Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/RsHjDR2OTT48ECIrfV-t2KLa3VY.roa
File: RsHjDR2OTT48ECIrfV-t2KLa3VY.roa (raw, json)
Hash identifier: MiP+2WgYd2OzzgUSXRhJ1Hkihb6X5kSHAkKwMaypLhA=
Subject key identifier: 46:C1:E3:0D:1D:8E:4D:3E:3C:10:22:2B:7D:5F:AD:D8:A2:DA:DD:56
Certificate issuer: /CN=90d426209bd8c405cbefee5741b1a52548012bab
Certificate serial: 0198BC00C6F28B3FB67F6ACCD85466263ADB
Authority key identifier: 90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/RsHjDR2OTT48ECIrfV-t2KLa3VY.roa
Signing time: Mon 18 Aug 2025 07:07:04 +0000
ROA not before: Mon 18 Aug 2025 07:07:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43859
IP address blocks: 2a01:70c0:1::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:00:c6:f2:8b:3f:b6:7f:6a:cc:d8:54:66:26:3a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d426209bd8c405cbefee5741b1a52548012bab
Validity
Not Before: Aug 18 07:07:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46c1e30d1d8e4d3e3c10222b7d5fadd8a2dadd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:d5:b7:b7:52:81:ac:cb:a4:b4:5f:02:6b:
b7:dd:10:2f:a0:a9:29:ae:2a:fa:24:dc:70:84:41:
13:da:53:e4:84:a4:f9:92:40:4a:10:51:eb:7b:21:
86:55:62:ae:6b:39:1f:7b:79:7f:f6:5a:43:cb:b2:
5c:13:78:5f:29:b1:ed:d1:89:81:0f:3d:34:b3:e4:
c5:8d:c7:e9:78:4c:b7:47:56:cb:f4:d1:67:00:38:
24:ae:e1:c0:69:ae:c1:ab:df:9a:03:b9:88:6d:0c:
d5:0a:22:40:63:db:66:a4:9d:a5:4f:f0:2c:de:9b:
42:ad:38:ea:50:e6:65:18:50:42:be:37:39:0a:f4:
13:7b:7a:a9:df:6c:e8:1f:01:de:1d:24:96:26:8a:
74:ac:ad:dc:6d:51:7e:93:7f:51:0a:fe:3a:36:14:
6b:83:6a:34:56:fe:e8:fb:51:b1:6b:a5:be:8a:2f:
b9:66:cf:ad:88:d3:fc:42:f1:0f:1f:91:88:8f:9c:
0b:8c:4e:0e:a5:1e:cf:e5:1a:02:c6:02:9b:fc:ed:
e9:07:40:fd:89:75:bb:11:31:6e:d9:d4:3b:cc:a6:
0d:05:64:05:44:4d:b3:9b:9f:90:7d:ab:e7:42:fb:
ff:d0:30:57:0f:e8:f4:a4:99:90:bc:1a:c7:6e:ef:
43:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C1:E3:0D:1D:8E:4D:3E:3C:10:22:2B:7D:5F:AD:D8:A2:DA:DD:56
X509v3 Authority Key Identifier:
keyid:90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/RsHjDR2OTT48ECIrfV-t2KLa3VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:70c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
9b:af:2a:5b:c7:43:8f:cd:d3:5f:d2:32:29:e7:2f:11:f4:63:
f3:1e:e1:0b:ee:f0:6b:7e:ef:2e:69:16:b6:95:91:e8:2f:68:
c9:9b:ee:02:6e:83:9b:21:34:49:b0:e2:9c:28:3d:81:f4:d6:
0c:38:0f:f9:a8:6a:5c:e8:5e:5c:a8:0d:89:98:d2:3b:a4:3d:
cb:2f:67:89:ca:71:61:76:12:bd:04:1f:7c:23:77:0b:b0:d8:
f8:3d:32:62:f7:51:40:3a:ea:93:74:3d:d6:92:c0:c9:c1:f4:
67:f1:a2:27:fa:d9:64:89:04:62:ed:04:54:a1:ca:a0:dc:be:
a2:ee:8a:38:03:98:40:6d:9e:56:f6:14:6d:25:3d:b3:bd:da:
75:4a:40:52:65:54:cf:d8:91:93:e5:85:5f:15:c4:e1:7d:78:
d7:f7:4d:24:da:8a:87:91:e2:29:ad:82:ee:68:75:87:d7:e8:
a1:b1:c6:d6:95:be:44:48:e1:74:2f:f2:94:79:70:72:8d:51:
5b:1d:cd:26:21:47:aa:f0:8f:24:ff:64:90:c8:5a:54:55:e4:
33:5f:3b:0c:6e:14:41:6e:95:b5:f8:7e:6f:c3:af:25:52:5c:
17:f4:d1:00:77:e9:4f:9b:45:7a:ff:6a:17:0a:82:68:b6:c6:
57:5c:cd:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZi8AMbyiz+2f2rM2FRmJjrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQyNjIwOWJkOGM0MDVjYmVmZWU1NzQxYjFhNTI1NDgw
MTJiYWIwHhcNMjUwODE4MDcwNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmMxZTMwZDFkOGU0ZDNlM2MxMDIyMmI3ZDVmYWRkOGEyZGFkZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAverVt7dSgazLpLRfAmu33RAvoKkp
rir6JNxwhEET2lPkhKT5kkBKEFHreyGGVWKuazkfe3l/9lpDy7JcE3hfKbHt0YmB
Dz00s+TFjcfpeEy3R1bL9NFnADgkruHAaa7Bq9+aA7mIbQzVCiJAY9tmpJ2lT/As
3ptCrTjqUOZlGFBCvjc5CvQTe3qp32zoHwHeHSSWJop0rK3cbVF+k39RCv46NhRr
g2o0Vv7o+1Gxa6W+ii+5Zs+tiNP8QvEPH5GIj5wLjE4OpR7P5RoCxgKb/O3pB0D9
iXW7ETFu2dQ7zKYNBWQFRE2zm5+QfavnQvv/0DBXD+j0pJmQvBrHbu9DPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEbB4w0djk0+PBAiK31frdii2t1WMB8GA1UdIwQY
MBaAFJDUJiCb2MQFy+/uV0GxpSVIASurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQt
ODRiZDY3ZWQwZWVmLzEvUnNIakRSMk9UVDQ4RUNJcmZWLXQyS0xhM1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQtODRiZDY3ZWQwZWVm
LzEva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFwwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCbrypbx0OPzdNf0jIp5y8R9GPzHuEL7vBrfu8u
aRa2lZHoL2jJm+4CboObITRJsOKcKD2B9NYMOA/5qGpc6F5cqA2JmNI7pD3LL2eJ
ynFhdhK9BB98I3cLsNj4PTJi91FAOuqTdD3WksDJwfRn8aIn+tlkiQRi7QRUocqg
3L6i7oo4A5hAbZ5W9hRtJT2zvdp1SkBSZVTP2JGT5YVfFcThfXjX900k2oqHkeIp
rYLuaHWH1+ihscbWlb5ESOF0L/KUeXByjVFbHc0mIUeq8I8k/2SQyFpUVeQzXzsM
bhRBbpW1+H5vw68lUlwX9NEAd+lPm0V6/2oXCoJotsZXXM2Z
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:43:39 2025 by rpki-client