Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/bDFWKHEY4-_bXqURsiwT7BnQr_U.roa
File: bDFWKHEY4-_bXqURsiwT7BnQr_U.roa (raw, json)
Hash identifier: vvCESOdNuqC905mRSTvNFGo6FhVrWRFF2bmGcmqz3yo=
Subject key identifier: 6C:31:56:28:71:18:E3:EF:DB:5E:A5:11:B2:2C:13:EC:19:D0:AF:F5
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0199DCCCFAB8DE7361C599980E855D01361F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/bDFWKHEY4-_bXqURsiwT7BnQr_U.roa
Signing time: Mon 13 Oct 2025 09:00:44 +0000
ROA not before: Mon 13 Oct 2025 09:00:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198351
IP address blocks: 2a12:bec4:17a0::/48 maxlen: 48
2a12:bec4:17a1::/48 maxlen: 48
2a12:bec4:17a2::/48 maxlen: 48
2a12:bec4:17a3::/48 maxlen: 48
2a12:bec4:17a4::/48 maxlen: 48
2a12:bec4:17a5::/48 maxlen: 48
2a12:bec4:17a6::/48 maxlen: 48
2a12:bec4:17a7::/48 maxlen: 48
2a12:bec4:17a8::/48 maxlen: 48
2a12:bec4:17a9::/48 maxlen: 48
2a12:bec4:17aa::/48 maxlen: 48
2a12:bec4:17ab::/48 maxlen: 48
2a12:bec4:17ac::/48 maxlen: 48
2a12:bec4:17ad::/48 maxlen: 48
2a12:bec4:17ae::/48 maxlen: 48
2a12:bec4:17af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dc:cc:fa:b8:de:73:61:c5:99:98:0e:85:5d:01:36:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Oct 13 09:00:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c3156287118e3efdb5ea511b22c13ec19d0aff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:28:54:2c:bd:6d:94:69:de:14:29:47:f4:eb:
7f:85:27:16:5b:cf:85:d2:e5:f0:3f:1f:c6:0c:38:
6d:f2:b5:ef:08:36:95:43:e7:37:67:c1:12:5a:54:
c2:a7:34:da:b8:b9:75:0a:b2:09:6f:cf:4c:16:df:
68:06:75:3c:08:3c:da:17:05:89:55:4d:a1:af:47:
4a:08:94:79:ef:b6:f2:07:6e:73:f9:0a:c8:f7:0e:
e9:10:f9:fb:4a:d5:b7:54:34:e7:bf:f7:7f:46:b2:
99:0e:c8:aa:e6:fb:b8:d0:f6:3b:82:1e:1a:1f:d6:
dd:f4:14:40:30:02:eb:a6:54:b5:e1:75:17:e2:21:
44:42:51:3a:b8:42:56:7e:5c:f1:e1:44:fc:3b:53:
9f:be:92:61:93:88:b1:60:40:f2:ca:f7:c7:51:38:
6d:3a:7b:3c:ec:a0:89:67:06:d7:e5:9e:ee:3e:cf:
c7:f9:f7:f6:b4:e9:98:7b:7c:27:18:57:ee:14:6b:
93:80:16:61:e8:b8:a3:5a:32:1c:f6:1d:f6:91:0c:
78:ec:bb:fe:db:ce:9f:7e:f0:d4:29:c0:13:4b:b5:
97:34:65:f3:e4:3c:e2:6a:29:77:a7:7c:6a:50:d5:
e2:71:70:eb:8e:ea:77:ab:82:e9:62:2e:69:b6:17:
69:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:31:56:28:71:18:E3:EF:DB:5E:A5:11:B2:2C:13:EC:19:D0:AF:F5
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/bDFWKHEY4-_bXqURsiwT7BnQr_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:17a0::/44
Signature Algorithm: sha256WithRSAEncryption
5b:4a:58:b2:f0:ec:70:64:e4:43:90:ca:6c:9a:ad:6a:97:97:
3f:51:ac:f8:fb:27:97:54:4c:57:07:14:8b:d6:f9:96:2a:91:
88:e6:80:4d:7e:38:9c:c3:4e:11:28:a6:5c:3f:7f:2c:6d:20:
29:ff:51:bb:3c:3f:12:a5:ed:ac:15:5e:39:94:cf:1d:db:ef:
90:8f:aa:fa:c4:68:34:e7:69:be:97:64:d9:e4:c2:9c:1d:00:
f0:56:28:a4:b1:42:35:45:36:ad:ea:13:fb:a3:48:b1:11:8f:
05:01:30:a7:19:15:b3:f7:70:fc:e3:5e:2e:d1:a8:fc:cb:a8:
26:50:d4:a5:60:c4:9d:7e:54:25:c2:9f:09:3d:f6:54:50:2e:
f2:c0:6d:dc:3d:14:14:90:89:0b:16:90:8a:dd:a1:e8:19:b3:
54:40:04:8f:fe:f5:16:71:a4:2e:3e:36:5b:83:e5:35:d7:c3:
87:d4:93:30:0c:a2:29:ec:af:e4:ac:a6:e9:34:cb:ff:24:88:
5e:c3:20:24:36:aa:6c:3d:3b:84:b3:08:9e:65:67:16:18:b8:
de:16:26:4e:3a:13:c3:09:44:b3:fd:38:29:eb:3f:a5:44:b1:
4c:d1:37:88:90:f4:0e:7d:80:0e:e1:eb:f3:26:3e:e2:d3:66:
1e:60:4e:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZnczPq43nNhxZmYDoVdATYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUxMDEzMDkwMDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMxNTYyODcxMThlM2VmZGI1ZWE1MTFiMjJjMTNlYzE5ZDBhZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyhULL1tlGneFClH9Ot/hScWW8+F
0uXwPx/GDDht8rXvCDaVQ+c3Z8ESWlTCpzTauLl1CrIJb89MFt9oBnU8CDzaFwWJ
VU2hr0dKCJR577byB25z+QrI9w7pEPn7StW3VDTnv/d/RrKZDsiq5vu40PY7gh4a
H9bd9BRAMALrplS14XUX4iFEQlE6uEJWflzx4UT8O1OfvpJhk4ixYEDyyvfHUTht
Ons87KCJZwbX5Z7uPs/H+ff2tOmYe3wnGFfuFGuTgBZh6LijWjIc9h32kQx47Lv+
286ffvDUKcATS7WXNGXz5Dziail3p3xqUNXicXDrjup3q4LpYi5pthdplQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGwxVihxGOPv216lEbIsE+wZ0K/1MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvYkRGV0tIRVk0LV9iWHFVUnNpd1Q3Qm5Rcl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBeg
MA0GCSqGSIb3DQEBCwUAA4IBAQBbSliy8OxwZORDkMpsmq1ql5c/Uaz4+yeXVExX
BxSL1vmWKpGI5oBNfjicw04RKKZcP38sbSAp/1G7PD8Spe2sFV45lM8d2++Qj6r6
xGg052m+l2TZ5MKcHQDwViiksUI1RTat6hP7o0ixEY8FATCnGRWz93D8414u0aj8
y6gmUNSlYMSdflQlwp8JPfZUUC7ywG3cPRQUkIkLFpCK3aHoGbNUQASP/vUWcaQu
PjZbg+U118OH1JMwDKIp7K/krKbpNMv/JIhewyAkNqpsPTuEswieZWcWGLjeFiZO
OhPDCUSz/Tgp6z+lRLFM0TeIkPQOfYAO4evzJj7i02YeYE7i
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:11 2025 by rpki-client