Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/uyoeIqkVYsWycgSBqi99XOoWohc.roa
File: uyoeIqkVYsWycgSBqi99XOoWohc.roa (raw, json)
Hash identifier: XI5SEPc9hU2Gd4vosOPLL+DY7PoBl65PrChe9/PrbCM=
Subject key identifier: BB:2A:1E:22:A9:15:62:C5:B2:72:04:81:AA:2F:7D:5C:EA:16:A2:17
Certificate issuer: /CN=90d426209bd8c405cbefee5741b1a52548012bab
Certificate serial: 0198BBFFDC2501A1261F3E4C9F327B8E38FF
Authority key identifier: 90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/uyoeIqkVYsWycgSBqi99XOoWohc.roa
Signing time: Mon 18 Aug 2025 07:06:04 +0000
ROA not before: Mon 18 Aug 2025 07:06:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12879
IP address blocks: 2a01:70c0:2::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:ff:dc:25:01:a1:26:1f:3e:4c:9f:32:7b:8e:38:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d426209bd8c405cbefee5741b1a52548012bab
Validity
Not Before: Aug 18 07:06:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb2a1e22a91562c5b2720481aa2f7d5cea16a217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5f:9d:b3:41:3b:96:33:72:6a:ad:2e:2d:5a:
0f:1a:27:af:09:21:b0:0e:92:e3:be:f1:85:91:7d:
f5:ae:b2:68:02:04:31:aa:cb:69:01:97:95:f4:05:
2e:df:81:3f:8b:1c:7c:9b:01:33:b5:6e:d5:7c:d0:
5c:8c:61:ac:0a:ef:ff:e7:5f:f0:4e:d3:d8:f0:63:
db:99:39:2a:ef:46:da:6e:5d:74:4a:3e:e1:5d:b8:
11:ce:c0:6f:1f:7a:09:a7:ab:96:d1:41:5e:4d:97:
e9:54:0f:21:84:e1:4b:07:12:48:21:42:6f:6c:4e:
6e:9a:76:e8:47:c5:ab:e6:e9:f1:7b:42:73:47:1d:
a6:46:84:a8:09:8b:40:58:d1:f7:c3:02:b6:ba:3f:
8c:ff:32:ea:f7:35:fb:55:de:87:d6:7b:ce:8a:e7:
17:d9:d2:73:1a:bb:7e:29:4b:83:1c:e5:da:30:a1:
a7:05:4a:40:53:51:17:33:88:6f:8b:7b:c4:d2:42:
5b:52:16:65:72:f8:0c:be:42:78:ac:6d:98:6c:20:
22:2b:6b:d9:f3:c9:01:39:18:cf:f1:8b:7d:b4:f2:
9c:a6:7b:cd:99:d4:94:82:e4:0f:eb:26:cf:d4:64:
1b:ab:a2:f2:87:16:99:70:4c:1f:3a:cd:d4:be:54:
5e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2A:1E:22:A9:15:62:C5:B2:72:04:81:AA:2F:7D:5C:EA:16:A2:17
X509v3 Authority Key Identifier:
keyid:90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/uyoeIqkVYsWycgSBqi99XOoWohc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:70c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
3a:ba:62:4a:b2:63:62:24:e6:68:f9:f1:59:f2:9c:eb:05:15:
f8:76:56:4e:d5:91:3d:db:4b:a9:3a:63:3f:60:37:74:8e:de:
da:98:af:77:c7:9a:6a:74:05:4b:04:1b:06:95:1a:78:c3:da:
18:ba:a7:70:eb:e0:c8:03:2f:99:08:db:7b:db:3e:aa:95:fe:
6b:f1:57:40:e4:dd:7d:c3:24:b3:b0:f2:ab:2d:8f:dc:64:cf:
53:eb:ac:0d:1f:95:a3:18:17:23:9b:7e:d6:73:f4:7b:a7:0c:
c4:9a:d2:70:62:d7:ce:35:0f:80:39:84:e1:0c:3f:98:0e:54:
c2:82:86:2e:2e:16:54:41:c6:dc:20:c8:89:c2:2d:9a:8c:92:
a9:4d:d1:30:21:ff:d1:f1:0d:57:ab:1f:2c:ac:1f:da:79:4e:
28:ed:96:01:2a:84:52:5c:79:6c:76:d0:6d:3e:b6:13:9e:cf:
da:82:f2:e6:74:5a:0a:71:6a:8d:2c:07:07:8b:82:89:9e:3c:
28:ab:3d:1b:55:0d:c2:39:48:b6:4b:11:8d:65:d3:f5:1c:ed:
6d:ce:87:1d:69:ea:5b:9c:69:53:aa:6f:26:95:88:b8:44:59:
8a:1f:3e:02:7c:38:c7:68:eb:1f:ba:7e:78:ed:d7:a9:2c:a1:
7c:b0:7b:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZi7/9wlAaEmHz5MnzJ7jjj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQyNjIwOWJkOGM0MDVjYmVmZWU1NzQxYjFhNTI1NDgw
MTJiYWIwHhcNMjUwODE4MDcwNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJhMWUyMmE5MTU2MmM1YjI3MjA0ODFhYTJmN2Q1Y2VhMTZhMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1+ds0E7ljNyaq0uLVoPGievCSGw
DpLjvvGFkX31rrJoAgQxqstpAZeV9AUu34E/ixx8mwEztW7VfNBcjGGsCu//51/w
TtPY8GPbmTkq70babl10Sj7hXbgRzsBvH3oJp6uW0UFeTZfpVA8hhOFLBxJIIUJv
bE5umnboR8Wr5unxe0JzRx2mRoSoCYtAWNH3wwK2uj+M/zLq9zX7Vd6H1nvOiucX
2dJzGrt+KUuDHOXaMKGnBUpAU1EXM4hvi3vE0kJbUhZlcvgMvkJ4rG2YbCAiK2vZ
88kBORjP8Yt9tPKcpnvNmdSUguQP6ybP1GQbq6LyhxaZcEwfOs3UvlReFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLsqHiKpFWLFsnIEgaovfVzqFqIXMB8GA1UdIwQY
MBaAFJDUJiCb2MQFy+/uV0GxpSVIASurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQt
ODRiZDY3ZWQwZWVmLzEvdXlvZUlxa1ZZc1d5Y2dTQnFpOTlYT29Xb2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQtODRiZDY3ZWQwZWVm
LzEva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFwwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQA6umJKsmNiJOZo+fFZ8pzrBRX4dlZO1ZE920up
OmM/YDd0jt7amK93x5pqdAVLBBsGlRp4w9oYuqdw6+DIAy+ZCNt72z6qlf5r8VdA
5N19wySzsPKrLY/cZM9T66wNH5WjGBcjm37Wc/R7pwzEmtJwYtfONQ+AOYThDD+Y
DlTCgoYuLhZUQcbcIMiJwi2ajJKpTdEwIf/R8Q1Xqx8srB/aeU4o7ZYBKoRSXHls
dtBtPrYTns/agvLmdFoKcWqNLAcHi4KJnjwoqz0bVQ3COUi2SxGNZdP1HO1tzocd
aepbnGlTqm8mlYi4RFmKHz4CfDjHaOsfun547depLKF8sHs2
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:46:13 2025 by rpki-client