Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l5nNA9_Sz7c8zBNHL_Dweu55I8o.roa
File: l5nNA9_Sz7c8zBNHL_Dweu55I8o.roa (raw, json)
Hash identifier: rEDNM32FuoiTDqZZpXkLt+0q6OBkhsWXA3seTQXoIpU=
Subject key identifier: 97:99:CD:03:DF:D2:CF:B7:3C:CC:13:47:2F:F0:F0:7A:EE:79:23:CA
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01978F5DE025ACA5ABB5DDF738158DB5895B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l5nNA9_Sz7c8zBNHL_Dweu55I8o.roa
Signing time: Fri 20 Jun 2025 22:03:03 +0000
ROA not before: Fri 20 Jun 2025 22:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 2a14:1100::/32 maxlen: 32
2a14:1101::/32 maxlen: 32
2a14:1102::/32 maxlen: 32
2a14:1103::/32 maxlen: 32
2a14:1104::/32 maxlen: 32
2a14:1105::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 16:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8f:5d:e0:25:ac:a5:ab:b5:dd:f7:38:15:8d:b5:89:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 20 22:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9799cd03dfd2cfb73ccc13472ff0f07aee7923ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4b:1f:00:31:50:e2:b4:f1:d1:e0:81:ad:90:
8d:6c:93:e0:a7:41:2b:0c:73:c5:3f:45:d8:1c:06:
98:91:37:70:06:34:df:93:b5:9c:2e:86:aa:67:87:
16:1c:dd:04:c8:aa:c9:ed:72:d7:25:cc:93:fa:a5:
b3:9c:b5:b1:27:6a:aa:ee:66:f7:43:05:6b:2c:82:
f3:9d:b3:97:6c:4f:c3:9f:af:16:a5:2e:6d:d8:d2:
f5:ed:32:66:3b:23:8b:d5:72:0d:81:cb:f7:ad:fe:
d8:b9:46:bb:42:4f:22:69:65:9e:ac:8b:a4:5d:0e:
e2:71:73:2c:f5:85:75:2f:b3:61:ab:ba:55:f0:63:
04:67:03:bb:e4:18:e6:3b:63:e5:ae:bc:a9:54:60:
89:eb:fb:c5:09:12:61:d3:0f:a3:56:79:59:81:45:
65:f6:3f:e7:6f:ec:82:ba:04:6a:86:6f:cd:7f:40:
0e:c8:23:65:74:92:5e:8e:93:17:84:e9:cf:51:b5:
0c:8b:ba:a2:9f:d7:d3:09:61:f2:b3:54:ea:df:33:
0b:ea:a4:2f:73:7e:7d:6a:20:85:3e:16:d4:0f:a2:
f3:99:7e:63:53:d6:36:8b:47:24:b3:a3:ce:70:2a:
dd:13:76:83:4e:b2:79:fd:03:dd:48:42:27:69:ce:
0b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:99:CD:03:DF:D2:CF:B7:3C:CC:13:47:2F:F0:F0:7A:EE:79:23:CA
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l5nNA9_Sz7c8zBNHL_Dweu55I8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1100::-2a14:1105:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:ae:4e:8e:20:f2:c5:d6:80:15:e4:4f:cf:28:93:48:8e:fe:
0a:e5:4d:bc:64:3f:b2:ad:7f:2c:ca:12:ff:11:d8:63:b4:97:
c1:e1:e3:f2:77:d1:82:ed:30:c2:fa:f0:0c:7a:ad:d5:28:9b:
2a:15:a0:c8:eb:4c:c1:e6:90:aa:44:41:6f:8d:c8:5d:03:84:
be:5f:2d:c8:5e:35:c6:c8:48:97:09:8b:d4:74:3e:84:a8:99:
d1:88:9b:60:2f:24:b9:c7:17:fe:1d:cf:a3:88:6d:95:8c:5c:
50:b5:05:f6:af:26:7a:75:c7:88:22:1a:d3:ff:d4:50:6f:d7:
94:f9:81:12:30:f7:96:88:66:2a:02:ef:48:dd:a6:42:38:8a:
69:fc:84:2e:21:b2:c7:d6:bf:b2:27:97:8c:5d:74:8a:39:17:
70:40:f6:d9:cc:9e:29:70:c5:44:46:d7:e6:42:ae:8c:75:39:
8c:6b:3e:0d:44:90:71:3a:de:4c:44:64:e9:1a:25:ed:d6:0b:
49:c9:53:38:d7:99:3c:16:e4:9d:f6:c4:d8:95:f6:59:d1:89:
88:d7:7f:95:33:77:70:66:9f:d9:6b:ab:29:7d:6f:c4:d6:5d:
7d:96:d5:23:51:f0:6d:2b:f7:58:15:2c:a7:0b:40:b4:2f:00:
f4:bd:a4:d6
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZePXeAlrKWrtd33OBWNtYlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNjIwMjIwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk5Y2QwM2RmZDJjZmI3M2NjYzEzNDcyZmYwZjA3YWVlNzkyM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEsfADFQ4rTx0eCBrZCNbJPgp0Er
DHPFP0XYHAaYkTdwBjTfk7WcLoaqZ4cWHN0EyKrJ7XLXJcyT+qWznLWxJ2qq7mb3
QwVrLILznbOXbE/Dn68WpS5t2NL17TJmOyOL1XINgcv3rf7YuUa7Qk8iaWWerIuk
XQ7icXMs9YV1L7Nhq7pV8GMEZwO75BjmO2PlrrypVGCJ6/vFCRJh0w+jVnlZgUVl
9j/nb+yCugRqhm/Nf0AOyCNldJJejpMXhOnPUbUMi7qin9fTCWHys1Tq3zML6qQv
c359aiCFPhbUD6LzmX5jU9Y2i0cks6POcCrdE3aDTrJ5/QPdSEInac4LRQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFJeZzQPf0s+3PMwTRy/w8HrueSPKMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbDVuTkE5X1N6N2M4ekJOSExfRHdldTU1SThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPMA0DBAAqFBED
BQEqFBEEMA0GCSqGSIb3DQEBCwUAA4IBAQAirk6OIPLF1oAV5E/PKJNIjv4K5U28
ZD+yrX8syhL/EdhjtJfB4ePyd9GC7TDC+vAMeq3VKJsqFaDI60zB5pCqREFvjchd
A4S+Xy3IXjXGyEiXCYvUdD6EqJnRiJtgLyS5xxf+Hc+jiG2VjFxQtQX2ryZ6dceI
IhrT/9RQb9eU+YESMPeWiGYqAu9I3aZCOIpp/IQuIbLH1r+yJ5eMXXSKORdwQPbZ
zJ4pcMVERtfmQq6MdTmMaz4NRJBxOt5MRGTpGiXt1gtJyVM415k8FuSd9sTYlfZZ
0YmI13+VM3dwZp/Za6spfW/E1l19ltUjUfBtK/dYFSynC0C0LwD0vaTW
-----END CERTIFICATE-----
Generated at Wed Jul 2 21:25:53 2025 by rpki-client