Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQC2H5vkCNgVSJFUlzaPpZhCTa0.roa
File: AQC2H5vkCNgVSJFUlzaPpZhCTa0.roa (raw, json)
Hash identifier: 7NqPWN+oJGpSf9ndiZEaIls+fftZQv5sJkJicourqAo=
Subject key identifier: 01:00:B6:1F:9B:E4:08:D8:15:48:91:54:97:36:8F:A5:98:42:4D:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0198D5775B6A58D957BFB3945FDDEA7C573A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQC2H5vkCNgVSJFUlzaPpZhCTa0.roa
Signing time: Sat 23 Aug 2025 05:47:05 +0000
ROA not before: Sat 23 Aug 2025 05:47:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:6662::/48 maxlen: 48
2a10:ccc6:6666::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 19:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:77:5b:6a:58:d9:57:bf:b3:94:5f:dd:ea:7c:57:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 23 05:47:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0100b61f9be408d81548915497368fa598424dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:2a:8a:5d:31:a3:31:2b:31:9d:bd:fe:7c:
8d:79:f4:94:c5:dc:4a:da:18:3e:67:bb:d8:24:73:
82:fc:0f:85:6c:63:9d:ff:5d:08:5b:b4:f8:e7:a3:
67:94:1a:a0:78:b8:c0:fa:8a:54:0b:d6:ca:84:60:
ec:25:fe:48:74:90:b1:34:03:43:d4:c4:82:be:80:
ef:11:6c:e8:c7:20:48:d3:54:53:07:77:31:a7:4a:
de:93:e8:36:b1:15:b9:b6:d5:a5:97:61:b0:5c:31:
2b:68:43:a7:5d:c9:c6:ce:58:b9:cc:c0:ea:8b:53:
05:50:3e:8e:6b:d6:17:fa:b3:dc:0d:19:58:92:67:
5b:fc:4b:22:c5:1e:7a:d6:21:8b:68:89:c9:6c:48:
89:82:f0:74:71:c9:0e:8d:ae:0a:21:62:66:01:4a:
f5:bb:e4:8a:1b:cc:53:2d:d9:89:bd:c6:f9:31:87:
62:a3:1d:64:8f:80:71:42:5c:dc:62:cc:ca:1b:7c:
f1:58:37:14:50:e1:c8:6c:92:a7:26:eb:38:93:fd:
d0:f0:67:43:ed:f1:c6:68:d5:3f:48:97:72:ea:9b:
ed:b4:60:30:4a:a1:aa:cc:9b:2f:6f:7c:bc:66:2b:
08:6f:85:78:78:f4:9e:0d:48:d9:2b:d9:b3:89:12:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:00:B6:1F:9B:E4:08:D8:15:48:91:54:97:36:8F:A5:98:42:4D:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQC2H5vkCNgVSJFUlzaPpZhCTa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc6:6661::-2a10:ccc6:6662:ffff:ffff:ffff:ffff:ffff
2a10:ccc6:6666::/48
2a10:ccc6:666e::/47
Signature Algorithm: sha256WithRSAEncryption
5d:cd:09:65:35:df:0d:80:d3:1e:61:ac:86:a7:43:6a:91:26:
da:d9:54:68:41:fa:36:57:af:41:46:f0:e0:ea:d5:09:63:65:
f0:01:ac:19:6b:13:45:ee:98:b0:c0:01:95:3d:6e:b3:33:0b:
7f:c3:5f:c0:e1:96:bf:a0:fc:c1:17:56:c8:53:48:0a:42:45:
87:35:91:cf:6c:5a:26:62:9b:40:86:f1:09:fd:be:d9:00:25:
ac:cb:0a:26:8f:cc:f5:a0:da:d3:83:2e:de:db:98:12:be:da:
33:5c:a0:8e:23:f4:ce:ac:38:50:ce:36:41:e2:2e:a1:e2:b6:
20:61:30:5f:fc:51:ac:67:3c:92:24:ed:30:ca:53:ea:16:47:
06:35:f7:ed:8c:1c:42:91:a9:81:00:5b:b4:59:fa:ae:06:b8:
95:d6:82:d5:3f:f6:0d:c8:a6:a3:76:56:1c:7e:43:b6:0d:82:
ab:78:ee:ce:62:1e:89:af:8e:f0:79:6e:f5:31:33:d1:c3:86:
d8:0b:74:f7:d0:f3:a5:b9:11:9d:0e:e5:fc:bd:8b:0a:aa:c8:
9c:9f:c9:74:7d:e6:f1:a6:89:3f:4e:cc:22:23:74:ba:35:b5:
69:c8:5e:b8:63:05:ed:32:f5:3d:71:13:9c:51:27:4d:fe:0f:
01:53:21:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZjVd1tqWNlXv7OUX93qfFc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwODIzMDU0NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAwYjYxZjliZTQwOGQ4MTU0ODkxNTQ5NzM2OGZhNTk4NDI0ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSwqil0xozErMZ29/nyNefSUxdxK
2hg+Z7vYJHOC/A+FbGOd/10IW7T456NnlBqgeLjA+opUC9bKhGDsJf5IdJCxNAND
1MSCvoDvEWzoxyBI01RTB3cxp0rek+g2sRW5ttWll2GwXDEraEOnXcnGzli5zMDq
i1MFUD6Oa9YX+rPcDRlYkmdb/EsixR561iGLaInJbEiJgvB0cckOja4KIWJmAUr1
u+SKG8xTLdmJvcb5MYdiox1kj4BxQlzcYszKG3zxWDcUUOHIbJKnJus4k/3Q8GdD
7fHGaNU/SJdy6pvttGAwSqGqzJsvb3y8ZisIb4V4ePSeDUjZK9mziRL2AwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAEAth+b5AjYFUiRVJc2j6WYQk2tMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQVFDMkg1dmtDTmdWU0pGVWx6YVBwWmhDVGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwAqEMzG
ZmEDBwAqEMzGZmIDBwAqEMzGZmYDBwEqEMzGZm4wDQYJKoZIhvcNAQELBQADggEB
AF3NCWU13w2A0x5hrIanQ2qRJtrZVGhB+jZXr0FG8ODq1QljZfABrBlrE0XumLDA
AZU9brMzC3/DX8Dhlr+g/MEXVshTSApCRYc1kc9sWiZim0CG8Qn9vtkAJazLCiaP
zPWg2tODLt7bmBK+2jNcoI4j9M6sOFDONkHiLqHitiBhMF/8UaxnPJIk7TDKU+oW
RwY19+2MHEKRqYEAW7RZ+q4GuJXWgtU/9g3IpqN2Vhx+Q7YNgqt47s5iHomvjvB5
bvUxM9HDhtgLdPfQ86W5EZ0O5fy9iwqqyJyfyXR95vGmiT9OzCIjdLo1tWnIXrhj
Be0y9T1xE5xRJ03+DwFTIW4=
-----END CERTIFICATE-----
Generated at Sun Aug 24 05:14:59 2025 by rpki-client