Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/CFOuV8fpcxnGzEuC_ucXBsZq38A.roa
File: CFOuV8fpcxnGzEuC_ucXBsZq38A.roa (raw, json)
Hash identifier: nqyeN1BeoqMdgnwzZxWf66kOk/0Ld9KEwcCrmxF0ReQ=
Subject key identifier: 08:53:AE:57:C7:E9:73:19:C6:CC:4B:82:FE:E7:17:06:C6:6A:DF:C0
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0198A46981D14DC5268AB20BD392FD0E04BB
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/CFOuV8fpcxnGzEuC_ucXBsZq38A.roa
Signing time: Wed 13 Aug 2025 17:10:34 +0000
ROA not before: Wed 13 Aug 2025 17:10:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41798
IP address blocks: 170.168.33.0/24 maxlen: 24
170.168.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a4:69:81:d1:4d:c5:26:8a:b2:0b:d3:92:fd:0e:04:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Aug 13 17:10:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0853ae57c7e97319c6cc4b82fee71706c66adfc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ab:13:f0:fa:7a:31:32:6a:69:27:c4:04:c6:
53:09:43:7d:5c:9a:04:34:fa:f3:13:f9:a0:ed:c1:
7b:0f:cc:03:0a:c9:01:18:2c:41:5d:cb:25:44:de:
66:cf:82:4c:d4:36:80:0c:e7:4b:6d:79:04:07:a8:
4c:7d:43:15:c1:d1:94:d7:f1:a8:09:b5:a7:13:14:
3b:36:64:b2:36:94:45:18:67:ff:db:a0:35:f2:89:
0b:46:0b:96:e9:77:98:1f:f0:5c:5d:8f:bf:4b:93:
61:4e:c7:78:3f:a6:c7:3a:c2:1b:ac:b9:1d:f1:d8:
07:20:19:46:73:27:3f:5a:07:db:b8:21:c4:ca:63:
34:8c:91:44:15:f4:11:84:d1:af:9c:51:99:ac:be:
db:69:4a:54:3d:b1:bc:f0:46:e0:cf:61:7d:c0:92:
b9:27:1c:04:a7:43:5a:17:11:3f:31:c0:aa:60:45:
e4:38:b4:2f:5a:35:a4:b2:2f:62:80:73:3e:ae:03:
74:f8:e3:63:db:29:65:61:38:61:24:81:5b:ae:7a:
78:58:f4:34:3c:29:ca:98:94:ee:4e:ff:74:a2:0d:
eb:ca:7d:c6:fa:4b:37:4f:01:41:90:db:16:91:0c:
b1:ba:27:1a:fe:d5:52:4d:e2:b5:b7:f6:22:01:bd:
0d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:53:AE:57:C7:E9:73:19:C6:CC:4B:82:FE:E7:17:06:C6:6A:DF:C0
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/CFOuV8fpcxnGzEuC_ucXBsZq38A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.33.0-170.168.34.255
Signature Algorithm: sha256WithRSAEncryption
48:07:cc:9e:7c:a1:cc:a9:b5:6e:e4:09:04:27:14:e5:1f:6e:
7d:73:5f:14:a6:ae:e9:f9:19:6d:20:48:b4:54:53:e0:9c:d7:
74:6a:13:3d:9e:fd:bd:52:01:8b:76:10:e3:06:e6:58:8e:03:
85:1e:f1:bf:da:8e:5e:3a:3c:41:97:06:e7:f5:59:46:68:39:
8a:35:1e:d0:85:b2:b5:12:72:33:35:d6:46:ed:2b:e1:91:2a:
ce:35:fc:d5:d4:98:ff:24:2e:a1:0b:c0:93:05:d9:7c:34:81:
ad:67:70:0b:ed:79:2f:13:15:54:2c:4b:38:b1:a1:02:98:24:
ff:35:09:08:14:d0:a8:ae:f2:4a:bd:eb:7f:e9:dc:4a:56:de:
66:e8:48:d0:0a:2e:61:62:35:56:b0:9b:f3:61:fe:a8:ff:3b:
d1:c5:4c:42:1a:7c:64:89:72:52:6e:9f:9a:e1:f8:de:ed:13:
eb:d1:12:ef:42:ee:05:cc:62:7b:86:e4:dd:79:66:d1:22:18:
d2:33:25:70:13:02:73:e1:74:98:ef:e8:be:68:7a:16:d2:cf:
dc:0a:de:1c:5c:0b:6a:74:07:38:5d:54:d7:b5:b6:a9:35:95:
e4:00:ca:4e:a9:f8:fe:ca:3e:f4:a7:01:b5:37:bd:ea:11:39:
4b:c1:f4:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZikaYHRTcUmirIL05L9DgS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwODEzMTcxMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUzYWU1N2M3ZTk3MzE5YzZjYzRiODJmZWU3MTcwNmM2NmFkZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiasT8Pp6MTJqaSfEBMZTCUN9XJoE
NPrzE/mg7cF7D8wDCskBGCxBXcslRN5mz4JM1DaADOdLbXkEB6hMfUMVwdGU1/Go
CbWnExQ7NmSyNpRFGGf/26A18okLRguW6XeYH/BcXY+/S5NhTsd4P6bHOsIbrLkd
8dgHIBlGcyc/WgfbuCHEymM0jJFEFfQRhNGvnFGZrL7baUpUPbG88Ebgz2F9wJK5
JxwEp0NaFxE/McCqYEXkOLQvWjWksi9igHM+rgN0+ONj2yllYThhJIFbrnp4WPQ0
PCnKmJTuTv90og3ryn3G+ks3TwFBkNsWkQyxuica/tVSTeK1t/YiAb0N6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAhTrlfH6XMZxsxLgv7nFwbGat/AMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvQ0ZPdVY4ZnBjeG5HekV1Q191Y1hCc1pxMzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACqqCED
BACqqCIwDQYJKoZIhvcNAQELBQADggEBAEgHzJ58ocyptW7kCQQnFOUfbn1zXxSm
run5GW0gSLRUU+Cc13RqEz2e/b1SAYt2EOMG5liOA4Ue8b/ajl46PEGXBuf1WUZo
OYo1HtCFsrUScjM11kbtK+GRKs41/NXUmP8kLqELwJMF2Xw0ga1ncAvteS8TFVQs
SzixoQKYJP81CQgU0Kiu8kq963/p3EpW3mboSNAKLmFiNVawm/Nh/qj/O9HFTEIa
fGSJclJun5rh+N7tE+vREu9C7gXMYnuG5N15ZtEiGNIzJXATAnPhdJjv6L5oehbS
z9wK3hxcC2p0BzhdVNe1tqk1leQAyk6p+P7KPvSnAbU3veoROUvB9Lo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:58:08 2025 by rpki-client