Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/TdWCA3jMG4RcSGjTx6h7-OFQkJ0.roa
File: TdWCA3jMG4RcSGjTx6h7-OFQkJ0.roa (raw, json)
Hash identifier: i6Jk7HaD1mr34rVBZKHoNKT8LfsYuiueMYQP9x4CSCY=
Subject key identifier: 4D:D5:82:03:78:CC:1B:84:5C:48:68:D3:C7:A8:7B:F8:E1:50:90:9D
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 01995CBF497F79D88A207B8BD686B7DCB5B4
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/TdWCA3jMG4RcSGjTx6h7-OFQkJ0.roa
Signing time: Thu 18 Sep 2025 12:14:23 +0000
ROA not before: Thu 18 Sep 2025 12:14:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214366
IP address blocks: 2a07:cec0:4100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:bf:49:7f:79:d8:8a:20:7b:8b:d6:86:b7:dc:b5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Sep 18 12:14:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dd5820378cc1b845c4868d3c7a87bf8e150909d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:41:bc:21:fb:c5:c8:a9:98:15:19:55:0e:
2e:5d:66:91:4d:9c:55:f3:7e:4d:ba:d3:05:c2:1d:
49:70:44:ef:10:f2:79:8f:a8:38:46:44:9d:fd:5f:
f1:f6:b3:47:d1:68:1a:c5:b0:7b:02:8f:b4:c8:0e:
01:55:d2:30:da:04:00:7a:2c:41:9d:a2:12:3f:39:
a6:06:d1:d0:1c:38:9d:bc:2f:1f:85:a5:56:b5:bb:
a8:54:4f:b9:4a:d8:4f:9d:bf:35:3f:62:11:c4:ba:
e1:a6:3c:8c:20:96:11:bf:59:90:c5:04:40:09:bf:
07:ee:8c:32:f4:81:47:7e:43:a2:ca:ff:91:de:99:
ed:0b:bc:5b:5f:16:a8:4f:d7:67:ff:07:84:7c:13:
f6:ea:ca:6c:3b:13:b1:b4:ca:29:00:51:c8:71:c1:
b3:99:19:59:84:75:22:15:13:9c:87:40:01:a9:e1:
46:cc:d2:df:1f:7f:cc:46:bf:97:c3:01:99:cc:ab:
7e:fd:2b:57:ef:65:4f:32:fd:93:76:90:0f:c4:4b:
e3:7d:25:6f:b5:c6:3f:d4:02:d1:d4:ab:31:67:95:
f0:74:37:c5:55:ff:1c:0e:d0:12:3e:de:d4:b7:b8:
6e:c3:1a:78:e1:ae:2c:d4:5a:e7:0c:15:e8:2c:f3:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D5:82:03:78:CC:1B:84:5C:48:68:D3:C7:A8:7B:F8:E1:50:90:9D
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/TdWCA3jMG4RcSGjTx6h7-OFQkJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:cec0:4100::/48
Signature Algorithm: sha256WithRSAEncryption
06:74:e8:bd:09:30:f2:fa:a5:c6:36:aa:e6:2a:72:bf:e6:94:
26:a5:bc:00:c9:bd:d4:23:c3:e2:ea:f1:d1:5f:92:96:72:89:
78:67:a6:03:26:48:57:a9:e4:a5:ef:ba:b6:bc:aa:b3:81:a4:
5c:1e:c8:e1:2b:30:c9:af:79:78:92:70:ac:fa:bd:3f:08:3f:
1c:da:6a:2e:6c:f6:d4:8e:ca:44:58:cc:71:be:d0:d2:2e:63:
d2:9f:45:89:11:9b:83:fe:65:ff:64:28:11:54:9f:ce:8a:09:
6c:05:22:b2:8a:c2:d0:0b:87:e7:15:ad:75:fb:e0:91:b1:93:
bd:6c:72:19:0f:f6:81:98:a4:b7:d9:30:f4:94:9c:06:c6:46:
ec:ca:f5:00:9b:93:07:25:e9:36:7e:59:a6:f2:f0:1e:25:11:
5a:46:21:94:d3:cf:a9:25:b6:de:dd:e8:16:8a:b9:f1:86:92:
4d:dc:c5:a1:64:8c:4c:e4:07:1e:58:aa:a3:cc:c4:73:f2:16:
51:3f:3d:f5:f2:ef:8e:81:61:57:ca:7e:e8:cf:7d:65:f4:45:
80:1a:ab:70:9f:c2:21:30:c1:be:d8:8b:0d:95:5f:b9:a0:74:
04:da:05:20:1f:48:72:60:b3:63:9b:ca:8a:e7:93:09:40:3f:
88:f5:e0:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZlcv0l/ediKIHuL1oa33LW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjUwOTE4MTIxNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGQ1ODIwMzc4Y2MxYjg0NWM0ODY4ZDNjN2E4N2JmOGUxNTA5MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOVBvCH7xcipmBUZVQ4uXWaRTZxV
835NutMFwh1JcETvEPJ5j6g4RkSd/V/x9rNH0WgaxbB7Ao+0yA4BVdIw2gQAeixB
naISPzmmBtHQHDidvC8fhaVWtbuoVE+5SthPnb81P2IRxLrhpjyMIJYRv1mQxQRA
Cb8H7owy9IFHfkOiyv+R3pntC7xbXxaoT9dn/weEfBP26spsOxOxtMopAFHIccGz
mRlZhHUiFROch0ABqeFGzNLfH3/MRr+XwwGZzKt+/StX72VPMv2TdpAPxEvjfSVv
tcY/1ALR1KsxZ5XwdDfFVf8cDtASPt7Ut7huwxp44a4s1FrnDBXoLPMY5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE3VggN4zBuEXEho08eoe/jhUJCdMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvVGRXQ0Ezak1HNFJjU0dqVHg2aDctT0ZRa0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgfOwEEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGdOi9CTDy+qXGNqrmKnK/5pQmpbwAyb3UI8Pi
6vHRX5KWcol4Z6YDJkhXqeSl77q2vKqzgaRcHsjhKzDJr3l4knCs+r0/CD8c2mou
bPbUjspEWMxxvtDSLmPSn0WJEZuD/mX/ZCgRVJ/OiglsBSKyisLQC4fnFa11++CR
sZO9bHIZD/aBmKS32TD0lJwGxkbsyvUAm5MHJek2flmm8vAeJRFaRiGU08+pJbbe
3egWirnxhpJN3MWhZIxM5AceWKqjzMRz8hZRPz318u+OgWFXyn7oz31l9EWAGqtw
n8IhMMG+2IsNlV+5oHQE2gUgH0hyYLNjm8qK55MJQD+I9eBY
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:35:29 2025 by rpki-client