92eSIpzgh+bNLhjFh1xQ1OWKgtl4h5MM=
Subject key identifier: E9:9F:75:A4:44:08:88:39:F5:2E:67:54:04:C6:2C:6C:63:AE:8E:A1
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01978676369749D18ECD3B8D587AFC1B0065
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/6Z91pEQIiDn1LmdUBMYsbGOujqE.roa
Signing time: Thu 19 Jun 2025 04:33:03 +0000
ROA not before: Thu 19 Jun 2025 04:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 2a0d:d940:11::/48 maxlen: 48
2a0d:d940:100::/40 maxlen: 40
2a0d:d940:9002::/48 maxlen: 48
2a0d:d940:9007::/48 maxlen: 48
2a0d:d940:9008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 21:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:86:76:36:97:49:d1:8e:cd:3b:8d:58:7a:fc:1b:00:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jun 19 04:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e99f75a444088839f52e675404c62c6c63ae8ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:fd:49:12:b6:3c:0c:b4:bc:93:e0:d4:63:cb:
9b:3f:35:36:27:8b:9a:4a:7f:97:04:eb:3f:ce:e7:
cd:d0:4f:99:cc:60:e2:a4:5f:ee:90:e1:4f:f2:19:
0a:7b:a0:10:2a:2c:d9:73:2d:13:af:a7:1b:12:39:
fd:ce:cb:11:8e:c9:63:96:34:2f:a3:b2:af:04:1d:
28:bf:02:2c:92:36:04:b6:dd:78:c6:65:1a:9c:bd:
cf:32:4f:c6:7b:dd:1f:ac:d4:84:d0:82:24:18:e5:
3a:63:e6:63:26:ab:c9:eb:85:7d:a6:c1:1a:c6:0f:
1c:0c:73:f8:17:0a:e8:c8:68:86:c8:5e:10:71:31:
16:fc:d0:a7:6a:cc:c1:6e:c7:8f:61:3f:80:7a:7f:
d6:ef:6e:a0:7d:06:79:2b:7a:7b:c7:9c:18:e7:61:
15:6a:59:bf:32:5b:10:1c:00:f6:fc:55:40:89:de:
49:3f:12:59:c4:09:7b:8e:ee:ac:a5:02:71:5f:ea:
79:40:b1:56:f0:48:41:18:7c:31:1f:2c:75:73:1c:
c4:30:99:2e:d3:b6:d8:da:a8:6e:d5:9b:5c:71:d0:
a8:f7:26:c8:81:2a:4d:b9:df:f6:cc:80:c4:d6:7c:
58:60:6f:8a:5c:4b:e5:fb:1a:aa:22:6e:86:87:30:
90:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9F:75:A4:44:08:88:39:F5:2E:67:54:04:C6:2C:6C:63:AE:8E:A1
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/6Z91pEQIiDn1LmdUBMYsbGOujqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:11::/48
2a0d:d940:100::/40
2a0d:d940:9002::/48
2a0d:d940:9007::-2a0d:d940:9008:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:f6:b5:17:53:f1:bd:5e:df:77:ac:55:9a:a8:02:ff:e2:e9:
98:d1:cc:da:64:c3:b2:42:fd:69:b6:b8:3f:f1:85:6f:e2:0d:
99:2f:42:74:12:04:3c:cd:46:08:fa:1d:de:86:db:8d:0c:11:
2c:aa:1e:bb:71:26:a0:61:0c:08:c7:e1:1b:53:94:e6:bc:6f:
cb:aa:ca:f8:4a:7a:b4:e4:36:08:7f:c5:2d:ff:33:92:4f:bf:
7c:f3:32:11:62:e4:56:88:a9:eb:69:89:af:b3:4e:66:49:2a:
ab:7b:c1:56:b0:76:23:cb:6e:1b:9d:ca:85:55:ae:3e:c5:71:
2c:c1:7e:78:a2:89:65:da:88:08:a1:da:e0:d1:95:30:55:a6:
8a:f3:2a:2e:3c:08:c2:b3:7a:e2:6a:5e:4a:fe:20:9c:b9:2b:
6f:49:6d:82:a2:b2:6a:cc:aa:f5:9d:3f:7d:48:20:24:e1:8f:
31:ad:f1:2c:4c:38:36:d5:3c:49:3b:72:bd:6a:6d:e2:01:82:
a6:b4:53:53:85:8b:9b:ac:18:bc:00:94:38:44:17:99:f4:92:
c1:ae:40:c1:9a:52:e1:98:cd:a1:8b:da:3b:11:01:34:7d:78:
30:80:97:e5:63:69:f2:d6:7e:41:84:f8:fb:de:d5:fa:b7:91:
d2:68:cf:2a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZeGdjaXSdGOzTuNWHr8GwBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNjE5MDQzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTlmNzVhNDQ0MDg4ODM5ZjUyZTY3NTQwNGM2MmM2YzYzYWU4ZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6P1JErY8DLS8k+DUY8ubPzU2J4ua
Sn+XBOs/zufN0E+ZzGDipF/ukOFP8hkKe6AQKizZcy0Tr6cbEjn9zssRjsljljQv
o7KvBB0ovwIskjYEtt14xmUanL3PMk/Ge90frNSE0IIkGOU6Y+ZjJqvJ64V9psEa
xg8cDHP4FwroyGiGyF4QcTEW/NCnaszBbsePYT+Aen/W726gfQZ5K3p7x5wY52EV
alm/MlsQHAD2/FVAid5JPxJZxAl7ju6spQJxX+p5QLFW8EhBGHwxHyx1cxzEMJku
07bY2qhu1ZtccdCo9ybIgSpNud/2zIDE1nxYYG+KXEvl+xqqIm6GhzCQTwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOmfdaRECIg59S5nVATGLGxjro6hMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvNlo5MXBFUUlpRG4xTG1kVUJNWXNiR091anFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcAKg3ZQAAR
AwYAKg3ZQAEDBwAqDdlAkAIwEgMHACoN2UCQBwMHACoN2UCQCDANBgkqhkiG9w0B
AQsFAAOCAQEAZva1F1PxvV7fd6xVmqgC/+LpmNHM2mTDskL9aba4P/GFb+INmS9C
dBIEPM1GCPod3obbjQwRLKoeu3EmoGEMCMfhG1OU5rxvy6rK+Ep6tOQ2CH/FLf8z
kk+/fPMyEWLkVoip62mJr7NOZkkqq3vBVrB2I8tuG53KhVWuPsVxLMF+eKKJZdqI
CKHa4NGVMFWmivMqLjwIwrN64mpeSv4gnLkrb0ltgqKyasyq9Z0/fUggJOGPMa3x
LEw4NtU8STtyvWpt4gGCprRTU4WLm6wYvACUOEQXmfSSwa5AwZpS4ZjNoYvaOxEB
NH14MICX5WNp8tZ+QYT4+97V+reR0mjPKg==
-----END CERTIFICATE-----
Generated at Wed Jul 2 03:26:25 2025 by rpki-client