Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/8ANICSJWDqJZr_OziTPKI5FOvus.roa
File: 8ANICSJWDqJZr_OziTPKI5FOvus.roa (raw, json)
Hash identifier: 2eq7Zd+CTYvdqsxRHwyMVJW9dixQWA1F1JJ3R5eoKOo=
Subject key identifier: F0:03:48:09:22:56:0E:A2:59:AF:F3:B3:89:33:CA:23:91:4E:BE:EB
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0199FB0565EA2355F493901B95AB55B5E78B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/8ANICSJWDqJZr_OziTPKI5FOvus.roa
Signing time: Sun 19 Oct 2025 05:50:58 +0000
ROA not before: Sun 19 Oct 2025 05:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214472
IP address blocks: 2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:05:65:ea:23:55:f4:93:90:1b:95:ab:55:b5:e7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Oct 19 05:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f003480922560ea259aff3b38933ca23914ebeeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2a:56:f9:84:0e:0b:f0:49:22:d5:e5:d6:b6:
f0:5a:74:9a:4a:c2:20:2f:dc:b5:ad:01:6f:b9:d7:
dc:b6:29:54:1d:93:b5:b5:14:d5:32:32:e4:a8:5b:
1e:31:b0:9b:89:9c:dd:8b:af:30:76:5f:99:d1:17:
4b:65:bf:31:50:17:6d:15:54:04:a8:3d:fa:f5:5c:
14:1b:31:43:38:42:48:04:f3:2d:dc:ad:60:47:39:
2d:c5:47:25:93:59:78:d4:e7:2c:13:53:5f:85:2e:
78:a3:21:69:11:29:a9:1a:30:e4:e0:9c:a9:71:71:
44:98:a2:c8:dd:02:69:0e:98:bd:c2:c3:a7:f5:21:
04:26:ef:b0:9f:85:81:ee:ca:c3:cf:2b:0c:2a:b0:
f3:90:7b:1a:d6:70:3a:82:9c:ff:a9:bb:fe:de:c0:
ec:27:35:35:34:bb:d3:22:4d:61:b0:b1:d0:c6:b2:
05:33:ae:cf:26:9c:ac:8e:eb:1b:f9:af:d5:d6:d5:
15:a6:4d:f3:a9:95:9d:b1:00:57:4e:27:b0:41:fd:
91:75:05:57:79:d5:43:e4:7a:86:d9:71:66:03:29:
66:3f:51:d9:8f:6d:47:66:c9:42:3a:d0:48:ed:30:
7d:8e:18:15:5f:f8:d9:60:a2:e5:8c:fc:c5:04:dd:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:03:48:09:22:56:0E:A2:59:AF:F3:B3:89:33:CA:23:91:4E:BE:EB
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/8ANICSJWDqJZr_OziTPKI5FOvus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:40:81:b6:17:bf:0b:d3:16:73:c4:e2:16:ca:76:5a:6d:7b:
46:13:e3:a0:c9:d5:1e:29:b1:73:5c:59:fe:6d:80:b6:10:8e:
c0:18:bf:89:46:43:81:8f:d2:c5:54:cc:c6:1b:cf:f8:0b:3a:
4f:1b:ad:36:5f:0c:c6:18:76:d3:e8:dc:1c:4d:1c:43:5c:a0:
0e:99:ac:23:71:e3:03:1c:41:2c:f9:c7:7b:4c:4c:94:6c:26:
c4:e7:96:39:fa:16:38:40:8e:03:da:db:b8:f7:4a:fa:ab:42:
c8:e6:f5:71:f7:45:d2:e0:6b:44:b0:b0:a6:ce:4c:05:c7:ce:
47:bc:a0:45:e9:2d:76:d8:3d:c6:41:03:14:bc:8d:9b:7f:31:
8d:cc:d4:f6:f0:a2:28:ec:2e:31:fb:59:d3:2b:f8:b9:8c:d1:
f2:f2:61:b6:34:06:b8:51:fa:ab:0d:ea:b7:c7:9a:77:52:aa:
e1:70:06:78:01:55:47:ac:da:41:ff:e7:7b:be:eb:69:b5:53:
01:e5:ef:62:01:c2:eb:d3:7e:73:c1:51:8f:17:ee:7d:b7:ed:
00:0a:5d:20:52:af:97:fa:bf:0e:66:81:82:cb:43:9d:00:a3:
27:dc:21:9c:78:2f:84:b0:68:d2:d7:4e:d2:79:45:e2:4e:0f:
5b:7f:3f:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZn7BWXqI1X0k5AblatVteeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUxMDE5MDU1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDAzNDgwOTIyNTYwZWEyNTlhZmYzYjM4OTMzY2EyMzkxNGViZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuipW+YQOC/BJItXl1rbwWnSaSsIg
L9y1rQFvudfctilUHZO1tRTVMjLkqFseMbCbiZzdi68wdl+Z0RdLZb8xUBdtFVQE
qD369VwUGzFDOEJIBPMt3K1gRzktxUclk1l41OcsE1NfhS54oyFpESmpGjDk4Jyp
cXFEmKLI3QJpDpi9wsOn9SEEJu+wn4WB7srDzysMKrDzkHsa1nA6gpz/qbv+3sDs
JzU1NLvTIk1hsLHQxrIFM67PJpysjusb+a/V1tUVpk3zqZWdsQBXTiewQf2RdQVX
edVD5HqG2XFmAylmP1HZj21HZslCOtBI7TB9jhgVX/jZYKLljPzFBN2laQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPADSAkiVg6iWa/zs4kzyiORTr7rMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvOEFOSUNTSldEcUpacl9PemlUUEtJNUZPdnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRCwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYECBthe/C9MWc8TiFsp2Wm17RhPjoMnVHimxc1xZ
/m2AthCOwBi/iUZDgY/SxVTMxhvP+As6TxutNl8Mxhh20+jcHE0cQ1ygDpmsI3Hj
AxxBLPnHe0xMlGwmxOeWOfoWOECOA9rbuPdK+qtCyOb1cfdF0uBrRLCwps5MBcfO
R7ygRektdtg9xkEDFLyNm38xjczU9vCiKOwuMftZ0yv4uYzR8vJhtjQGuFH6qw3q
t8ead1Kq4XAGeAFVR6zaQf/ne77rabVTAeXvYgHC69N+c8FRjxfufbftAApdIFKv
l/q/DmaBgstDnQCjJ9whnHgvhLBo0tdO0nlF4k4PW38/TQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:41 2025 by rpki-client