Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/UOw4kvzOzwctaQndLqAt1sv8qe4.roa
File: UOw4kvzOzwctaQndLqAt1sv8qe4.roa (raw, json)
Hash identifier: qXueiBufxOI0tBPQ2snloT38d2A++KUpGiJMOc1dDIg=
Subject key identifier: 50:EC:38:92:FC:CE:CF:07:2D:69:09:DD:2E:A0:2D:D6:CB:FC:A9:EE
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0197AC0118F351B4A69882D5185141B167A7
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/UOw4kvzOzwctaQndLqAt1sv8qe4.roa
Signing time: Thu 26 Jun 2025 11:30:42 +0000
ROA not before: Thu 26 Jun 2025 11:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58285
IP address blocks: 2a0a:c8c0::/29 maxlen: 64
2a10:e980::/29 maxlen: 64
2a11:ef40::/29 maxlen: 64
2a12:ac0::/29 maxlen: 64
2a12:2a40::/29 maxlen: 64
2a12:33c0::/29 maxlen: 64
2a12:3b00::/29 maxlen: 64
2a12:3b80::/29 maxlen: 64
2a12:4d00::/29 maxlen: 64
2a12:4f80::/29 maxlen: 64
2a12:5a80::/29 maxlen: 64
2a12:6e80::/29 maxlen: 64
2a12:a400::/29 maxlen: 64
2a12:b980::/29 maxlen: 64
2a12:cd80::/29 maxlen: 64
2a12:dd80::/29 maxlen: 64
2a12:f400::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:01:18:f3:51:b4:a6:98:82:d5:18:51:41:b1:67:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 26 11:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ec3892fccecf072d6909dd2ea02dd6cbfca9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:c4:f0:5a:f6:46:63:e2:76:55:34:44:61:
fc:d0:8d:f2:0f:2a:62:96:f0:77:e1:9e:d5:77:26:
ca:43:ec:bc:4d:0a:8c:54:10:c9:f1:00:d9:44:93:
c4:7c:b9:63:0b:9a:79:e7:b2:6c:f3:47:4c:e3:9a:
1a:52:b6:c8:f0:92:7c:69:f4:37:ad:c4:a3:76:d8:
76:e8:d1:4e:36:76:3d:5b:bd:2a:c5:ed:21:c9:e8:
83:2b:4c:b3:a4:28:fe:2c:ba:ee:66:8e:2e:f5:34:
86:0f:38:62:62:9b:3b:07:e5:e2:99:2f:5c:ec:35:
2b:7d:ce:b1:42:2b:62:c7:48:fc:fb:81:04:c6:9e:
ca:ce:c7:91:12:3a:be:ae:e9:6d:c8:16:b2:e2:b5:
e0:fd:e1:ff:0e:da:0a:5a:bc:57:be:a3:40:c4:51:
48:3d:17:90:55:19:45:9b:54:e7:f0:e2:f1:d9:fd:
44:a3:99:10:d2:b8:94:87:60:33:07:28:59:41:fd:
db:0c:92:13:a1:a3:a6:86:83:1f:c7:3f:72:61:6e:
c3:f2:1f:d9:08:35:8b:71:33:81:a3:a4:19:fd:bf:
37:e0:77:1a:75:b0:f3:50:d4:52:06:47:33:09:be:
ad:95:67:f3:53:d2:44:f8:dd:bb:df:ad:5e:20:fb:
83:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EC:38:92:FC:CE:CF:07:2D:69:09:DD:2E:A0:2D:D6:CB:FC:A9:EE
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/UOw4kvzOzwctaQndLqAt1sv8qe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c8c0::/29
2a10:e980::/29
2a11:ef40::/29
2a12:ac0::/29
2a12:2a40::/29
2a12:33c0::/29
2a12:3b00::/29
