Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/5BPtNrEhH9Rw1aJqmYEkCzXkQjY.roa
File: 5BPtNrEhH9Rw1aJqmYEkCzXkQjY.roa (raw, json)
Hash identifier: qBma49p0UmV3mrUVRqrsoQSZBl3jQDEOljuj/i+uqbI=
Subject key identifier: E4:13:ED:36:B1:21:1F:D4:70:D5:A2:6A:99:81:24:0B:35:E4:42:36
Certificate issuer: /CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Certificate serial: 0197B074EEF37D4A518F4F68ADE0B4DB97D6
Authority key identifier: F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/5BPtNrEhH9Rw1aJqmYEkCzXkQjY.roa
Signing time: Fri 27 Jun 2025 08:15:42 +0000
ROA not before: Fri 27 Jun 2025 08:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207510
IP address blocks: 2a14:d100:f001::/48 maxlen: 48
2a14:d100:f010::/48 maxlen: 48
2a14:d100:f011::/48 maxlen: 48
2a14:d100:f012::/48 maxlen: 48
2a14:d107::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:74:ee:f3:7d:4a:51:8f:4f:68:ad:e0:b4:db:97:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Validity
Not Before: Jun 27 08:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e413ed36b1211fd470d5a26a9981240b35e44236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ec:73:3b:ea:db:4b:48:95:de:4f:a8:b6:05:
54:01:c3:68:f0:66:da:ac:8b:e6:01:42:cd:d7:0d:
03:1e:20:73:19:16:5c:59:d0:a9:97:03:6f:9e:1e:
a4:bc:f3:c6:70:0d:c2:76:3e:61:79:25:11:c0:54:
fc:be:4a:06:37:9d:d0:6b:fe:1f:2f:6f:6b:ca:f3:
0d:fb:58:d2:7a:fd:d6:f4:eb:53:73:97:bc:a9:f4:
03:ba:7c:87:46:0f:31:06:c8:39:a1:39:51:04:16:
2b:20:f5:9b:e7:84:c7:1c:5f:0b:fb:fe:ed:7c:78:
65:fd:01:03:bd:45:ee:6a:97:a8:f1:c7:e5:d8:17:
45:cd:f8:ad:cc:49:01:8c:8a:2f:68:6a:0d:0f:11:
aa:9c:79:7a:c4:26:9c:85:4f:d8:5f:4e:15:dd:de:
00:db:86:9d:19:a7:54:f8:15:35:89:a6:31:4c:d0:
d0:f4:7e:6e:11:31:fe:3b:c3:6b:c3:35:8b:bf:2b:
3f:98:9f:01:50:b1:92:b8:df:68:9d:f8:7b:8a:fe:
7c:54:28:be:a6:d4:a9:0a:34:4d:36:8b:bf:ea:84:
08:5c:0c:eb:b7:2a:56:ca:48:60:c7:8a:b8:27:2e:
38:69:15:c7:69:a6:49:f5:52:3b:41:9c:eb:67:14:
f5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:13:ED:36:B1:21:1F:D4:70:D5:A2:6A:99:81:24:0B:35:E4:42:36
X509v3 Authority Key Identifier:
keyid:F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/5BPtNrEhH9Rw1aJqmYEkCzXkQjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:d100:f001::/48
2a14:d100:f010::-2a14:d100:f012:ffff:ffff:ffff:ffff:ffff
2a14:d107::/43
Signature Algorithm: sha256WithRSAEncryption
