Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/J-tMpk5WYUX1K1Qmuu6Ph_YR8jI.roa
File: J-tMpk5WYUX1K1Qmuu6Ph_YR8jI.roa (raw, json)
Hash identifier: syGXPnVZkPmCP6scK/qrH242HNGAM2IMBeBWZO7dNhw=
Subject key identifier: 27:EB:4C:A6:4E:56:61:45:F5:2B:54:26:BA:EE:8F:87:F6:11:F2:32
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0197A8C91F7C179566AECB4714A6F0619073
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/J-tMpk5WYUX1K1Qmuu6Ph_YR8jI.roa
Signing time: Wed 25 Jun 2025 20:30:42 +0000
ROA not before: Wed 25 Jun 2025 20:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a09:2985::/32 maxlen: 32
2a09:af81::/32 maxlen: 32
2a09:af82::/32 maxlen: 32
2a09:d701::/32 maxlen: 32
2a09:d702::/32 maxlen: 32
2a09:dd01::/32 maxlen: 32
2a09:dd02::/32 maxlen: 32
2a09:e301::/32 maxlen: 32
2a09:ef00::/32 maxlen: 32
2a14:a404::/32 maxlen: 32
2a14:a407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:c9:1f:7c:17:95:66:ae:cb:47:14:a6:f0:61:90:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Jun 25 20:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27eb4ca64e566145f52b5426baee8f87f611f232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:77:2b:b5:c0:19:f1:48:41:87:bb:34:0e:
89:20:23:5c:2f:5b:43:fa:1a:37:17:8a:b7:ca:b5:
04:49:6f:b5:58:ed:b1:06:05:d0:d0:b5:9c:d8:ae:
8b:af:4f:80:5a:cd:15:54:11:07:af:71:d0:d4:fa:
5d:25:ba:f0:55:f2:46:ea:08:ad:e4:4b:ae:d8:0c:
da:c8:b7:02:a4:24:a5:78:8d:c3:98:f9:71:17:9c:
46:79:c8:24:2f:f1:5a:fe:9d:bf:51:49:ca:80:2a:
5a:6a:19:1d:41:e2:96:69:14:13:44:29:91:10:b6:
b5:9a:d6:bb:51:a5:21:f8:48:1e:b9:ee:18:12:41:
34:56:c0:aa:76:fd:d4:00:4c:9a:5f:e8:de:79:7a:
74:0f:ba:de:4e:99:0e:13:fe:40:16:db:a7:44:86:
01:a1:59:13:bd:b3:ff:b3:c1:a1:fd:1d:e3:67:6c:
8d:18:a5:63:64:64:e2:21:8b:7b:8f:71:73:59:7b:
5c:84:59:c9:87:91:56:3e:a0:fc:dd:da:35:85:a7:
99:d6:a3:5e:a2:ee:86:ec:ba:4e:5b:97:b8:ca:7d:
f3:50:6d:ae:3c:82:ef:8c:ae:7c:e7:a5:ce:53:bf:
4e:3b:02:04:dd:d5:d7:ff:d8:47:a3:48:ad:46:c5:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:EB:4C:A6:4E:56:61:45:F5:2B:54:26:BA:EE:8F:87:F6:11:F2:32
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/J-tMpk5WYUX1K1Qmuu6Ph_YR8jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2985::/32
2a09:af81::-2a09:af82:ffff:ffff:ffff:ffff:ffff:ffff
2a09:d701::-2a09:d702:ffff:ffff:ffff:ffff:ffff:ffff
2a09:dd01::-2a09:dd02:ffff:ffff:ffff:ffff:ffff:ffff
