Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1-h5OCB8JpMYjopLDVkrKQwK2dpM.roa
File: 1-h5OCB8JpMYjopLDVkrKQwK2dpM.roa (raw, json)
Hash identifier: d3AbXN4lYtYyEUM8E0v7gWJmAkvZX7xtSRa43xkdCaQ=
Subject key identifier: FA:1E:4E:08:1F:09:A4:C6:23:A2:92:C3:56:4A:CA:43:02:B6:76:93
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01997686670AFEFF64D4FCF4703E560E7FD6
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1-h5OCB8JpMYjopLDVkrKQwK2dpM.roa
Signing time: Tue 23 Sep 2025 12:22:23 +0000
ROA not before: Tue 23 Sep 2025 12:22:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211286
IP address blocks: 2a0d:8d04::/32 maxlen: 48
2a0d:8d04::/48 maxlen: 48
2a0d:8d04:5::/48 maxlen: 48
2a0d:8d04:a::/48 maxlen: 48
2a0d:8d04:b::/48 maxlen: 48
2a0d:8d04:d::/48 maxlen: 48
2a0d:8d04:71a::/48 maxlen: 48
2a0d:8d04:71b::/48 maxlen: 48
2a0d:8d04:71d::/48 maxlen: 48
2a0d:8d04:5000::/36 maxlen: 48
2a0d:8d04:6000::/36 maxlen: 36
2a0d:8d04:a000::/36 maxlen: 36
2a0d:8d04:b000::/36 maxlen: 36
2a0d:8d04:c000::/35 maxlen: 35
2a0d:8d04:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft
rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:86:67:0a:fe:ff:64:d4:fc:f4:70:3e:56:0e:7f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Sep 23 12:22:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa1e4e081f09a4c623a292c3564aca4302b67693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:4f:57:37:d3:e3:f9:0e:32:66:08:29:11:
44:41:ce:05:bd:29:94:73:6b:e4:89:de:06:6f:36:
d1:b3:db:db:44:ff:43:41:eb:c6:6c:96:68:77:2f:
5c:b8:71:c2:56:53:a0:e0:89:dc:a1:4d:17:48:c3:
fc:99:bd:27:a4:e4:7d:4a:3b:0a:38:8a:0e:94:aa:
a4:33:b2:28:45:0a:21:2f:0c:ce:97:5e:9d:ed:72:
45:0f:6b:b2:06:37:b9:59:f2:d8:92:57:80:15:6e:
29:35:39:2f:c9:e6:fc:86:4c:0d:e0:2d:07:e3:f6:
ed:55:ac:84:13:37:a6:b4:2f:2f:d6:41:f1:7c:71:
02:6c:b7:2c:cb:55:79:71:2e:60:a0:b6:f2:82:ae:
94:6d:1c:58:f7:53:b9:72:84:4b:6c:20:40:24:a4:
5f:af:6f:b5:9e:ad:6d:c5:63:4e:da:6a:33:37:a3:
33:75:a6:cb:0c:8e:1c:c2:4f:99:9c:9a:d8:09:4f:
7d:58:2e:69:2d:ed:ee:1e:0e:38:1b:fb:be:4c:bb:
fc:d1:22:3c:1a:ca:86:3c:01:6f:14:9b:2c:06:5e:
a8:57:fc:cc:71:fb:a8:92:48:cb:3c:30:fe:a8:9d:
02:a7:ef:98:24:32:00:c5:17:ed:c9:8e:82:13:53:
60:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1E:4E:08:1F:09:A4:C6:23:A2:92:C3:56:4A:CA:43:02:B6:76:93
