Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/VlbvguPEwT0ZiaTTjcBDWmFtOiw.roa
File: VlbvguPEwT0ZiaTTjcBDWmFtOiw.roa (raw, json)
Hash identifier: HczSJesZd0LFeqaaNpOq8EKjH3G6DmVNW/cvNPs5ySo=
Subject key identifier: 56:56:EF:82:E3:C4:C1:3D:19:89:A4:D3:8D:C0:43:5A:61:6D:3A:2C
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0198D349C6B8FAF83D724E706AD314A29101
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/VlbvguPEwT0ZiaTTjcBDWmFtOiw.roa
Signing time: Fri 22 Aug 2025 19:38:04 +0000
ROA not before: Fri 22 Aug 2025 19:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:a800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d3:49:c6:b8:fa:f8:3d:72:4e:70:6a:d3:14:a2:91:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 22 19:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5656ef82e3c4c13d1989a4d38dc0435a616d3a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:18:12:76:d2:90:0a:0d:66:41:d8:17:61:16:
bc:80:3e:54:69:9d:6b:61:23:52:e9:60:82:77:ca:
fc:ae:0e:32:95:4a:9e:b9:45:5c:9d:81:f1:21:1c:
f0:91:84:1f:33:02:eb:5f:b4:88:84:94:b0:66:04:
9b:a9:4c:a3:73:86:b4:92:b6:de:25:6b:e6:53:46:
fd:31:e1:c6:56:07:ce:a0:9c:e6:74:da:5d:09:88:
ff:6c:30:ed:f8:41:e1:1e:22:12:94:36:87:ca:de:
a0:6c:be:9c:e5:66:82:bb:44:2c:11:ab:b8:7e:b3:
ed:ac:ba:fa:d3:8a:f0:db:d3:c3:23:84:93:fb:a8:
ca:26:96:3b:1d:2d:c4:4c:20:d2:c2:8d:25:9b:fa:
45:dd:ad:6e:fd:60:a0:ca:95:83:7a:b3:60:b5:4e:
68:9b:0c:63:ed:a4:62:06:bb:fb:fd:1f:1d:0d:7e:
d9:b6:4e:99:01:42:37:89:15:1b:9c:74:54:f7:fc:
79:f6:14:e7:e1:54:6b:04:44:8e:74:52:96:91:6d:
85:fc:b4:ea:2f:9a:55:da:ec:ad:cc:7f:05:f2:e9:
83:33:ef:80:6e:ae:98:c7:39:18:2e:51:c5:8e:c9:
bd:5b:82:b0:43:1f:13:e7:a7:0f:70:41:61:a4:62:
75:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:56:EF:82:E3:C4:C1:3D:19:89:A4:D3:8D:C0:43:5A:61:6D:3A:2C
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/VlbvguPEwT0ZiaTTjcBDWmFtOiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a800::/32
Signature Algorithm: sha256WithRSAEncryption
24:5d:f7:56:9e:89:ab:65:00:36:b9:c1:28:13:01:0e:62:e1:
08:52:aa:4b:4d:f0:78:0f:12:a0:29:74:bb:9f:0c:b1:26:5d:
5c:24:35:a0:ea:84:ab:26:df:0c:fe:19:29:c5:1b:0c:8b:33:
77:26:78:fb:31:0f:5a:a2:30:7c:41:97:9d:f4:f8:0d:20:8a:
b3:26:74:08:38:df:df:cb:56:35:85:21:7a:7d:3d:73:4b:ee:
1d:dc:ea:f8:e6:f1:a2:8f:0e:84:78:84:59:34:fb:e4:73:d8:
d0:03:bb:18:58:1e:d8:dc:87:ba:be:4a:cd:bb:cb:32:2f:76:
4d:c5:ca:ab:eb:9e:9e:46:50:a3:7c:0d:49:7a:90:a4:5f:26:
93:b9:86:98:f3:0a:a9:47:d9:2d:cd:f4:bf:66:f7:94:ac:04:
dc:02:1f:98:57:15:ee:c8:dd:92:15:8b:53:23:3a:96:6d:8a:
ff:df:de:e5:75:d6:7b:b5:20:6e:16:0f:8c:3a:c1:fc:53:c3:
08:aa:10:82:ef:22:58:f4:e2:31:c6:7d:6e:47:b0:f8:6f:b3:
53:1a:c9:f2:e1:96:51:d1:54:48:20:50:10:63:df:6d:e1:92:
af:4c:71:22:e3:6b:ac:d5:80:90:8b:ac:1c:c7:ce:d8:8d:e9:
96:5f:0e:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjTSca4+vg9ck5watMUopEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODIyMTkzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjU2ZWY4MmUzYzRjMTNkMTk4OWE0ZDM4ZGMwNDM1YTYxNmQzYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxgSdtKQCg1mQdgXYRa8gD5UaZ1r
YSNS6WCCd8r8rg4ylUqeuUVcnYHxIRzwkYQfMwLrX7SIhJSwZgSbqUyjc4a0krbe
JWvmU0b9MeHGVgfOoJzmdNpdCYj/bDDt+EHhHiISlDaHyt6gbL6c5WaCu0QsEau4
frPtrLr604rw29PDI4ST+6jKJpY7HS3ETCDSwo0lm/pF3a1u/WCgypWDerNgtU5o
mwxj7aRiBrv7/R8dDX7Ztk6ZAUI3iRUbnHRU9/x59hTn4VRrBESOdFKWkW2F/LTq
L5pV2uytzH8F8umDM++Abq6YxzkYLlHFjsm9W4KwQx8T56cPcEFhpGJ1qwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFZW74LjxME9GYmk043AQ1phbTosMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvVmxidmd1UEV3VDBaaWFUVGpjQkRXbUZ0T2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmoADAN
BgkqhkiG9w0BAQsFAAOCAQEAJF33Vp6Jq2UANrnBKBMBDmLhCFKqS03weA8SoCl0
u58MsSZdXCQ1oOqEqybfDP4ZKcUbDIszdyZ4+zEPWqIwfEGXnfT4DSCKsyZ0CDjf
38tWNYUhen09c0vuHdzq+Obxoo8OhHiEWTT75HPY0AO7GFge2NyHur5KzbvLMi92
TcXKq+uenkZQo3wNSXqQpF8mk7mGmPMKqUfZLc30v2b3lKwE3AIfmFcV7sjdkhWL
UyM6lm2K/9/e5XXWe7UgbhYPjDrB/FPDCKoQgu8iWPTiMcZ9bkew+G+zUxrJ8uGW
UdFUSCBQEGPfbeGSr0xxIuNrrNWAkIusHMfO2I3pll8ORg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:41:49 2025 by rpki-client