Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kBunjbdijB2-hFhiwJTt25cFQ0.roa
File: 2kBunjbdijB2-hFhiwJTt25cFQ0.roa (raw, json)
Hash identifier: 6S6fKLl5wOueRy3JOQJdJsh+2ctFXVVUQlopZbVJ9ms=
Subject key identifier: DA:40:6E:9E:36:DD:8A:30:76:FA:11:61:8B:02:53:B7:6E:5C:15:0D
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019898D88A01BAAC7D86931C05CFB4A5EDAE
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kBunjbdijB2-hFhiwJTt25cFQ0.roa
Signing time: Mon 11 Aug 2025 11:16:24 +0000
ROA not before: Mon 11 Aug 2025 11:16:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205601
IP address blocks: 2a03:5840:12f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:d8:8a:01:ba:ac:7d:86:93:1c:05:cf:b4:a5:ed:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Aug 11 11:16:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da406e9e36dd8a3076fa11618b0253b76e5c150d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d1:a9:a9:99:ee:2b:8e:f2:ec:30:bf:ed:ae:
6e:ba:08:ad:f8:c2:a4:3d:47:80:53:ce:55:b2:6e:
cf:51:6c:f8:28:ef:06:16:4d:34:e3:60:9b:ef:3b:
7b:10:56:85:12:87:6c:f2:a5:ce:d9:8f:d3:4d:dc:
e1:69:16:4f:f5:98:a0:fa:2b:08:f2:58:1e:15:8f:
40:79:86:29:5a:51:66:56:44:9b:02:ab:aa:72:8c:
05:ba:f5:82:4f:1a:da:08:dd:a6:c3:33:13:f6:74:
3b:0b:a5:e6:b0:ea:0c:fb:d9:7e:ca:7e:53:5c:18:
02:90:0b:e2:21:fb:e8:ac:b1:fc:ee:0a:2e:fe:6a:
14:45:5a:c8:f3:34:27:03:ff:6d:26:cb:8e:ca:b9:
d4:37:ab:c1:33:b2:14:0a:d0:55:67:b1:61:7c:4d:
79:dc:09:68:b4:d8:48:44:cc:fc:1d:a5:99:e3:cf:
7e:99:4c:33:c9:b5:02:23:2c:fb:c7:03:0a:12:1d:
b6:1c:68:27:73:8f:6b:fa:00:81:5b:85:c5:d0:46:
52:d9:30:8b:1b:b1:73:95:dd:7e:ed:a2:82:82:c2:
2a:e1:b1:a4:d1:42:30:0e:63:ba:06:ed:d2:bd:70:
13:f3:80:6a:e1:52:7c:8a:b4:e7:fa:06:36:2b:a5:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:40:6E:9E:36:DD:8A:30:76:FA:11:61:8B:02:53:B7:6E:5C:15:0D
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kBunjbdijB2-hFhiwJTt25cFQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:12f::/48
Signature Algorithm: sha256WithRSAEncryption
a1:0f:00:28:ce:2a:87:54:2c:2d:09:40:8b:d8:0f:63:8b:38:
8e:3f:c7:1e:31:3c:ef:b0:bf:e0:e6:d8:53:b2:d4:0d:52:2c:
c5:f1:0f:53:af:4b:65:c5:73:d7:6c:13:41:33:49:a0:55:61:
8a:c1:87:3a:01:37:a4:e9:05:65:27:58:14:89:76:78:db:a4:
bd:b4:3f:1a:dc:3f:11:c1:fb:1d:46:8e:e3:8e:b0:77:bb:d9:
13:32:46:ce:31:85:d0:0d:a4:21:3a:5a:a2:6b:3d:fa:dc:c2:
d0:2c:16:8b:c2:6c:44:ab:97:fb:f9:73:ce:b8:f7:e3:9d:07:
13:4c:fc:b1:04:61:72:e2:55:8e:cd:8e:12:ce:a6:28:69:e7:
99:16:c9:25:ec:f5:2f:19:04:44:3c:6e:1b:c8:9a:70:1d:35:
15:a8:17:37:2c:cd:de:fb:31:7d:5a:e6:3b:a6:39:2f:87:f7:
21:f8:f3:32:dd:77:c1:8a:81:30:e9:2f:06:16:cc:f5:f6:c9:
45:bb:ab:24:fc:ad:27:0e:ff:84:f8:c9:06:e9:99:b5:5b:25:
55:f3:34:67:3b:71:c4:07:d0:db:78:1e:8b:e7:a6:be:06:64:
64:c7:cf:f7:ba:01:33:84:5a:fa:a3:7c:a6:d4:b3:3b:fd:d9:
9e:1c:03:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZiY2IoBuqx9hpMcBc+0pe2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwODExMTExNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQwNmU5ZTM2ZGQ4YTMwNzZmYTExNjE4YjAyNTNiNzZlNWMxNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9GpqZnuK47y7DC/7a5uugit+MKk
PUeAU85Vsm7PUWz4KO8GFk0042Cb7zt7EFaFEods8qXO2Y/TTdzhaRZP9Zig+isI
8lgeFY9AeYYpWlFmVkSbAquqcowFuvWCTxraCN2mwzMT9nQ7C6XmsOoM+9l+yn5T
XBgCkAviIfvorLH87gou/moURVrI8zQnA/9tJsuOyrnUN6vBM7IUCtBVZ7FhfE15
3AlotNhIRMz8HaWZ489+mUwzybUCIyz7xwMKEh22HGgnc49r+gCBW4XF0EZS2TCL
G7Fzld1+7aKCgsIq4bGk0UIwDmO6Bu3SvXAT84Bq4VJ8irTn+gY2K6WDPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNpAbp423YowdvoRYYsCU7duXBUNMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMmtCdW5qYmRpakIyLWhGaGl3SlR0MjVjRlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAEv
MA0GCSqGSIb3DQEBCwUAA4IBAQChDwAoziqHVCwtCUCL2A9jiziOP8ceMTzvsL/g
5thTstQNUizF8Q9Tr0tlxXPXbBNBM0mgVWGKwYc6ATek6QVlJ1gUiXZ426S9tD8a
3D8RwfsdRo7jjrB3u9kTMkbOMYXQDaQhOlqiaz363MLQLBaLwmxEq5f7+XPOuPfj
nQcTTPyxBGFy4lWOzY4SzqYoaeeZFskl7PUvGQREPG4byJpwHTUVqBc3LM3e+zF9
WuY7pjkvh/ch+PMy3XfBioEw6S8GFsz19slFu6sk/K0nDv+E+MkG6Zm1WyVV8zRn
O3HEB9DbeB6L56a+BmRkx8/3ugEzhFr6o3ym1LM7/dmeHAPT
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:27:49 2025 by rpki-client