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1-h5OCB8JpMYjopLDVkrKQwK2dpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8d04::/32
Signature Algorithm: sha256WithRSAEncryption
9e:9d:d1:ef:d5:58:4c:87:61:c4:e3:a6:d8:a4:18:11:8b:b3:
8c:c5:84:ca:58:e2:52:c4:e1:5e:af:30:bf:c5:64:76:24:6a:
82:97:e5:9f:ff:d9:1f:64:74:e0:47:25:8f:66:5e:a7:8a:45:
84:be:1f:e5:b4:26:b9:53:c2:d8:50:35:5b:90:73:b8:f1:cc:
b6:a8:1c:50:58:38:f2:25:61:58:a6:a7:53:6b:b0:45:24:9a:
d9:02:d6:cc:cb:9e:9d:b1:6b:31:80:6f:88:9a:de:e6:ad:48:
b7:b0:bc:d8:2b:83:da:c3:7b:b0:89:30:75:74:6f:06:94:59:
04:94:dc:7e:dc:b0:a1:fc:bc:bc:8c:00:a2:27:c8:aa:32:b5:
43:25:12:17:04:4c:33:51:28:cc:ae:7c:2d:dd:b5:08:a0:76:
0c:7e:8f:db:23:b0:b9:dd:02:41:62:6b:67:36:64:e9:f4:c8:
c8:6f:e3:57:a2:96:dc:fa:15:9d:76:66:41:eb:23:7a:c8:a6:
9f:91:06:aa:9b:61:4e:19:23:70:f1:c4:ea:31:8a:cb:5f:5d:
46:40:d8:69:fd:39:8e:c4:35:46:7b:42:5d:65:d0:70:58:3e:
cb:c0:b5:04:55:1a:75:85:17:45:70:8f:2f:9c:de:7e:4e:1b:
9b:9b:d5:9c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZl2hmcK/v9k1Pz0cD5WDn/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwOTIzMTIyMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFlNGUwODFmMDlhNGM2MjNhMjkyYzM1NjRhY2E0MzAyYjY3NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq1PVzfT4/kOMmYIKRFEQc4FvSmU
c2vkid4GbzbRs9vbRP9DQevGbJZody9cuHHCVlOg4IncoU0XSMP8mb0npOR9SjsK
OIoOlKqkM7IoRQohLwzOl16d7XJFD2uyBje5WfLYkleAFW4pNTkvyeb8hkwN4C0H
4/btVayEEzemtC8v1kHxfHECbLcsy1V5cS5goLbygq6UbRxY91O5coRLbCBAJKRf
r2+1nq1txWNO2mozN6MzdabLDI4cwk+ZnJrYCU99WC5pLe3uHg44G/u+TLv80SI8
GsqGPAFvFJssBl6oV/zMcfuokkjLPDD+qJ0Cp++YJDIAxRftyY6CE1NgGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPoeTggfCaTGI6KSw1ZKykMCtnaTMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvMS1oNU9DQjhKcE1Zam9wTERWa3JLUXdLMmRwTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvMjQwMTVmLTA5MWMtNGM1ZC1iNWMxLWJjZjc3MDI2OTM5
ZC8xL3hrLWdyWW1IRko4RlUwY2t0Rm92VFY2X1IxMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoNjQQw
DQYJKoZIhvcNAQELBQADggEBAJ6d0e/VWEyHYcTjptikGBGLs4zFhMpY4lLE4V6v
ML/FZHYkaoKX5Z//2R9kdOBHJY9mXqeKRYS+H+W0JrlTwthQNVuQc7jxzLaoHFBY
OPIlYVimp1NrsEUkmtkC1szLnp2xazGAb4ia3uatSLewvNgrg9rDe7CJMHV0bwaU
WQSU3H7csKH8vLyMAKInyKoytUMlEhcETDNRKMyufC3dtQigdgx+j9sjsLndAkFi
a2c2ZOn0yMhv41eiltz6FZ12ZkHrI3rIpp+RBqqbYU4ZI3DxxOoxistfXUZA2Gn9
OY7ENUZ7Ql1l0HBYPsvAtQRVGnWFF0Vwjy+c3n5OG5ub1Zw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:28 2025 by rpki-client