Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pr_oCNsxUhUvFa9uHooeQOD7vg4.roa
File: pr_oCNsxUhUvFa9uHooeQOD7vg4.roa (raw, json)
Hash identifier: 3T+OIQNg5frCFwuKT42gDLFrhAbM5VEukXcJ7MDRfrM=
Subject key identifier: A6:BF:E8:08:DB:31:52:15:2F:15:AF:6E:1E:8A:1E:40:E0:FB:BE:0E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01977B3371A08099637FD4952D0334254854
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pr_oCNsxUhUvFa9uHooeQOD7vg4.roa
Signing time: Tue 17 Jun 2025 00:04:18 +0000
ROA not before: Tue 17 Jun 2025 00:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213639
IP address blocks: 2a0e:97c0:6e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7b:33:71:a0:80:99:63:7f:d4:95:2d:03:34:25:48:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 17 00:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6bfe808db3152152f15af6e1e8a1e40e0fbbe0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7c:30:66:8d:6b:35:f6:85:6d:38:d2:a6:61:
e3:10:43:6d:75:ea:81:55:ca:66:40:ea:83:db:b6:
3c:90:41:a1:92:51:31:c7:60:ea:94:09:5c:08:98:
fa:9c:23:b1:16:20:0c:c8:b5:b2:05:2d:f5:74:20:
fe:07:8c:e6:90:f9:5e:e2:6d:2c:d9:12:bd:ab:da:
65:d0:b2:00:4b:2c:c4:01:36:0c:5b:2a:4d:d2:19:
0a:bd:de:f9:d8:95:e6:4d:c2:9a:69:2a:2b:1c:31:
a0:46:64:bc:98:a4:78:32:d2:cf:db:cd:af:75:3b:
ff:42:fa:35:0c:bf:ea:76:4f:7d:ae:dc:bf:15:1d:
78:dc:56:55:79:18:18:52:ae:a5:ac:7b:a9:3f:95:
4c:31:c2:8f:12:9e:c4:82:d0:b1:d9:30:f8:e3:ef:
38:0e:64:4d:40:4d:97:19:2e:d2:d9:9e:a8:f0:93:
67:10:3c:e6:6a:f7:32:be:1e:59:41:92:19:e8:d7:
d0:2c:53:01:86:a2:4b:ec:1c:ba:2a:89:1a:49:3b:
19:fd:d2:62:29:0e:3b:29:1d:78:e7:0e:64:41:ac:
37:a9:ff:2d:e3:0d:f6:08:64:ed:e0:c3:75:cd:cc:
fc:18:17:b5:88:6c:f1:7a:09:de:9f:1a:28:4f:9f:
be:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BF:E8:08:DB:31:52:15:2F:15:AF:6E:1E:8A:1E:40:E0:FB:BE:0E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pr_oCNsxUhUvFa9uHooeQOD7vg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6e0::/44
Signature Algorithm: sha256WithRSAEncryption
9e:4a:1c:b0:fe:37:91:e1:20:d0:53:fe:f2:33:2a:a1:98:ae:
f5:76:24:3c:33:24:53:22:07:28:ce:45:03:ac:a2:0d:55:f8:
10:2f:16:40:35:75:e8:c8:26:00:26:c5:f3:ee:b4:6a:c4:ec:
85:5b:07:37:61:7d:e6:c0:43:f2:9b:97:6c:e8:05:be:b2:a4:
d5:33:4f:10:82:e6:7c:61:8d:a6:98:f9:fd:95:17:ba:02:a8:
ee:64:17:22:5d:68:0f:47:74:74:bf:60:c5:c8:04:52:b6:64:
3f:97:1c:b8:7a:71:02:d2:82:fb:2d:2a:7f:b4:a8:fc:cf:4c:
d4:4b:06:cd:f1:7a:43:3e:7c:16:16:c7:16:c6:23:30:1c:70:
e8:95:88:f6:ac:24:19:d9:b6:83:e2:4f:b9:14:d6:dd:87:d2:
77:32:1f:81:b7:91:bf:41:f8:83:61:b8:1c:ae:d6:86:27:c0:
6d:dd:68:77:0d:81:87:ee:68:0d:6c:d4:3e:d7:9b:17:e7:0f:
f7:2f:5e:aa:d7:0a:16:3f:d6:4f:04:36:2f:87:fe:96:40:84:
d4:b4:97:7f:8d:7c:a0:61:7e:aa:42:d5:43:07:a8:34:8e:cc:
cc:1e:da:3f:ef:ef:d9:0c:25:1e:55:d2:c3:3c:8d:10:12:61:
9f:87:23:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZd7M3GggJljf9SVLQM0JUhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNjE3MDAwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJmZTgwOGRiMzE1MjE1MmYxNWFmNmUxZThhMWU0MGUwZmJiZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3wwZo1rNfaFbTjSpmHjEENtdeqB
VcpmQOqD27Y8kEGhklExx2DqlAlcCJj6nCOxFiAMyLWyBS31dCD+B4zmkPle4m0s
2RK9q9pl0LIASyzEATYMWypN0hkKvd752JXmTcKaaSorHDGgRmS8mKR4MtLP282v
dTv/Qvo1DL/qdk99rty/FR143FZVeRgYUq6lrHupP5VMMcKPEp7EgtCx2TD44+84
DmRNQE2XGS7S2Z6o8JNnEDzmavcyvh5ZQZIZ6NfQLFMBhqJL7By6KokaSTsZ/dJi
KQ47KR145w5kQaw3qf8t4w32CGTt4MN1zcz8GBe1iGzxegnenxooT5++cQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKa/6AjbMVIVLxWvbh6KHkDg+74OMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcHJfb0NOc3hVaFV2RmE5dUhvb2VRT0Q3dmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCeShyw/jeR4SDQU/7yMyqhmK71diQ8MyRTIgco
zkUDrKINVfgQLxZANXXoyCYAJsXz7rRqxOyFWwc3YX3mwEPym5ds6AW+sqTVM08Q
guZ8YY2mmPn9lRe6AqjuZBciXWgPR3R0v2DFyARStmQ/lxy4enEC0oL7LSp/tKj8
z0zUSwbN8XpDPnwWFscWxiMwHHDolYj2rCQZ2baD4k+5FNbdh9J3Mh+Bt5G/QfiD
YbgcrtaGJ8Bt3Wh3DYGH7mgNbNQ+15sX5w/3L16q1woWP9ZPBDYvh/6WQITUtJd/
jXygYX6qQtVDB6g0jszMHto/7+/ZDCUeVdLDPI0QEmGfhyNQ
-----END CERTIFICATE-----
Generated at Fri Jul 4 07:16:03 2025 by rpki-client