
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/kA6AWPUwR8pfVatgIgbleiA2U4A.roa
File: kA6AWPUwR8pfVatgIgbleiA2U4A.roa (raw, json)
Hash identifier: Gm1jFueE+pwXkAPOUKA8cqRyEWYfKxXN4mMoWdfcHVw=
Subject key identifier: 90:0E:80:58:F5:30:47:CA:5F:55:AB:60:22:06:E5:7A:20:36:53:80
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01976584E15787CDFEFF2E2494FB247983B1
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/kA6AWPUwR8pfVatgIgbleiA2U4A.roa
Signing time: Thu 12 Jun 2025 19:01:36 +0000
ROA not before: Thu 12 Jun 2025 19:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 10:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:84:e1:57:87:cd:fe:ff:2e:24:94:fb:24:79:83:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 12 19:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=900e8058f53047ca5f55ab602206e57a20365380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b7:99:6c:ec:cd:eb:09:34:a0:48:3e:86:b8:
5c:f6:5c:61:3b:c1:67:b8:13:90:b3:1f:17:e3:c2:
8b:a2:1a:96:72:04:3b:d3:11:e0:8c:9c:96:29:2c:
cc:2f:a1:86:63:00:8b:26:83:14:8f:fb:02:c6:23:
e3:7c:be:83:60:b0:d7:56:70:2e:65:2d:f2:5a:0a:
a8:a5:c3:47:af:2d:b1:9c:fc:bc:46:49:01:dd:05:
df:9a:d8:8e:e2:f4:13:36:f7:a4:f9:68:cd:ab:19:
16:fd:47:08:a6:db:8a:e4:9a:40:f6:a5:e7:62:17:
27:ad:a3:26:d5:bd:7c:de:33:76:00:31:5e:8c:7f:
4e:12:d1:7a:a3:f5:ef:fe:e9:ce:51:0a:05:3c:3e:
a9:64:91:9c:a2:26:5e:54:3a:78:36:d6:ef:7d:e7:
82:5b:76:5d:1b:76:7a:db:a4:53:7e:e7:0c:35:11:
ae:8e:7e:eb:ba:d5:24:a3:6f:a7:c0:4e:b2:24:4e:
88:46:81:0d:8a:53:6e:ff:60:f0:ca:ce:7f:90:23:
54:08:38:7d:94:a8:68:de:2c:39:3c:bb:9c:db:82:
0b:5a:c2:95:f6:a8:ac:25:0e:90:e3:ff:50:3f:97:
d7:ec:94:2c:40:2c:9a:cb:1c:63:91:a3:77:d3:ef:
8a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0E:80:58:F5:30:47:CA:5F:55:AB:60:22:06:E5:7A:20:36:53:80
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/kA6AWPUwR8pfVatgIgbleiA2U4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0b:3e00::/29
2a0c:8340::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:1b:99:f3:27:5d:0e:8d:c3:d2:b8:52:4a:87:ce:97:ef:2b:
c1:45:93:f4:b9:ec:7f:e2:0e:d6:e3:3c:57:72:ed:dd:31:d3:
c5:c0:d1:e6:e0:26:b7:3c:1a:e6:20:ad:ac:c1:45:ea:42:7f:
2f:ba:0d:25:da:a5:ee:20:bf:fa:82:93:21:60:04:06:7b:ca:
bf:57:ab:62:8e:de:4e:d9:27:d3:99:1b:94:5b:fa:5c:53:d3:
dd:0f:46:fa:4b:d7:e0:7b:1a:28:27:8d:31:35:30:01:45:51:
01:02:3d:88:1a:2e:db:6a:d3:97:e4:18:6b:e0:de:99:77:05:
bf:37:cb:a1:d9:8a:7c:d3:3d:2d:fa:6c:f1:0f:a3:ad:40:94:
c8:75:04:f3:65:6a:94:7e:cb:1f:31:41:fb:25:00:4d:70:19:
46:38:68:b0:2f:c7:c8:b0:53:58:4f:cb:77:a1:e5:42:55:f7:
26:00:87:6f:00:b3:1a:2b:0b:a9:4f:98:28:7f:65:0e:1a:48:
01:1b:e6:ee:1b:2f:3e:d9:10:00:98:15:2e:d2:29:45:67:1e:
d6:26:7e:4c:17:ca:fa:d5:ae:0d:08:3e:99:74:41:8b:5e:64:
f9:42:9d:33:ec:53:dd:5a:af:d8:05:30:ae:26:b6:37:18:7e:
35:49:51:e8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZdlhOFXh83+/y4klPskeYOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjEyMTkwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBlODA1OGY1MzA0N2NhNWY1NWFiNjAyMjA2ZTU3YTIwMzY1MzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7eZbOzN6wk0oEg+hrhc9lxhO8Fn
uBOQsx8X48KLohqWcgQ70xHgjJyWKSzML6GGYwCLJoMUj/sCxiPjfL6DYLDXVnAu
ZS3yWgqopcNHry2xnPy8RkkB3QXfmtiO4vQTNvek+WjNqxkW/UcIptuK5JpA9qXn
YhcnraMm1b183jN2ADFejH9OEtF6o/Xv/unOUQoFPD6pZJGcoiZeVDp4NtbvfeeC
W3ZdG3Z626RTfucMNRGujn7rutUko2+nwE6yJE6IRoENilNu/2Dwys5/kCNUCDh9
lKho3iw5PLuc24ILWsKV9qisJQ6Q4/9QP5fX7JQsQCyayxxjkaN30++K9QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFJAOgFj1MEfKX1WrYCIG5XogNlOAMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEva0E2QVdQVXdSOHBmVmF0Z0lnYmxlaUEyVTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDIAEwgAMF
AyoLPgADBQMqDINAAwUDKhO4QAMFAyoT3cADBQMqFDXAAwUDKhRywDANBgkqhkiG
9w0BAQsFAAOCAQEAWRuZ8yddDo3D0rhSSofOl+8rwUWT9Lnsf+IO1uM8V3Lt3THT
xcDR5uAmtzwa5iCtrMFF6kJ/L7oNJdql7iC/+oKTIWAEBnvKv1erYo7eTtkn05kb
lFv6XFPT3Q9G+kvX4HsaKCeNMTUwAUVRAQI9iBou22rTl+QYa+DemXcFvzfLodmK
fNM9Lfps8Q+jrUCUyHUE82VqlH7LHzFB+yUATXAZRjhosC/HyLBTWE/Ld6HlQlX3
JgCHbwCzGisLqU+YKH9lDhpIARvm7hsvPtkQAJgVLtIpRWce1iZ+TBfK+tWuDQg+
mXRBi15k+UKdM+xT3Vqv2AUwria2Nxh+NUlR6A==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:53:16 2025 by rpki-client