2a12:3b80::/29
2a12:4d00::/29
2a12:4f80::/29
2a12:5a80::/29
2a12:6e80::/29
2a12:a400::/29
2a12:b980::/29
2a12:cd80::/29
2a12:dd80::/29
2a12:f400::/29
Signature Algorithm: sha256WithRSAEncryption
66:d5:52:9e:1d:a2:3e:ab:f5:8d:1c:36:66:fe:ba:bb:6f:08:
89:fe:8a:02:23:1a:bc:43:54:98:fb:35:b4:63:ad:5e:f3:0a:
8d:1c:4e:61:42:c1:d7:db:0d:3f:a9:b9:96:c8:f5:05:72:85:
6e:28:96:4f:88:cb:51:59:38:0a:07:e5:e6:00:98:d3:da:1f:
63:7e:8c:de:0c:83:af:19:d8:08:be:8b:16:1e:4f:48:e7:bd:
f3:0a:6a:15:9a:04:c2:9c:8d:35:dc:a6:0f:2f:28:a2:81:e4:
e5:0e:03:b7:cc:cd:b3:c9:bd:66:f2:03:51:42:a4:0b:3e:c7:
30:f7:53:75:53:8d:e4:d2:41:33:42:e0:b9:be:0c:36:b4:9d:
90:75:e6:32:e0:42:5f:b8:03:51:18:01:d3:e4:23:69:e0:18:
82:4d:c7:85:58:a0:56:4e:e3:e8:64:d4:45:70:d4:07:54:69:
4b:c3:8d:cc:4a:c4:83:fa:fb:36:ec:a9:6e:2f:83:c2:f7:74:
ac:77:4a:d9:dc:a9:f5:4a:58:19:9d:8e:7a:da:70:d4:fb:0f:
a1:d6:0b:e3:31:19:65:39:2f:27:f8:df:30:3b:cc:e2:73:ee:
20:17:11:75:04:f1:d0:e6:39:9e:bd:8f:1c:fd:83:91:c3:e4:
1f:7e:e0:1b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZesARjzUbSmmILVGFFBsWenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNjI2MTEzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVjMzg5MmZjY2VjZjA3MmQ2OTA5ZGQyZWEwMmRkNmNiZmNhOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FnE8Fr2RmPidlU0RGH80I3yDypi
lvB34Z7VdybKQ+y8TQqMVBDJ8QDZRJPEfLljC5p557Js80dM45oaUrbI8JJ8afQ3
rcSjdth26NFONnY9W70qxe0hyeiDK0yzpCj+LLruZo4u9TSGDzhiYps7B+XimS9c
7DUrfc6xQitix0j8+4EExp7KzseREjq+rultyBay4rXg/eH/DtoKWrxXvqNAxFFI
PReQVRlFm1Tn8OLx2f1Eo5kQ0riUh2AzByhZQf3bDJIToaOmhoMfxz9yYW7D8h/Z
CDWLcTOBo6QZ/b834HcadbDzUNRSBkczCb6tlWfzU9JE+N27361eIPuDEwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFFDsOJL8zs8HLWkJ3S6gLdbL/KnuMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvVU93NGt2ek96d2N0YVFuZExxQXQxc3Y4cWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MH0EAgACMHcDBQMqCsjA
AwUDKhDpgAMFAyoR70ADBQMqEgrAAwUDKhIqQAMFAyoSM8ADBQMqEjsAAwUDKhI7
gAMFAyoSTQADBQMqEk+AAwUDKhJagAMFAyoSboADBQMqEqQAAwUDKhK5gAMFAyoS
zYADBQMqEt2AAwUDKhL0ADANBgkqhkiG9w0BAQsFAAOCAQEAZtVSnh2iPqv1jRw2
Zv66u28Iif6KAiMavENUmPs1tGOtXvMKjRxOYULB19sNP6m5lsj1BXKFbiiWT4jL
UVk4Cgfl5gCY09ofY36M3gyDrxnYCL6LFh5PSOe98wpqFZoEwpyNNdymDy8oooHk
5Q4Dt8zNs8m9ZvIDUUKkCz7HMPdTdVON5NJBM0Lgub4MNrSdkHXmMuBCX7gDURgB
0+QjaeAYgk3HhVigVk7j6GTURXDUB1RpS8ONzErEg/r7Nuypbi+Dwvd0rHdK2dyp
9UpYGZ2Oetpw1PsPodYL4zEZZTkvJ/jfMDvM4nPuIBcRdQTx0OY5nr2PHP2DkcPk
H37gGw==
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:11:23 2025 by rpki-client