Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/G1pM7rGe9YPKBOchWvab169eYw0.roa
File: G1pM7rGe9YPKBOchWvab169eYw0.roa (raw, json)
Hash identifier: blXQVbbPVhUTrqvwT6N6K2mjBPsI8Qpry2oMLXvaZX8=
Subject key identifier: 1B:5A:4C:EE:B1:9E:F5:83:CA:04:E7:21:5A:F6:9B:D7:AF:5E:63:0D
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01978EA4EFDD5919E0E09D63A4B4C6899BF3
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/G1pM7rGe9YPKBOchWvab169eYw0.roa
Signing time: Fri 20 Jun 2025 18:41:03 +0000
ROA not before: Fri 20 Jun 2025 18:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30788
IP address blocks: 2a09:8b80::/29 maxlen: 29
2a0e:6740::/29 maxlen: 29
2a0e:c440::/29 maxlen: 29
2a12:1a40::/29 maxlen: 29
2a12:2e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8e:a4:ef:dd:59:19:e0:e0:9d:63:a4:b4:c6:89:9b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jun 20 18:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b5a4ceeb19ef583ca04e7215af69bd7af5e630d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:13:c6:13:f0:f4:a0:f6:ed:2a:a3:91:f8:
75:c9:4b:31:22:31:a2:05:17:84:da:ec:57:a5:d0:
4a:69:62:fb:57:79:0d:03:ce:cb:b1:4a:ad:4b:7b:
2c:26:11:24:54:9e:c4:e6:2b:40:59:12:04:50:3f:
23:01:95:41:03:80:5d:bd:40:ac:1f:d4:3a:d4:f9:
79:e1:de:98:75:85:ad:68:99:eb:b8:fb:92:b2:eb:
36:34:08:f1:c8:0f:47:09:23:70:1b:62:06:8f:13:
77:d1:8b:0d:fc:d1:5a:e4:fb:c2:57:fe:eb:97:1b:
81:34:0a:fc:0b:34:fa:72:e5:be:35:e3:a5:e0:92:
4f:fa:87:05:db:12:01:d8:78:df:b7:f0:e0:bd:ee:
d0:8c:02:70:21:a1:8e:6a:5b:1d:bd:b2:eb:6f:b7:
fe:b1:db:9b:33:87:40:f7:0e:d6:e5:17:dd:e1:de:
45:1c:3e:eb:1d:58:06:57:5e:27:27:4f:c3:37:89:
88:e0:4b:82:6b:51:06:17:42:72:ba:73:70:fb:9d:
d6:2f:b2:03:19:f2:1a:e1:7a:eb:e5:63:70:17:c8:
d0:be:78:ce:fe:ba:e2:4e:90:b8:83:90:9f:5c:76:
ed:36:1c:ab:1e:0d:6c:42:0b:39:88:57:de:15:15:
de:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5A:4C:EE:B1:9E:F5:83:CA:04:E7:21:5A:F6:9B:D7:AF:5E:63:0D
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/G1pM7rGe9YPKBOchWvab169eYw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b80::/29
2a0e:6740::/29
2a0e:c440::/29
2a12:1a40::/29
2a12:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:16:d7:60:61:5d:96:a6:52:dd:26:ed:ab:97:fd:f4:4b:89:
d0:48:6a:87:a1:68:eb:c5:0b:86:0b:8d:aa:66:f1:ca:e9:63:
f6:bd:37:00:4d:af:7d:e3:2d:4e:4b:33:10:8e:7a:ca:bd:0e:
5b:fe:d6:19:e8:cf:9b:86:28:05:02:ef:bf:fd:fa:12:53:15:
ac:eb:3d:c3:d2:cf:75:c1:f8:79:6b:1f:c0:bb:bb:41:95:b3:
51:cc:d2:db:43:6f:0b:0d:9d:37:16:c2:11:72:c8:f1:8b:5c:
5f:9a:90:88:f7:16:d5:b8:1f:78:4b:96:e9:bf:45:47:c1:ec:
a6:ce:2b:18:95:15:68:94:e0:e6:59:a9:65:18:b0:e1:16:f4:
53:6b:ff:62:bd:31:a1:ac:11:65:b3:43:67:0c:99:38:99:2c:
4c:26:dd:f7:b8:91:d2:53:2b:47:12:89:41:38:5e:e3:8f:82:
24:1b:7b:cd:0f:97:02:26:02:28:f3:5a:60:f1:d7:f7:97:9f:
2d:9f:5c:34:b2:26:66:de:c5:b8:b2:c3:25:84:6a:aa:4d:99:
77:d7:86:22:a4:30:24:5b:e1:9e:ca:c6:78:cc:ae:10:f7:d3:
5b:00:07:18:eb:5d:f8:18:6a:54:86:df:43:5d:f1:50:e7:ae:
9c:c8:80:4e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZeOpO/dWRng4J1jpLTGiZvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNjIwMTg0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjVhNGNlZWIxOWVmNTgzY2EwNGU3MjE1YWY2OWJkN2FmNWU2MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA4TxhPw9KD27Sqjkfh1yUsxIjGi
BReE2uxXpdBKaWL7V3kNA87LsUqtS3ssJhEkVJ7E5itAWRIEUD8jAZVBA4BdvUCs
H9Q61Pl54d6YdYWtaJnruPuSsus2NAjxyA9HCSNwG2IGjxN30YsN/NFa5PvCV/7r
lxuBNAr8CzT6cuW+NeOl4JJP+ocF2xIB2Hjft/Dgve7QjAJwIaGOalsdvbLrb7f+
sdubM4dA9w7W5Rfd4d5FHD7rHVgGV14nJ0/DN4mI4EuCa1EGF0JyunNw+53WL7ID
GfIa4Xrr5WNwF8jQvnjO/rriTpC4g5CfXHbtNhyrHg1sQgs5iFfeFRXe8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBtaTO6xnvWDygTnIVr2m9evXmMNMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvRzFwTTdyR2U5WVBLQk9jaFd2YWIxNjllWXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgmLgAMF
AyoOZ0ADBQMqDsRAAwUDKhIaQAMFAyoSLkAwDQYJKoZIhvcNAQELBQADggEBAB8W
12BhXZamUt0m7auX/fRLidBIaoehaOvFC4YLjapm8crpY/a9NwBNr33jLU5LMxCO
esq9Dlv+1hnoz5uGKAUC77/9+hJTFazrPcPSz3XB+HlrH8C7u0GVs1HM0ttDbwsN
nTcWwhFyyPGLXF+akIj3FtW4H3hLlum/RUfB7KbOKxiVFWiU4OZZqWUYsOEW9FNr
/2K9MaGsEWWzQ2cMmTiZLEwm3fe4kdJTK0cSiUE4XuOPgiQbe80PlwImAijzWmDx
1/eXny2fXDSyJmbexbiywyWEaqpNmXfXhiKkMCRb4Z7KxnjMrhD301sABxjrXfgY
alSG30Nd8VDnrpzIgE4=
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:03:08 2025 by rpki-client