Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Ej0LL4eQcyaFFBbIcZGn_RdKMlM.roa
File: Ej0LL4eQcyaFFBbIcZGn_RdKMlM.roa (raw, json)
Hash identifier: 5Q9FT9y6g9k2oW+zDGUAPIzpEKHxknBC6bu78NWYNzQ=
Subject key identifier: 12:3D:0B:2F:87:90:73:26:85:14:16:C8:71:91:A7:FD:17:4A:32:53
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0198D34F453F6B717FC397505F4333E5FB96
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Ej0LL4eQcyaFFBbIcZGn_RdKMlM.roa
Signing time: Fri 22 Aug 2025 19:44:04 +0000
ROA not before: Fri 22 Aug 2025 19:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a0c:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d3:4f:45:3f:6b:71:7f:c3:97:50:5f:43:33:e5:fb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 22 19:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=123d0b2f87907326851416c87191a7fd174a3253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:67:1e:6e:a6:91:6a:9a:fe:c4:92:ac:92:
95:d1:01:ca:44:9c:60:ec:d9:67:03:8d:87:2c:f1:
de:13:6c:16:77:29:61:6d:df:c8:83:29:53:76:f2:
d5:f0:2a:c0:83:a1:28:87:94:3e:ac:9f:17:e4:94:
e1:b8:00:bf:aa:97:68:d2:08:41:4f:fa:9d:5a:ed:
9d:db:75:58:5f:4d:cd:f0:bd:c7:a1:47:6f:a6:74:
bd:fc:7c:f5:e8:3a:79:3c:d5:82:93:f6:37:e6:61:
f1:47:cd:28:42:2b:1a:24:9e:79:1c:8e:c3:1f:f3:
41:cd:5b:46:23:65:61:f9:d9:cf:8c:51:48:0e:23:
6d:ea:a2:3b:37:02:16:90:79:d7:1c:97:35:d9:51:
c8:54:0c:7f:26:ee:c6:d0:bd:01:70:f6:54:19:8d:
e5:b2:15:5d:74:7f:04:4a:dc:48:b8:d6:7f:82:d6:
ad:31:5b:55:b0:97:a5:b0:63:ba:e8:2e:41:4d:f5:
1f:77:1b:85:2e:e7:d6:8e:92:10:c3:5d:22:b1:32:
5b:19:15:f5:11:ee:b0:b1:7a:ab:ed:5d:be:3e:d3:
06:eb:35:c3:ed:bc:4c:e4:fd:9d:21:a5:11:94:e8:
a3:b7:23:87:3e:05:35:e7:75:0c:c3:c0:0a:b4:69:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3D:0B:2F:87:90:73:26:85:14:16:C8:71:91:A7:FD:17:4A:32:53
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Ej0LL4eQcyaFFBbIcZGn_RdKMlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:a9:18:cd:11:34:85:d3:d4:07:38:94:97:7a:aa:81:b2:2b:
a3:7b:98:9a:27:fc:f2:7b:b2:e6:6c:26:cf:12:1b:cf:54:16:
7e:04:e7:77:97:e4:65:0c:90:81:bd:ce:1c:33:57:08:2c:ba:
b7:5b:de:cd:3f:74:b5:78:c2:0e:0b:f3:9f:b2:c8:c3:ed:8d:
26:3f:f8:89:5f:ce:46:bf:5c:50:d1:9a:f5:92:13:8f:52:58:
e0:20:65:9d:b9:44:f5:ea:9a:cc:3d:83:db:4f:2d:72:78:cc:
86:9b:4b:06:19:3e:6c:df:f1:86:4f:d5:02:e5:02:3a:df:1c:
d5:33:fc:9d:1b:86:eb:ce:50:bc:be:6a:cf:0b:5a:29:6c:7e:
04:79:e5:ad:aa:1b:0c:1a:8d:8f:32:5e:2a:95:17:50:d4:88:
18:f3:11:44:1a:8d:95:ac:2b:e6:e7:8e:75:79:8d:ca:6f:80:
85:2d:56:9b:06:b0:7a:b7:5c:a6:8a:82:e9:2e:5f:31:f1:fc:
42:09:2e:08:f4:5a:9e:c0:91:5c:4d:fd:c7:1a:0f:9b:80:f1:
c2:3b:19:bd:e1:76:a9:de:b4:39:93:50:f9:6a:d8:48:56:bc:
12:ab:c4:a1:f5:ae:d5:12:69:61:47:3f:14:85:5b:93:cb:94:
5d:53:e4:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjTT0U/a3F/w5dQX0Mz5fuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODIyMTk0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjNkMGIyZjg3OTA3MzI2ODUxNDE2Yzg3MTkxYTdmZDE3NGEzMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsdnHm6mkWqa/sSSrJKV0QHKRJxg
7NlnA42HLPHeE2wWdylhbd/IgylTdvLV8CrAg6Eoh5Q+rJ8X5JThuAC/qpdo0ghB
T/qdWu2d23VYX03N8L3HoUdvpnS9/Hz16Dp5PNWCk/Y35mHxR80oQisaJJ55HI7D
H/NBzVtGI2Vh+dnPjFFIDiNt6qI7NwIWkHnXHJc12VHIVAx/Ju7G0L0BcPZUGY3l
shVddH8EStxIuNZ/gtatMVtVsJelsGO66C5BTfUfdxuFLufWjpIQw10isTJbGRX1
Ee6wsXqr7V2+PtMG6zXD7bxM5P2dIaURlOijtyOHPgU153UMw8AKtGlsgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBI9Cy+HkHMmhRQWyHGRp/0XSjJTMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvRWowTEw0ZVFjeWFGRkJiSWNaR25fUmRLTWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgxywDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ6kYzRE0hdPUBziUl3qqgbIro3uYmif88nuy5mwm
zxIbz1QWfgTnd5fkZQyQgb3OHDNXCCy6t1vezT90tXjCDgvzn7LIw+2NJj/4iV/O
Rr9cUNGa9ZITj1JY4CBlnblE9eqazD2D208tcnjMhptLBhk+bN/xhk/VAuUCOt8c
1TP8nRuG685QvL5qzwtaKWx+BHnlraobDBqNjzJeKpUXUNSIGPMRRBqNlawr5ueO
dXmNym+AhS1WmwawerdcpoqC6S5fMfH8QgkuCPRansCRXE39xxoPm4DxwjsZveF2
qd60OZNQ+WrYSFa8EqvEofWu1RJpYUc/FIVbk8uUXVPkAg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:00:21 2025 by rpki-client