Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/0PkRQqHqT0a6bsiEmvNKZ2u90fc.roa
File: 0PkRQqHqT0a6bsiEmvNKZ2u90fc.roa (raw, json)
Hash identifier: tk4m734QXD32BGcDgVVUwRHKBUKEeCqV81ZeAOVwAk0=
Subject key identifier: D0:F9:11:42:A1:EA:4F:46:BA:6E:C8:84:9A:F3:4A:67:6B:BD:D1:F7
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0198C9E59A05F71E2A881E7072C8B6A127D4
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/0PkRQqHqT0a6bsiEmvNKZ2u90fc.roa
Signing time: Wed 20 Aug 2025 23:52:04 +0000
ROA not before: Wed 20 Aug 2025 23:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211798
IP address blocks: 2a03:5840:124::/48 maxlen: 48
2a03:5840:131::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c9:e5:9a:05:f7:1e:2a:88:1e:70:72:c8:b6:a1:27:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Aug 20 23:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0f91142a1ea4f46ba6ec8849af34a676bbdd1f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:18:b3:e9:46:a1:d8:5c:d9:d6:7a:6b:d6:ea:
c1:88:5c:d1:be:6d:cd:b1:90:2c:1d:ab:ef:ec:70:
1b:2f:cd:34:8e:55:55:89:ea:ff:26:b0:10:9d:d4:
12:65:20:18:5d:c8:a6:3a:e9:31:ed:76:a6:90:98:
10:c7:5a:36:cb:28:2e:26:94:26:2a:f0:4c:20:5d:
1e:06:c0:15:65:b9:15:c5:b9:40:01:d2:cf:7d:cd:
b3:50:bc:66:37:d8:be:bf:9d:60:ee:35:20:a4:3b:
32:1f:c5:8c:d6:62:3e:b2:0e:b4:9f:85:05:59:9b:
e1:af:15:0e:a3:e6:a8:92:54:45:71:5b:8d:c4:3c:
81:cd:b6:35:86:1c:97:e7:37:c1:11:1c:6c:62:5c:
7c:e0:3d:d8:45:8e:97:ad:0a:24:ec:12:88:07:d5:
b9:a0:dc:74:00:ae:3b:ea:e6:27:0b:ba:07:1d:1f:
01:15:b7:97:7a:d4:1d:0f:ad:f2:3e:ba:c5:57:ab:
48:d0:c8:61:fb:97:3f:be:33:d5:b2:ef:bf:d5:7e:
7e:7a:71:07:be:c1:77:2c:57:11:b5:7c:9f:e6:e0:
61:14:d6:1d:1c:38:b7:4f:9a:e5:5b:fb:36:58:43:
4a:1b:ad:fb:2d:ec:ff:f7:2a:37:f9:70:e1:77:e4:
22:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F9:11:42:A1:EA:4F:46:BA:6E:C8:84:9A:F3:4A:67:6B:BD:D1:F7
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/0PkRQqHqT0a6bsiEmvNKZ2u90fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:124::/48
2a03:5840:131::/48
Signature Algorithm: sha256WithRSAEncryption
1e:eb:96:2a:e0:c8:6d:d8:61:4f:9b:86:6c:9d:41:91:29:08:
33:7c:2a:c1:cf:43:02:e4:b5:07:cd:92:0a:9c:ea:f2:1c:bc:
f0:7c:9b:b3:e5:37:48:18:28:23:0d:53:0d:f0:42:05:67:d8:
93:01:b5:da:42:7a:60:5c:b9:ed:78:56:2b:eb:fc:85:77:4d:
54:90:1c:17:ca:ff:c6:45:b3:15:cf:a5:3c:28:d7:3b:ec:3d:
84:70:a7:cd:c5:eb:82:9b:f6:26:53:df:4d:57:01:bf:7c:0e:
94:75:8c:e7:a0:65:a8:1f:e2:80:8c:92:9d:99:92:cd:b1:fc:
a0:f1:05:42:f8:ca:02:13:f1:e0:cc:90:5c:ea:e9:cc:f1:d2:
41:64:03:75:5c:1f:58:87:1f:16:41:05:83:f6:cb:68:3e:ed:
5b:23:61:62:b3:7a:27:d1:60:a5:f1:cf:1a:1e:7b:d4:34:db:
87:b9:af:cd:31:92:6c:91:b9:6b:b3:2a:9a:da:c5:5d:c5:a4:
dd:77:d5:c0:13:76:2b:4f:d5:09:76:0e:c5:1c:65:11:9b:68:
c0:5b:2c:49:42:f6:b7:cc:cc:15:75:ba:8f:75:ed:1d:90:a8:
71:02:f1:b2:6d:d9:c7:52:e1:2d:2d:1e:18:a1:79:ae:ec:3e:
a5:2d:91:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjJ5ZoF9x4qiB5wcsi2oSfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwODIwMjM1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY5MTE0MmExZWE0ZjQ2YmE2ZWM4ODQ5YWYzNGE2NzZiYmRkMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihiz6Uah2FzZ1npr1urBiFzRvm3N
sZAsHavv7HAbL800jlVVier/JrAQndQSZSAYXcimOukx7XamkJgQx1o2yyguJpQm
KvBMIF0eBsAVZbkVxblAAdLPfc2zULxmN9i+v51g7jUgpDsyH8WM1mI+sg60n4UF
WZvhrxUOo+aoklRFcVuNxDyBzbY1hhyX5zfBERxsYlx84D3YRY6XrQok7BKIB9W5
oNx0AK476uYnC7oHHR8BFbeXetQdD63yPrrFV6tI0Mhh+5c/vjPVsu+/1X5+enEH
vsF3LFcRtXyf5uBhFNYdHDi3T5rlW/s2WENKG637Lez/9yo3+XDhd+QicwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFND5EUKh6k9Gum7IhJrzSmdrvdH3MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMFBrUlFxSHFUMGE2YnNpRW12TktaMnU5MGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgNYQAEk
AwcAKgNYQAExMA0GCSqGSIb3DQEBCwUAA4IBAQAe65Yq4Mht2GFPm4ZsnUGRKQgz
fCrBz0MC5LUHzZIKnOryHLzwfJuz5TdIGCgjDVMN8EIFZ9iTAbXaQnpgXLnteFYr
6/yFd01UkBwXyv/GRbMVz6U8KNc77D2EcKfNxeuCm/YmU99NVwG/fA6UdYznoGWo
H+KAjJKdmZLNsfyg8QVC+MoCE/HgzJBc6unM8dJBZAN1XB9Yhx8WQQWD9stoPu1b
I2Fis3on0WCl8c8aHnvUNNuHua/NMZJskblrsyqa2sVdxaTdd9XAE3YrT9UJdg7F
HGURm2jAWyxJQva3zMwVdbqPde0dkKhxAvGybdnHUuEtLR4YoXmu7D6lLZGq
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:30:19 2025 by rpki-client