Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RDbz72Lc_hgeK2gYY6J4X0b11nY.roa
File: RDbz72Lc_hgeK2gYY6J4X0b11nY.roa (raw, json)
Hash identifier: JEp8CjIkonel4ekErE9NXpk8F93vdHyh9hKhXSpNsMs=
Subject key identifier: 44:36:F3:EF:62:DC:FE:18:1E:2B:68:18:63:A2:78:5F:46:F5:D6:76
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0197C7CAC50A26BB5DDFA93421ACF90E3E68
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RDbz72Lc_hgeK2gYY6J4X0b11nY.roa
Signing time: Tue 01 Jul 2025 21:00:44 +0000
ROA not before: Tue 01 Jul 2025 21:00:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211626
IP address blocks: 2a0e:97c0:930::/44 maxlen: 48
2a0e:97c0:930::/48 maxlen: 48
2a0e:97c0:931::/48 maxlen: 48
2a0e:97c0:932::/48 maxlen: 48
2a0e:97c0:933::/48 maxlen: 48
2a0e:97c0:934::/48 maxlen: 48
2a0e:97c0:935::/48 maxlen: 48
2a0e:97c0:936::/48 maxlen: 48
2a0e:97c0:937::/48 maxlen: 48
2a0e:97c0:938::/48 maxlen: 48
2a0e:97c0:939::/48 maxlen: 48
2a0e:97c0:93a::/48 maxlen: 48
2a0e:97c0:93b::/48 maxlen: 48
2a0e:97c0:93c::/48 maxlen: 48
2a0e:97c0:93d::/48 maxlen: 48
2a0e:97c0:93e::/48 maxlen: 48
2a0e:97c0:93f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:ca:c5:0a:26:bb:5d:df:a9:34:21:ac:f9:0e:3e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 1 21:00:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4436f3ef62dcfe181e2b681863a2785f46f5d676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:03:84:74:b1:86:9a:5b:5b:61:75:8e:cd:
ec:66:a7:28:e9:b8:20:5a:68:d3:7d:3e:f3:75:ec:
eb:78:63:07:47:6f:de:0b:27:17:5f:5c:a8:e2:c6:
58:32:5d:af:79:a3:6f:49:6a:ac:c8:65:71:11:2f:
68:50:08:25:6f:cc:2a:b5:c9:4e:8b:02:7a:79:3d:
59:a0:38:c5:5c:d3:6c:ab:0d:2a:72:7a:af:d4:ea:
be:49:bf:8f:aa:e8:31:2a:27:a1:cf:c5:e2:f9:db:
7b:47:65:b7:cf:87:70:1a:4b:e5:a8:7b:91:5e:19:
14:7e:fa:30:fd:e9:55:ff:a3:45:ac:1e:89:4d:11:
d3:d7:e3:48:8c:df:78:e8:6c:d3:9f:fe:a8:2a:7a:
55:63:af:5b:fa:6e:a3:67:7c:43:d5:e5:0a:1d:aa:
a0:28:be:0d:14:85:15:80:3c:6b:0a:20:29:a3:21:
d5:42:9a:4f:a6:fa:c1:bb:39:3e:98:5f:0d:67:56:
ed:b9:79:3f:3f:fd:bf:3f:05:22:a1:e4:ed:26:cf:
08:c0:9b:2f:57:45:90:79:4a:cd:b1:92:b4:14:64:
dd:6e:5b:0a:9a:6b:ef:2c:81:f9:28:6c:89:20:ee:
19:49:1b:bf:93:d8:c1:0e:be:01:85:25:b3:ec:8b:
45:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:36:F3:EF:62:DC:FE:18:1E:2B:68:18:63:A2:78:5F:46:F5:D6:76
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RDbz72Lc_hgeK2gYY6J4X0b11nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:930::/44
Signature Algorithm: sha256WithRSAEncryption
25:f7:22:50:12:0f:1f:54:07:c1:60:6a:0d:67:31:8d:1b:ab:
3e:18:77:52:71:cf:e8:dc:34:8b:db:de:40:13:03:3d:eb:a9:
b7:08:ee:61:4c:f6:55:dd:b6:bc:7d:5a:e9:f7:da:6d:97:fc:
45:2b:a7:2d:66:b2:9b:5e:6d:41:40:28:60:97:be:7b:dd:f7:
15:62:47:31:30:4c:42:1e:82:9b:82:03:b9:94:d2:3e:4e:91:
49:89:59:23:fb:86:5d:5f:e3:27:d5:b5:98:a9:9b:aa:32:a7:
46:54:b0:cc:55:60:04:87:aa:a4:79:f7:6e:00:ad:b5:64:ac:
a8:7f:b7:91:66:5e:23:a7:40:af:16:15:3a:c2:22:49:89:7b:
b6:86:03:0e:fb:32:42:f5:14:40:78:00:ff:35:a1:02:a1:4d:
b4:7f:d3:da:a2:f7:1d:ea:0d:70:7d:81:80:a9:6d:bc:e6:67:
e6:70:92:0c:c3:90:6d:18:d5:42:1e:e5:e6:12:c1:7e:bd:fe:
cb:e7:37:5e:eb:0b:42:1c:26:47:23:60:0e:8e:b1:c6:10:67:
b3:1b:2f:8f:19:05:51:0e:c3:fc:94:fc:16:17:fd:02:15:12:
28:59:a2:56:b7:a5:ba:47:b4:79:73:22:0b:5a:6e:ec:b1:c1:
6b:a6:8a:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZfHysUKJrtd36k0Iaz5Dj5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNzAxMjEwMDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM2ZjNlZjYyZGNmZTE4MWUyYjY4MTg2M2EyNzg1ZjQ2ZjVkNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA8DhHSxhppbW2F1js3sZqco6bgg
WmjTfT7zdezreGMHR2/eCycXX1yo4sZYMl2veaNvSWqsyGVxES9oUAglb8wqtclO
iwJ6eT1ZoDjFXNNsqw0qcnqv1Oq+Sb+PqugxKiehz8Xi+dt7R2W3z4dwGkvlqHuR
XhkUfvow/elV/6NFrB6JTRHT1+NIjN946GzTn/6oKnpVY69b+m6jZ3xD1eUKHaqg
KL4NFIUVgDxrCiApoyHVQppPpvrBuzk+mF8NZ1btuXk/P/2/PwUioeTtJs8IwJsv
V0WQeUrNsZK0FGTdblsKmmvvLIH5KGyJIO4ZSRu/k9jBDr4BhSWz7ItFUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEQ28+9i3P4YHitoGGOieF9G9dZ2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUkRiejcyTGNfaGdlSzJnWVk2SjRYMGIxMW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAkw
MA0GCSqGSIb3DQEBCwUAA4IBAQAl9yJQEg8fVAfBYGoNZzGNG6s+GHdScc/o3DSL
295AEwM966m3CO5hTPZV3ba8fVrp99ptl/xFK6ctZrKbXm1BQChgl7573fcVYkcx
MExCHoKbggO5lNI+TpFJiVkj+4ZdX+Mn1bWYqZuqMqdGVLDMVWAEh6qkefduAK21
ZKyof7eRZl4jp0CvFhU6wiJJiXu2hgMO+zJC9RRAeAD/NaECoU20f9Paovcd6g1w
fYGAqW285mfmcJIMw5BtGNVCHuXmEsF+vf7L5zde6wtCHCZHI2AOjrHGEGezGy+P
GQVRDsP8lPwWF/0CFRIoWaJWt6W6R7R5cyILWm7sscFrpoqk
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:46:44 2025 by rpki-client