1e:18:76:a9:ab:14:fe:a6:93:94:fd:b4:0d:53:b3:67:bc:c3:
8c:fd:58:23:d3:bf:92:37:c1:f3:c1:0b:0e:4f:69:f5:52:07:
c2:2e:4a:23:be:5d:a3:b5:96:42:4b:16:02:0e:81:1b:23:1d:
87:62:61:df:74:76:13:b7:d0:1d:da:64:bf:ae:92:a2:b5:e1:
df:5a:0d:4c:a9:ca:20:46:f1:5b:e8:ec:3f:f6:9e:f1:ce:60:
46:f4:02:8d:c4:44:fa:34:3b:fb:ae:26:be:19:5f:53:f9:07:
eb:32:81:ee:07:32:40:af:83:62:6b:0b:31:50:fa:cc:bd:9a:
ad:52:59:58:a4:93:32:af:ea:00:06:48:2b:e3:45:86:85:7b:
89:f7:d5:08:bf:01:b8:b7:df:c7:9a:7b:e5:45:88:5d:70:3d:
46:fc:9d:03:c9:be:31:64:c2:26:d5:b2:4b:8e:de:0d:7a:81:
35:43:aa:8f:de:43:a7:ac:90:c9:1f:27:3b:c7:b0:5f:75:5d:
e2:96:7e:3a:b6:a3:c6:41:55:ca:72:2e:f1:1d:82:18:3a:a5:
bb:8f:03:e5:87:1c:52:47:10:ae:c8:09:05:df:49:cc:73:84:
86:12:62:39:4c:41:ab:72:77:bc:e9:da:ff:dc:fa:5e:e3:af:
8a:d2:82:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZewdO7zfUpRj09oreC025fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWZjZmQyODc1YWJkZjYxZTE5ZDMyNzBlYWZlMWVmZmFk
YzY2NjIwHhcNMjUwNjI3MDgxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDEzZWQzNmIxMjExZmQ0NzBkNWEyNmE5OTgxMjQwYjM1ZTQ0MjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtexzO+rbS0iV3k+otgVUAcNo8Gba
rIvmAULN1w0DHiBzGRZcWdCplwNvnh6kvPPGcA3Cdj5heSURwFT8vkoGN53Qa/4f
L29ryvMN+1jSev3W9OtTc5e8qfQDunyHRg8xBsg5oTlRBBYrIPWb54THHF8L+/7t
fHhl/QEDvUXuapeo8cfl2BdFzfitzEkBjIovaGoNDxGqnHl6xCachU/YX04V3d4A
24adGadU+BU1iaYxTNDQ9H5uETH+O8NrwzWLvys/mJ8BULGSuN9onfh7iv58VCi+
ptSpCjRNNou/6oQIXAzrtypWykhgx4q4Jy44aRXHaaZJ9VI7QZzrZxT1wQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOQT7TaxIR/UcNWiapmBJAs15EI2MB8GA1UdIwQY
MBaAFPefz9KHWr32HhnTJw6v4e/63GZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEt
OTA3NzZmODRjOWI3LzEvNUJQdE5yRWhIOVJ3MWFKcW1ZRWtDelhrUWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEtOTA3NzZmODRjOWI3
LzEvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKhTRAPAB
MBIDBwQqFNEA8BADBwAqFNEA8BIDBwUqFNEHAAAwDQYJKoZIhvcNAQELBQADggEB
AB4YdqmrFP6mk5T9tA1Ts2e8w4z9WCPTv5I3wfPBCw5PafVSB8IuSiO+XaO1lkJL
FgIOgRsjHYdiYd90dhO30B3aZL+ukqK14d9aDUypyiBG8Vvo7D/2nvHOYEb0Ao3E
RPo0O/uuJr4ZX1P5B+syge4HMkCvg2JrCzFQ+sy9mq1SWVikkzKv6gAGSCvjRYaF
e4n31Qi/Abi338eae+VFiF1wPUb8nQPJvjFkwibVskuO3g16gTVDqo/eQ6eskMkf
JzvHsF91XeKWfjq2o8ZBVcpyLvEdghg6pbuPA+WHHFJHEK7ICQXfScxzhIYSYjlM
Qatyd7zp2v/c+l7jr4rSguY=
-----END CERTIFICATE-----
Generated at Tue Jul 1 15:05:55 2025 by rpki-client