Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/0p2Ai41QAkiuowMq0GAz8EkQoms.roa
File: 0p2Ai41QAkiuowMq0GAz8EkQoms.roa (raw, json)
Hash identifier: u5a1iu//wfileSSCp/aIHv0SVKe0+GnXJmUcn45NA9U=
Subject key identifier: D2:9D:80:8B:8D:50:02:48:AE:A3:03:2A:D0:60:33:F0:49:10:A2:6B
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0198CBAE72AEC2C1EBA4B8C0575582775C76
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/0p2Ai41QAkiuowMq0GAz8EkQoms.roa
Signing time: Thu 21 Aug 2025 08:11:04 +0000
ROA not before: Thu 21 Aug 2025 08:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205987
IP address blocks: 2a06:b441::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:ae:72:ae:c2:c1:eb:a4:b8:c0:57:55:82:77:5c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 21 08:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d29d808b8d500248aea3032ad06033f04910a26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d8:a8:c0:64:e1:49:b0:7a:7a:23:4d:af:cf:
71:9c:f7:a6:3f:fc:12:d8:06:4b:86:9a:77:ac:e3:
a4:3b:b7:4c:a7:d3:a7:5b:5f:9e:57:8d:28:de:06:
15:09:f8:f3:eb:dd:36:15:e6:5c:ad:8b:af:1b:0f:
4d:52:4f:2a:1a:0e:39:03:79:a4:d6:70:f8:b3:54:
5b:97:b8:12:e6:f1:15:1a:c0:74:6b:3d:73:57:f2:
a8:53:80:ef:d2:cc:0a:14:5a:33:d2:5c:62:c3:92:
7f:9e:7e:76:f7:91:fa:bc:ba:76:fe:38:dc:d1:82:
5b:77:53:21:20:55:fb:f2:f7:31:04:2a:11:fe:50:
2d:ec:25:f7:52:5a:8a:ee:2f:0b:67:c7:e6:2f:b3:
d2:d5:28:1a:e3:8d:b7:a9:1a:97:c7:52:e7:6a:37:
ac:b4:d1:ed:5b:45:46:b6:13:20:19:59:6c:a6:80:
d8:3f:d3:26:80:c3:1d:c8:30:a6:49:c2:e7:0d:c1:
c1:b2:78:d6:3d:2f:c4:f8:f5:db:a6:3b:e1:f1:7b:
1d:24:ff:1f:ce:c8:98:ef:07:46:88:0e:58:f4:41:
2b:d8:1a:d9:8c:1f:23:b8:59:f6:02:ad:0a:7e:4b:
4d:10:00:33:ae:f7:5c:87:15:60:d6:be:18:8f:2b:
c5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9D:80:8B:8D:50:02:48:AE:A3:03:2A:D0:60:33:F0:49:10:A2:6B
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/0p2Ai41QAkiuowMq0GAz8EkQoms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b441::/32
Signature Algorithm: sha256WithRSAEncryption
8f:f0:2e:69:e4:6c:5c:ae:91:f2:53:ab:14:a5:c7:41:92:53:
98:57:c5:9e:38:2b:d2:44:76:8a:f9:bb:62:43:8b:ca:de:2b:
8f:a5:68:27:21:8d:49:23:0e:f4:75:cc:02:45:6b:1e:87:39:
f8:5b:86:51:8f:0b:3a:9f:c5:b8:44:7c:93:00:5a:4c:41:c1:
37:73:e9:c8:64:8a:86:ed:86:c5:09:c9:a3:34:cf:2a:65:90:
5d:ac:de:e6:8c:8a:9b:f0:95:95:ad:73:cd:2e:fe:66:ed:2b:
06:28:3f:0f:65:6c:36:80:0e:14:20:50:a0:6a:df:6d:77:82:
12:6b:0c:c3:13:7c:a4:d2:88:d2:62:41:1d:fe:b3:c1:ee:34:
a9:c2:dc:e0:88:78:45:d1:cc:da:0e:55:bd:3c:ec:3b:7b:ef:
7e:c6:45:b4:ae:17:f5:5d:aa:47:a4:ed:81:35:00:75:48:70:
02:3b:a3:71:64:50:ec:12:15:55:74:c9:00:97:49:8d:1a:e5:
1c:3f:0f:a5:2f:82:cb:f9:cc:6b:0b:a6:f5:f5:33:db:50:39:
93:31:6e:59:af:43:fb:5b:f9:ff:b2:fb:34:a3:2d:a1:72:b7:
48:17:d1:ca:33:ed:08:6e:9e:20:58:79:0b:d4:56:a4:58:04:
cc:01:de:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjLrnKuwsHrpLjAV1WCd1x2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwODIxMDgxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjlkODA4YjhkNTAwMjQ4YWVhMzAzMmFkMDYwMzNmMDQ5MTBhMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNiowGThSbB6eiNNr89xnPemP/wS
2AZLhpp3rOOkO7dMp9OnW1+eV40o3gYVCfjz6902FeZcrYuvGw9NUk8qGg45A3mk
1nD4s1Rbl7gS5vEVGsB0az1zV/KoU4Dv0swKFFoz0lxiw5J/nn5295H6vLp2/jjc
0YJbd1MhIFX78vcxBCoR/lAt7CX3UlqK7i8LZ8fmL7PS1Sga4423qRqXx1Lnajes
tNHtW0VGthMgGVlspoDYP9MmgMMdyDCmScLnDcHBsnjWPS/E+PXbpjvh8XsdJP8f
zsiY7wdGiA5Y9EEr2BrZjB8juFn2Aq0KfktNEAAzrvdchxVg1r4YjyvFlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNKdgIuNUAJIrqMDKtBgM/BJEKJrMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMHAyQWk0MVFBa2l1b3dNcTBHQXo4RWtRb21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKga0QTAN
BgkqhkiG9w0BAQsFAAOCAQEAj/AuaeRsXK6R8lOrFKXHQZJTmFfFnjgr0kR2ivm7
YkOLyt4rj6VoJyGNSSMO9HXMAkVrHoc5+FuGUY8LOp/FuER8kwBaTEHBN3PpyGSK
hu2GxQnJozTPKmWQXaze5oyKm/CVla1zzS7+Zu0rBig/D2VsNoAOFCBQoGrfbXeC
EmsMwxN8pNKI0mJBHf6zwe40qcLc4Ih4RdHM2g5VvTzsO3vvfsZFtK4X9V2qR6Tt
gTUAdUhwAjujcWRQ7BIVVXTJAJdJjRrlHD8PpS+Cy/nMawum9fUz21A5kzFuWa9D
+1v5/7L7NKMtoXK3SBfRyjPtCG6eIFh5C9RWpFgEzAHe8Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:17:38 2025 by rpki-client