Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/r3ddEN2k_9vCphbLibz-PHsjivY.roa
File: r3ddEN2k_9vCphbLibz-PHsjivY.roa (raw, json)
Hash identifier: ACnEDn5ZVBPmzxMseP/S4ro9nha9FBYbDC0UPSMgeRg=
Subject key identifier: AF:77:5D:10:DD:A4:FF:DB:C2:A6:16:CB:89:BC:FE:3C:7B:23:8A:F6
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0199FC7BD94885DB188B6406D6A684DF0CE1
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/r3ddEN2k_9vCphbLibz-PHsjivY.roa
Signing time: Sun 19 Oct 2025 12:39:58 +0000
ROA not before: Sun 19 Oct 2025 12:39:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a0e:a781::/36 maxlen: 36
2a13:8000::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:6bc0::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:7b:d9:48:85:db:18:8b:64:06:d6:a6:84:df:0c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Oct 19 12:39:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af775d10dda4ffdbc2a616cb89bcfe3c7b238af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:22:6e:52:69:bb:c8:4c:dc:fc:83:e6:be:
54:09:19:27:50:e6:d1:09:0a:5e:bf:a0:67:bb:b3:
71:f2:fd:86:76:5b:0e:68:44:97:e3:9e:31:b3:69:
c6:57:d4:20:34:81:6f:82:c1:7a:28:5a:b9:f1:52:
eb:50:8b:98:83:84:25:62:4e:8a:e8:a7:23:9a:c2:
33:b0:44:47:56:ee:57:8b:3e:8c:eb:8f:b9:90:9f:
42:19:14:05:ee:03:18:ef:85:f7:9c:19:95:5e:19:
c6:38:5f:9a:a6:47:36:a7:df:b8:fd:d1:33:10:4f:
10:de:d7:7e:fe:1c:b2:aa:8a:80:26:aa:6a:d4:93:
b5:76:8f:68:c9:db:50:1f:36:63:d8:0a:d4:d3:cd:
26:ec:3c:28:2c:d7:2b:c2:4a:26:be:d7:7a:9d:13:
bf:37:33:db:c0:4e:19:05:2f:e0:7d:be:eb:e2:e2:
08:8d:74:68:23:d3:0c:ac:f7:5f:97:9b:80:50:60:
e6:fa:c3:ae:cf:73:c5:92:db:98:27:c3:96:f3:be:
b1:aa:12:d3:2d:c1:06:e2:ed:38:0f:fc:e5:22:30:
e2:06:25:cf:7e:0d:16:61:79:30:2f:dd:8a:6a:a8:
6f:10:3a:3e:bd:57:1a:53:98:05:7a:cd:2b:18:f5:
99:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:77:5D:10:DD:A4:FF:DB:C2:A6:16:CB:89:BC:FE:3C:7B:23:8A:F6
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/r3ddEN2k_9vCphbLibz-PHsjivY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0b:3e00::/29
2a0c:8340::/29
2a0e:a781::/36
2a13:8000::/29
2a14:35c0::/29
2a14:6bc0::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:9d:99:03:c7:ec:28:9d:ef:87:58:28:03:c5:9b:0e:86:2e:
2d:c0:9a:2b:fa:7f:4b:7a:ac:16:5f:6b:54:3d:5a:30:79:05:
8c:9f:39:8e:1a:59:46:c7:3d:98:ea:70:88:6f:b3:75:d8:da:
fc:7e:76:0c:b1:b5:9f:6d:cf:48:a2:ad:6e:7c:6e:30:55:9e:
14:37:07:40:5e:0f:21:41:56:ac:38:e2:d3:59:6c:29:f2:12:
ee:08:f2:a5:61:cd:43:26:e9:b0:73:ca:e9:eb:e1:d6:b0:95:
36:d9:c3:37:0d:f3:32:e3:38:92:46:9d:8c:c2:0b:a7:88:2f:
1d:58:57:5c:84:cf:7f:36:89:8e:a0:8c:f9:a6:cf:15:d2:69:
c9:75:c2:9c:7d:20:69:10:a5:ca:91:b8:59:8e:2c:1e:4b:4f:
53:8f:9c:fe:72:f5:90:0c:b3:4d:03:c0:2b:68:fe:71:81:c7:
2a:10:c6:60:de:4c:71:17:70:bc:5c:5d:94:61:23:1b:75:38:
63:1d:97:14:58:64:97:bb:88:cf:1c:ff:46:fd:6f:e5:b7:bc:
00:c7:0e:e8:d5:65:22:79:50:a9:c5:2a:39:d9:cf:e4:cf:ba:
14:16:70:5e:00:3a:28:c4:62:37:9d:86:6f:3a:ae:03:7e:1e:
b2:06:9d:d5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZn8e9lIhdsYi2QG1qaE3wzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUxMDE5MTIzOTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc3NWQxMGRkYTRmZmRiYzJhNjE2Y2I4OWJjZmUzYzdiMjM4YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqsiblJpu8hM3PyD5r5UCRknUObR
CQpev6Bnu7Nx8v2GdlsOaESX454xs2nGV9QgNIFvgsF6KFq58VLrUIuYg4QlYk6K
6KcjmsIzsERHVu5Xiz6M64+5kJ9CGRQF7gMY74X3nBmVXhnGOF+apkc2p9+4/dEz
EE8Q3td+/hyyqoqAJqpq1JO1do9oydtQHzZj2ArU080m7DwoLNcrwkomvtd6nRO/
NzPbwE4ZBS/gfb7r4uIIjXRoI9MMrPdfl5uAUGDm+sOuz3PFktuYJ8OW876xqhLT
LcEG4u04D/zlIjDiBiXPfg0WYXkwL92KaqhvEDo+vVcaU5gFes0rGPWZSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFK93XRDdpP/bwqYWy4m8/jx7I4r2MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvcjNkZEVOMmtfOXZDcGhiTGliei1QSHNqaXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AwUDIAEwgAMF
AyoLPgADBQMqDINAAwYEKg6ngQADBQMqE4AAAwUDKhQ1wAMFAyoUa8ADBQMqFHLA
MA0GCSqGSIb3DQEBCwUAA4IBAQApnZkDx+wone+HWCgDxZsOhi4twJor+n9LeqwW
X2tUPVoweQWMnzmOGllGxz2Y6nCIb7N12Nr8fnYMsbWfbc9Ioq1ufG4wVZ4UNwdA
Xg8hQVasOOLTWWwp8hLuCPKlYc1DJumwc8rp6+HWsJU22cM3DfMy4ziSRp2Mwgun
iC8dWFdchM9/NomOoIz5ps8V0mnJdcKcfSBpEKXKkbhZjiweS09Tj5z+cvWQDLNN
A8AraP5xgccqEMZg3kxxF3C8XF2UYSMbdThjHZcUWGSXu4jPHP9G/W/lt7wAxw7o
1WUieVCpxSo52c/kz7oUFnBeADooxGI3nYZvOq4Dfh6yBp3V
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:39 2025 by rpki-client