Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/6YptvqcamYTZ_KBTU9csAqY6tgo.roa
File: 6YptvqcamYTZ_KBTU9csAqY6tgo.roa (raw, json)
Hash identifier: b2mIkimTPZ7wOnnbfmxNhh6ixTmHJqic0dQrw6jmK+Y=
Subject key identifier: E9:8A:6D:BE:A7:1A:99:84:D9:FC:A0:53:53:D7:2C:02:A6:3A:B6:0A
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019981B2312E8161A79C403553B71C65D493
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/6YptvqcamYTZ_KBTU9csAqY6tgo.roa
Signing time: Thu 25 Sep 2025 16:26:02 +0000
ROA not before: Thu 25 Sep 2025 16:26:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 170.168.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:81:b2:31:2e:81:61:a7:9c:40:35:53:b7:1c:65:d4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Sep 25 16:26:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e98a6dbea71a9984d9fca05353d72c02a63ab60a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:58:b5:fa:ca:d4:1a:ff:3c:dc:60:6d:78:9d:
a4:f6:17:8d:61:44:b1:01:9e:14:e1:7d:17:cf:04:
c8:c9:31:57:86:96:56:7c:45:82:5e:57:9b:48:ae:
3a:2a:49:79:79:40:4c:53:2b:f9:c0:91:fe:68:41:
df:56:2d:d5:bb:85:a1:00:e7:53:f1:e8:eb:cb:07:
aa:5c:e4:5b:54:27:eb:b0:ab:10:ee:56:e8:4c:3e:
4e:b7:94:8c:db:76:53:7c:b6:ea:e6:96:cc:e6:7e:
7d:99:99:45:59:73:7f:57:e1:5e:e9:d3:e1:2d:c5:
cb:d9:9b:01:86:88:59:6d:ac:cc:19:b5:2e:4c:94:
03:bf:65:0b:a5:53:6f:bd:c3:cc:cc:3c:99:b8:d3:
f2:ce:0d:73:27:b6:dc:f4:0a:db:7d:95:af:8a:ac:
06:ec:7b:c2:f8:3a:61:c9:cf:de:55:09:0d:b6:2d:
86:d8:dd:a9:50:0b:51:3f:aa:3e:bb:80:57:9d:1b:
e2:83:bf:89:23:17:d6:22:03:40:6a:7e:48:f5:23:
cc:ba:4f:a5:86:40:02:78:36:d5:db:bd:d1:16:4f:
47:b7:88:47:de:8f:3d:34:ba:80:e4:e1:8f:a9:db:
5f:48:03:0e:fd:9e:0d:22:de:23:44:00:a1:06:b4:
85:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8A:6D:BE:A7:1A:99:84:D9:FC:A0:53:53:D7:2C:02:A6:3A:B6:0A
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/6YptvqcamYTZ_KBTU9csAqY6tgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.136.0/22
Signature Algorithm: sha256WithRSAEncryption
64:7a:3c:ff:74:b5:c3:5b:32:95:29:65:71:bc:0d:20:ee:ee:
b6:3b:dd:4b:9c:9c:ac:c8:c6:a1:9f:e7:7d:e2:f7:9e:54:ce:
9e:a3:75:21:d8:dd:e7:6f:3f:34:1f:6e:fd:96:45:fc:f6:48:
a3:4f:4d:5f:7a:3e:85:19:79:49:1d:53:42:bc:4a:fc:12:70:
85:7f:08:7d:59:ac:f7:75:24:7c:15:d5:4d:94:fa:a0:1e:b7:
1d:e4:cc:f9:ed:df:b1:64:d7:79:f0:8b:83:d3:da:3a:cf:3c:
83:ec:08:1a:d4:a7:2a:a7:e6:f8:a8:57:b1:6f:41:c0:b9:27:
94:51:8e:81:88:78:1e:ff:6f:41:0a:af:b9:6a:7c:5b:63:17:
2f:74:ac:b7:62:95:5a:ea:a5:07:da:04:18:9b:40:90:0f:68:
bf:35:41:94:5d:97:38:58:1a:78:ee:4b:fe:b3:e6:cb:db:7d:
0c:8d:10:72:f4:f1:3d:76:42:14:35:08:a6:7f:aa:da:0c:50:
e8:89:0c:2b:39:e4:d1:1e:f7:ff:03:cc:30:8e:76:65:5a:ab:
bd:a7:33:c0:da:00:72:f1:46:a0:d2:e0:da:a9:7c:f2:ec:0d:
55:ce:d0:d9:91:82:85:63:c9:ad:28:a2:66:25:7e:71:08:d7:
1d:43:39:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmBsjEugWGnnEA1U7ccZdSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwOTI1MTYyNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThhNmRiZWE3MWE5OTg0ZDlmY2EwNTM1M2Q3MmMwMmE2M2FiNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1i1+srUGv883GBteJ2k9heNYUSx
AZ4U4X0XzwTIyTFXhpZWfEWCXlebSK46Kkl5eUBMUyv5wJH+aEHfVi3Vu4WhAOdT
8ejryweqXORbVCfrsKsQ7lboTD5Ot5SM23ZTfLbq5pbM5n59mZlFWXN/V+Fe6dPh
LcXL2ZsBhohZbazMGbUuTJQDv2ULpVNvvcPMzDyZuNPyzg1zJ7bc9ArbfZWviqwG
7HvC+Dphyc/eVQkNti2G2N2pUAtRP6o+u4BXnRvig7+JIxfWIgNAan5I9SPMuk+l
hkACeDbV273RFk9Ht4hH3o89NLqA5OGPqdtfSAMO/Z4NIt4jRAChBrSF+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmKbb6nGpmE2fygU1PXLAKmOrYKMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvNllwdHZxY2FtWVRaX0tCVFU5Y3NBcVk2dGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqqiIMA0G
CSqGSIb3DQEBCwUAA4IBAQBkejz/dLXDWzKVKWVxvA0g7u62O91LnJysyMahn+d9
4veeVM6eo3Uh2N3nbz80H279lkX89kijT01fej6FGXlJHVNCvEr8EnCFfwh9Waz3
dSR8FdVNlPqgHrcd5Mz57d+xZNd58IuD09o6zzyD7Aga1Kcqp+b4qFexb0HAuSeU
UY6BiHge/29BCq+5anxbYxcvdKy3YpVa6qUH2gQYm0CQD2i/NUGUXZc4WBp47kv+
s+bL230MjRBy9PE9dkIUNQimf6raDFDoiQwrOeTRHvf/A8wwjnZlWqu9pzPA2gBy
8Uag0uDaqXzy7A1VztDZkYKFY8mtKKJmJX5xCNcdQzml
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:59 2025 by rpki-client