Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hLfJRJoVx_lfkVTRzXxAR5Z1Bd8.roa
File: hLfJRJoVx_lfkVTRzXxAR5Z1Bd8.roa (raw, json)
Hash identifier: um5/831xNK02y6AU7BRUHuUWK8+m9qwybp6TxN3BWeA=
Subject key identifier: 84:B7:C9:44:9A:15:C7:F9:5F:91:54:D1:CD:7C:40:47:96:75:05:DF
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0198D5AA9ADD28A8FDFDD4D370C023D8C84C
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hLfJRJoVx_lfkVTRzXxAR5Z1Bd8.roa
Signing time: Sat 23 Aug 2025 06:43:04 +0000
ROA not before: Sat 23 Aug 2025 06:43:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215460
IP address blocks: 2a14:6bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:aa:9a:dd:28:a8:fd:fd:d4:d3:70:c0:23:d8:c8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Aug 23 06:43:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84b7c9449a15c7f95f9154d1cd7c4047967505df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:70:97:43:00:49:7b:a9:10:3e:4f:6b:fb:28:
42:6a:04:78:ba:9f:15:bf:b4:ce:26:9b:89:e2:35:
31:b3:33:15:9a:86:4f:b2:04:21:ef:8a:50:85:59:
1d:b8:b8:71:04:38:97:c4:f0:3c:db:c6:f9:31:7d:
56:e1:b7:5b:43:08:49:89:07:4f:fb:ec:a5:ba:49:
fd:e0:3f:79:32:05:de:25:c0:cc:80:b6:a6:ee:32:
0b:64:f0:bb:4d:98:67:df:0e:48:75:96:99:e6:28:
d2:2d:6d:16:28:41:b7:5e:0d:26:4a:e8:31:67:99:
de:ae:2a:02:c9:77:08:d1:b3:9e:68:d8:c2:7d:14:
16:e5:88:61:69:2c:6b:44:2e:30:25:90:67:87:96:
9e:1c:fa:41:c3:b6:46:d7:00:79:46:8d:44:13:ed:
6a:a2:d0:8e:5e:a2:a9:00:f5:86:98:1d:af:be:9c:
88:68:d4:db:63:68:5b:08:81:6b:8e:c6:92:eb:84:
09:b2:72:ea:e0:fc:88:88:95:91:1e:0f:03:24:14:
0a:16:92:e7:d1:98:de:9f:01:06:83:49:01:2a:be:
5c:e2:9d:eb:f9:7a:a5:f4:3e:71:6c:88:67:e7:1f:
97:8f:2d:ad:89:f4:18:3d:65:2f:9f:a1:5e:17:06:
1b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B7:C9:44:9A:15:C7:F9:5F:91:54:D1:CD:7C:40:47:96:75:05:DF
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hLfJRJoVx_lfkVTRzXxAR5Z1Bd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:80:ea:e9:0e:92:72:42:26:b3:ef:7f:8d:8b:35:6f:c1:39:
ee:dc:0d:9b:5f:83:98:78:a5:9e:71:26:29:1a:70:f4:39:26:
ad:49:69:3b:e2:23:da:a2:82:bc:4e:b0:24:26:3e:14:86:ff:
b6:a1:74:0e:11:c0:42:db:c3:49:4c:de:18:cf:3d:d5:5b:ba:
52:1b:27:e3:cb:58:c2:71:6a:7d:63:fb:27:7f:4a:e2:55:21:
b6:e6:a2:2f:73:2f:8b:89:ba:f7:9f:a3:1d:67:31:ba:7b:0b:
de:52:dc:ee:ff:8c:32:07:b7:91:34:e6:4e:33:e8:8e:14:2e:
21:19:4d:16:29:0b:65:41:c2:32:ac:96:d2:b5:ba:74:9b:30:
6d:8d:d1:ef:db:75:0e:43:9f:68:f4:88:cb:77:fd:3b:74:9f:
ac:0a:21:77:7f:69:2e:3a:28:ae:4e:0e:c3:01:67:06:6b:04:
bd:19:4e:56:7c:7e:03:92:fc:03:8e:10:8f:79:6c:02:d7:48:
a2:d3:9e:52:70:e4:ce:8d:73:89:9d:76:bb:1f:c4:bc:9c:aa:
8c:60:64:8d:c3:f5:6b:ce:93:0b:72:4e:41:cd:94:b2:3c:6a:
50:8a:e5:86:b9:27:03:c6:1a:c0:02:b5:6b:05:f6:55:19:00:
16:01:2a:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjVqprdKKj9/dTTcMAj2MhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwODIzMDY0MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI3Yzk0NDlhMTVjN2Y5NWY5MTU0ZDFjZDdjNDA0Nzk2NzUwNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03CXQwBJe6kQPk9r+yhCagR4up8V
v7TOJpuJ4jUxszMVmoZPsgQh74pQhVkduLhxBDiXxPA828b5MX1W4bdbQwhJiQdP
++ylukn94D95MgXeJcDMgLam7jILZPC7TZhn3w5IdZaZ5ijSLW0WKEG3Xg0mSugx
Z5nerioCyXcI0bOeaNjCfRQW5YhhaSxrRC4wJZBnh5aeHPpBw7ZG1wB5Ro1EE+1q
otCOXqKpAPWGmB2vvpyIaNTbY2hbCIFrjsaS64QJsnLq4PyIiJWRHg8DJBQKFpLn
0ZjenwEGg0kBKr5c4p3r+Xql9D5xbIhn5x+Xjy2tifQYPWUvn6FeFwYbxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIS3yUSaFcf5X5FU0c18QEeWdQXfMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvaExmSlJKb1Z4X2xma1ZUUnpYeEFSNVoxQmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRrwDAN
BgkqhkiG9w0BAQsFAAOCAQEAk4Dq6Q6SckIms+9/jYs1b8E57twNm1+DmHilnnEm
KRpw9DkmrUlpO+Ij2qKCvE6wJCY+FIb/tqF0DhHAQtvDSUzeGM891Vu6Uhsn48tY
wnFqfWP7J39K4lUhtuaiL3Mvi4m695+jHWcxunsL3lLc7v+MMge3kTTmTjPojhQu
IRlNFikLZUHCMqyW0rW6dJswbY3R79t1DkOfaPSIy3f9O3SfrAohd39pLjoork4O
wwFnBmsEvRlOVnx+A5L8A44Qj3lsAtdIotOeUnDkzo1ziZ12ux/EvJyqjGBkjcP1
a86TC3JOQc2UsjxqUIrlhrknA8YawAK1awX2VRkAFgEqIg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:18:29 2025 by rpki-client