Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Bbl9aEB1UwYWJMKzD5yOr9ypKNQ.roa
File: Bbl9aEB1UwYWJMKzD5yOr9ypKNQ.roa (raw, json)
Hash identifier: /nL0bbdYx/LePpl3wjyTgJClNXKHOsrE24L9uQq2+XQ=
Subject key identifier: 05:B9:7D:68:40:75:53:06:16:24:C2:B3:0F:9C:8E:AF:DC:A9:28:D4
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01995DBBB556830B8972EAB01AFF6BE8778C
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Bbl9aEB1UwYWJMKzD5yOr9ypKNQ.roa
Signing time: Thu 18 Sep 2025 16:50:06 +0000
ROA not before: Thu 18 Sep 2025 16:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 2a10:9600::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:bb:b5:56:83:0b:89:72:ea:b0:1a:ff:6b:e8:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Sep 18 16:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05b97d68407553061624c2b30f9c8eafdca928d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:10:48:80:0b:b6:ce:a2:98:9a:fc:db:76:3a:
ca:b2:ca:3f:df:6e:f3:cd:6e:39:5a:10:55:84:18:
74:f8:04:31:19:2d:d4:96:bd:99:f6:58:e1:b0:7f:
2b:d3:28:cb:3c:be:13:f8:e0:84:36:a9:15:ab:89:
ed:f0:19:e7:06:47:66:06:99:a8:52:94:46:fc:5a:
ec:01:fb:e6:77:b7:3b:dd:41:3b:fd:c9:a1:ca:61:
76:b1:0f:0c:aa:73:6c:e6:83:28:f7:c4:38:39:b2:
bb:3e:26:42:c1:f6:24:a1:98:74:8c:72:06:b0:9a:
61:8e:62:6e:f6:59:19:70:93:62:cd:9b:65:dd:af:
9b:17:4d:03:41:34:24:d1:4e:e1:3d:d9:45:00:bb:
33:c1:c2:12:ef:e7:0a:5e:a8:4b:09:b6:b3:8c:86:
4d:10:46:78:a0:61:f8:b9:95:a9:ba:ac:34:ca:98:
c7:fc:7f:c2:4e:96:d2:3d:48:18:a5:f9:53:f5:a8:
e1:b3:58:64:f3:5c:54:56:6e:1a:ab:7a:6b:ba:20:
23:05:ec:fb:4b:94:7f:0f:26:b7:ae:f4:63:41:77:
51:ff:71:33:e7:58:0a:5f:50:46:a2:10:83:bb:15:
aa:4d:a8:6f:85:0b:08:f5:c3:6e:58:54:55:6c:db:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B9:7D:68:40:75:53:06:16:24:C2:B3:0F:9C:8E:AF:DC:A9:28:D4
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Bbl9aEB1UwYWJMKzD5yOr9ypKNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9600::/29
2a13:b840::/29
2a13:de40::/29
Signature Algorithm: sha256WithRSAEncryption
ad:26:7c:7d:86:56:1e:6c:a3:c7:db:03:a5:24:e7:08:44:67:
fc:21:75:cb:76:57:b2:4f:c6:9d:cb:28:af:7c:06:5e:f9:09:
44:9d:e8:39:f5:bc:7f:80:15:a2:c8:12:d4:b0:cb:88:56:81:
d7:f2:b5:89:56:bc:0c:b9:0a:cf:86:df:90:f4:b2:4e:8c:93:
d6:16:99:0d:25:26:6f:84:05:c7:91:39:b9:7e:53:3f:61:b3:
48:ea:88:43:ce:00:e8:9d:c7:79:ca:1b:c2:71:87:88:0c:3f:
29:44:90:35:6b:e9:86:96:0e:c4:dd:a6:d2:8b:58:54:c5:a2:
3a:67:a5:2b:60:98:64:82:0d:02:84:e2:7c:df:58:f0:98:9a:
21:c5:86:83:6c:30:7c:90:d6:ea:37:85:79:1d:64:8e:95:e1:
d0:aa:ed:f0:45:f3:fd:b5:c0:81:86:19:e3:ba:e7:04:b2:b0:
54:39:07:4d:f2:4d:61:05:67:d3:ba:89:ae:37:57:b6:20:a0:
cf:b6:8b:36:6e:30:1b:61:ea:ab:ea:b1:5c:46:e0:31:33:c5:
3c:81:08:d1:56:38:b1:89:7b:d4:43:f2:5b:04:e7:a5:8d:ee:
bd:39:86:bb:bf:bc:b3:09:20:0c:fc:5e:aa:3f:c9:a3:5a:c9:
97:b9:7c:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZldu7VWgwuJcuqwGv9r6HeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwOTE4MTY1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI5N2Q2ODQwNzU1MzA2MTYyNGMyYjMwZjljOGVhZmRjYTkyOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hBIgAu2zqKYmvzbdjrKsso/327z
zW45WhBVhBh0+AQxGS3Ulr2Z9ljhsH8r0yjLPL4T+OCENqkVq4nt8BnnBkdmBpmo
UpRG/FrsAfvmd7c73UE7/cmhymF2sQ8MqnNs5oMo98Q4ObK7PiZCwfYkoZh0jHIG
sJphjmJu9lkZcJNizZtl3a+bF00DQTQk0U7hPdlFALszwcIS7+cKXqhLCbazjIZN
EEZ4oGH4uZWpuqw0ypjH/H/CTpbSPUgYpflT9ajhs1hk81xUVm4aq3pruiAjBez7
S5R/Dya3rvRjQXdR/3Ez51gKX1BGohCDuxWqTahvhQsI9cNuWFRVbNvTqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAW5fWhAdVMGFiTCsw+cjq/cqSjUMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvQmJsOWFFQjFVd1lXSk1LekQ1eU9yOXlwS05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhCWAAMF
AyoTuEADBQMqE95AMA0GCSqGSIb3DQEBCwUAA4IBAQCtJnx9hlYebKPH2wOlJOcI
RGf8IXXLdleyT8adyyivfAZe+QlEneg59bx/gBWiyBLUsMuIVoHX8rWJVrwMuQrP
ht+Q9LJOjJPWFpkNJSZvhAXHkTm5flM/YbNI6ohDzgDoncd5yhvCcYeIDD8pRJA1
a+mGlg7E3abSi1hUxaI6Z6UrYJhkgg0ChOJ831jwmJohxYaDbDB8kNbqN4V5HWSO
leHQqu3wRfP9tcCBhhnjuucEsrBUOQdN8k1hBWfTuomuN1e2IKDPtos2bjAbYeqr
6rFcRuAxM8U8gQjRVjixiXvUQ/JbBOelje69OYa7v7yzCSAM/F6qP8mjWsmXuXy6
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:55:20 2025 by rpki-client