Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1dd8wQbUGZb37ON1wxQRH72QlpI.roa
File: 1dd8wQbUGZb37ON1wxQRH72QlpI.roa (raw, json)
Hash identifier: bzkgiCpTlvvYKlJfhsVQWdWbUhvq97n+YmedrgTC9ug=
Subject key identifier: D5:D7:7C:C1:06:D4:19:96:F7:EC:E3:75:C3:14:11:1F:BD:90:96:92
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0197835F6AA41F78F779758D7AF4AD9C29A1
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1dd8wQbUGZb37ON1wxQRH72QlpI.roa
Signing time: Wed 18 Jun 2025 14:09:17 +0000
ROA not before: Wed 18 Jun 2025 14:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211665
IP address blocks: 2a01:ecc0:6c0::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 19:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:5f:6a:a4:1f:78:f7:79:75:8d:7a:f4:ad:9c:29:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Jun 18 14:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5d77cc106d41996f7ece375c314111fbd909692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:7d:cd:36:35:51:99:06:7e:db:3d:ab:97:
67:9e:0b:66:e7:46:0a:00:76:de:4f:df:e8:1f:23:
59:e5:1d:f2:ed:da:96:48:73:0e:1b:39:67:4a:31:
b4:3d:7b:f7:8b:e4:17:31:02:cf:fb:59:6a:75:c5:
34:0f:52:2c:29:da:a2:eb:1c:83:ea:d1:04:45:d0:
d0:7f:c8:b8:00:41:f4:8a:71:e9:6f:db:64:7f:f8:
b3:12:47:5e:09:5e:45:be:59:7d:f9:13:f6:14:11:
da:24:6e:51:39:e9:ba:1f:22:69:06:94:cb:98:5a:
03:ad:be:ae:ab:df:f0:c2:23:8f:1b:32:ce:fa:92:
4e:b1:9f:2e:97:10:31:59:a2:fb:74:76:de:9a:75:
34:2e:19:0a:3d:9e:d9:7a:29:1c:d2:8c:2a:00:7b:
b4:7a:2e:de:b6:25:72:28:db:78:37:41:6f:6c:91:
68:60:7f:92:14:58:cc:5a:f6:e4:11:0f:87:ce:f7:
2f:59:28:35:67:5e:db:ba:2a:76:cf:0f:a2:67:5b:
21:a1:e7:f7:06:08:cd:9c:b9:25:75:f3:5c:78:5a:
42:86:48:4c:5f:80:2a:a4:ac:56:af:e8:dc:9b:f0:
0f:0e:c2:99:24:5c:64:85:68:ee:5d:78:ab:e2:07:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D7:7C:C1:06:D4:19:96:F7:EC:E3:75:C3:14:11:1F:BD:90:96:92
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1dd8wQbUGZb37ON1wxQRH72QlpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:6c0::/42
Signature Algorithm: sha256WithRSAEncryption
31:86:cc:39:a5:11:bd:24:29:67:d9:56:6f:b9:48:bf:b9:0e:
dd:ae:30:f8:1e:8d:30:44:e3:4b:fa:0f:d0:77:42:72:ac:13:
ab:2b:43:ac:e6:5d:70:45:2e:37:4d:fb:a3:bc:1c:e2:97:a1:
c9:cd:84:5d:08:b9:c7:fe:86:3e:c2:90:6b:e2:83:c9:8d:eb:
4a:66:03:a3:84:82:9f:4c:8b:d8:fb:ab:25:81:5f:b7:1c:80:
9a:e7:03:b1:db:e0:af:03:50:e4:11:ed:b2:47:44:87:56:7e:
95:61:bc:ae:22:b3:1f:47:27:df:c3:54:5c:80:29:62:1f:2d:
b6:fa:04:26:ea:7e:fb:9c:58:6d:02:c3:9c:fc:06:93:a1:aa:
17:b8:0a:9d:80:3e:8b:86:83:de:14:13:50:d4:f3:ea:09:32:
e7:bd:0a:19:5d:c2:f1:8c:93:fb:43:a7:de:f4:c2:b6:ad:f1:
ca:c4:ff:4e:fd:fb:34:61:e2:7d:bc:4f:21:cb:71:c7:f1:aa:
91:58:60:5e:db:57:c8:6c:21:2f:97:ef:88:0b:68:9e:7a:a3:
23:2e:db:03:ed:33:5e:db:45:eb:83:24:42:4f:6d:89:79:1e:
c8:c1:a9:1b:cd:0d:cc:12:6c:d4:7e:04:51:a9:f6:38:e4:5c:
88:90:24:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZeDX2qkH3j3eXWNevStnCmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwNjE4MTQwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ3N2NjMTA2ZDQxOTk2ZjdlY2UzNzVjMzE0MTExZmJkOTA5NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSB9zTY1UZkGfts9q5dnngtm50YK
AHbeT9/oHyNZ5R3y7dqWSHMOGzlnSjG0PXv3i+QXMQLP+1lqdcU0D1IsKdqi6xyD
6tEERdDQf8i4AEH0inHpb9tkf/izEkdeCV5Fvll9+RP2FBHaJG5ROem6HyJpBpTL
mFoDrb6uq9/wwiOPGzLO+pJOsZ8ulxAxWaL7dHbemnU0LhkKPZ7Zeikc0owqAHu0
ei7etiVyKNt4N0FvbJFoYH+SFFjMWvbkEQ+HzvcvWSg1Z17buip2zw+iZ1shoef3
BgjNnLkldfNceFpChkhMX4AqpKxWr+jcm/APDsKZJFxkhWjuXXir4gcASwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXXfMEG1BmW9+zjdcMUER+9kJaSMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvMWRkOHdRYlVHWmIzN09OMXd4UVJINzJRbHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgHswAbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxhsw5pRG9JCln2VZvuUi/uQ7drjD4Ho0wRONL
+g/Qd0JyrBOrK0Os5l1wRS43TfujvBzil6HJzYRdCLnH/oY+wpBr4oPJjetKZgOj
hIKfTIvY+6slgV+3HICa5wOx2+CvA1DkEe2yR0SHVn6VYbyuIrMfRyffw1RcgCli
Hy22+gQm6n77nFhtAsOc/AaToaoXuAqdgD6LhoPeFBNQ1PPqCTLnvQoZXcLxjJP7
Q6fe9MK2rfHKxP9O/fs0YeJ9vE8hy3HH8aqRWGBe21fIbCEvl++IC2ieeqMjLtsD
7TNe20XrgyRCT22JeR7IwakbzQ3MEmzUfgRRqfY45FyIkCR/
-----END CERTIFICATE-----
Generated at Wed Jul 2 22:43:40 2025 by rpki-client