2a09:e301::/32
2a09:ef00::/32
2a14:a404::/32
2a14:a407::/32
Signature Algorithm: sha256WithRSAEncryption
0d:ff:44:53:44:34:48:61:6f:24:01:99:94:a9:7d:a8:97:22:
ee:f8:d1:53:21:2c:dd:d8:ba:88:fa:08:bb:38:99:a4:ba:87:
9c:1d:71:c0:58:f6:2f:00:0e:98:db:30:7e:7a:09:1c:d3:ef:
c3:5b:39:13:dd:95:3f:47:c4:b1:f7:b9:41:1c:a0:8b:56:61:
aa:8a:2b:59:56:f7:13:6c:13:54:2d:10:9c:f3:a1:17:32:89:
a3:0d:f9:ed:b5:27:da:8f:97:06:52:e0:ad:bf:ee:ba:d9:47:
98:92:01:33:9e:a7:74:9c:88:16:e0:8b:fc:e0:dd:fa:5a:8a:
ed:77:c2:3a:7a:04:f4:13:07:d3:04:9d:22:86:c7:86:b1:38:
65:50:a1:db:b6:7b:44:34:e4:2e:b0:5e:1b:fa:71:0b:a4:c1:
3f:b2:d9:9e:a5:dc:12:e2:ce:c7:7f:61:51:8f:4d:48:e3:b6:
e7:05:a1:08:07:1e:a5:04:3e:bd:a6:e9:4d:6b:27:59:2a:c5:
97:15:a5:05:21:59:91:18:9e:0f:ed:56:a0:53:80:f6:65:46:
f2:44:22:05:47:25:df:a6:f2:84:94:07:d2:36:0e:db:27:2e:
2f:b0:9f:9c:2e:0a:5d:fe:43:01:26:c2:f1:a7:cc:d4:d4:75:
0e:d9:f4:40
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZeoyR98F5VmrstHFKbwYZBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwNjI1MjAzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2ViNGNhNjRlNTY2MTQ1ZjUyYjU0MjZiYWVlOGY4N2Y2MTFmMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Z3K7XAGfFIQYe7NA6JICNcL1tD
+ho3F4q3yrUESW+1WO2xBgXQ0LWc2K6Lr0+AWs0VVBEHr3HQ1PpdJbrwVfJG6git
5Euu2AzayLcCpCSleI3DmPlxF5xGecgkL/Fa/p2/UUnKgCpaahkdQeKWaRQTRCmR
ELa1mta7UaUh+Egeue4YEkE0VsCqdv3UAEyaX+jeeXp0D7reTpkOE/5AFtunRIYB
oVkTvbP/s8Gh/R3jZ2yNGKVjZGTiIYt7j3FzWXtchFnJh5FWPqD83do1haeZ1qNe
ou6G7LpOW5e4yn3zUG2uPILvjK5856XOU79OOwIE3dXX/9hHo0itRsVDbQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFCfrTKZOVmFF9StUJrruj4f2EfIyMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvSi10TXBrNVdZVVgxSzFRbXV1NlBoX1lSOGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTAwUAKgkphTAO
AwUAKgmvgQMFACoJr4IwDgMFACoJ1wEDBQAqCdcCMA4DBQAqCd0BAwUAKgndAgMF
ACoJ4wEDBQAqCe8AAwUAKhSkBAMFACoUpAcwDQYJKoZIhvcNAQELBQADggEBAA3/
RFNENEhhbyQBmZSpfaiXIu740VMhLN3Yuoj6CLs4maS6h5wdccBY9i8ADpjbMH56
CRzT78NbORPdlT9HxLH3uUEcoItWYaqKK1lW9xNsE1QtEJzzoRcyiaMN+e21J9qP
lwZS4K2/7rrZR5iSATOep3SciBbgi/zg3fpaiu13wjp6BPQTB9MEnSKGx4axOGVQ
odu2e0Q05C6wXhv6cQukwT+y2Z6l3BLizsd/YVGPTUjjtucFoQgHHqUEPr2m6U1r
J1kqxZcVpQUhWZEYng/tVqBTgPZlRvJEIgVHJd+m8oSUB9I2DtsnLi+wn5wuCl3+
QwEmwvGnzNTUdQ7Z9EA=
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:15:21 2025 by rpki-client