Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/k0ttBC9GG5SwwZZ2dS9kLQbm9pQ.roa
File: k0ttBC9GG5SwwZZ2dS9kLQbm9pQ.roa (raw, json)
Hash identifier: yXqWLhcE+zBXoTTkHM6MwwBEZ11FwTxz1goW5JL/Hdo=
Subject key identifier: 93:4B:6D:04:2F:46:1B:94:B0:C1:96:76:75:2F:64:2D:06:E6:F6:94
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0197A4152C7282FDC235756AA4C804612988
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/k0ttBC9GG5SwwZZ2dS9kLQbm9pQ.roa
Signing time: Tue 24 Jun 2025 22:35:40 +0000
ROA not before: Tue 24 Jun 2025 22:35:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 2a12:bec4:1560::/44 maxlen: 44
2a12:bec4:16f0::/44 maxlen: 44
2a12:bec4:1910::/44 maxlen: 44
2a12:bec4:1ab0::/44 maxlen: 44
2a12:bec4:1b10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a4:15:2c:72:82:fd:c2:35:75:6a:a4:c8:04:61:29:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jun 24 22:35:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=934b6d042f461b94b0c19676752f642d06e6f694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b5:32:3e:bd:86:16:77:5c:ba:76:e5:82:6c:
b4:4e:d3:21:ba:22:37:b5:7b:e6:37:b8:6b:35:5c:
e6:98:08:3e:b4:a0:1a:7f:81:29:87:7d:66:c2:39:
bd:fd:a7:98:d8:f2:be:e5:13:2f:c5:84:d5:03:34:
06:ba:35:ac:79:fd:00:1b:66:21:59:28:b4:a7:a6:
41:df:5a:11:92:4d:47:4e:94:26:98:e4:3f:31:cd:
6c:03:74:04:e2:c1:eb:8f:7d:33:ff:8b:d7:32:eb:
6e:40:e6:8d:33:98:6b:c7:57:b8:1d:46:76:23:6c:
ad:f3:c0:1b:f8:32:d5:5d:be:f8:1b:f1:76:e1:b8:
9b:46:84:7c:48:a9:2f:aa:79:4d:a7:46:2c:04:d7:
10:10:ba:34:6f:bb:8d:8c:bb:82:d8:e1:7a:30:be:
1f:ea:c1:a8:2b:5a:09:e1:4d:c7:cb:f4:8a:2c:fb:
4b:a9:63:b8:63:5a:77:93:d1:64:0e:5a:ff:ab:51:
06:59:df:e7:fc:f6:f9:64:8f:7f:cb:87:a0:8d:e9:
fa:57:46:cf:89:fc:c5:b8:5a:29:6c:44:af:33:f1:
26:66:7f:b4:a0:7d:ca:5a:11:b7:e4:88:65:27:7f:
82:45:44:db:63:cb:c8:4c:0c:9e:02:86:72:fa:38:
08:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4B:6D:04:2F:46:1B:94:B0:C1:96:76:75:2F:64:2D:06:E6:F6:94
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/k0ttBC9GG5SwwZZ2dS9kLQbm9pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1560::/44
2a12:bec4:16f0::/44
2a12:bec4:1910::/44
2a12:bec4:1ab0::/44
2a12:bec4:1b10::/44
Signature Algorithm: sha256WithRSAEncryption
23:7e:99:0f:8d:6c:66:57:33:80:04:01:73:a0:0b:d3:2e:f4:
4b:42:97:6c:dd:77:c2:75:73:a0:eb:e0:72:de:b3:6a:4d:c4:
2b:e6:5b:01:05:3a:f4:50:75:3d:91:98:c8:35:7d:69:63:43:
af:2d:cb:f3:a4:8f:87:01:fa:82:6d:c9:d1:3a:61:5d:e7:21:
f2:15:6c:65:f9:48:ad:35:de:a4:c6:d1:96:26:bd:45:e8:cb:
4c:49:39:c9:a5:12:7b:be:08:32:90:60:22:7e:2b:b1:eb:b1:
fb:f1:24:db:c3:c3:84:cc:8e:48:16:6e:7a:57:7e:f3:06:bb:
09:32:14:4d:bb:6c:83:6f:b1:2a:19:9f:8c:ef:d3:5b:c5:bc:
aa:6e:ad:7a:c3:c6:44:1c:7f:6a:78:1b:e6:58:b8:a3:25:87:
4a:8f:7c:67:cc:53:97:b3:b7:70:f6:6c:d1:8f:7c:cf:12:cc:
d2:dd:96:64:f8:5d:07:fd:2a:c9:9a:6a:d7:c8:0e:ce:fb:7b:
cc:23:a5:c5:22:99:f7:a6:2d:77:31:5a:ef:de:71:05:e0:97:
fd:29:82:15:39:2c:20:f9:8e:ee:9c:12:63:66:03:02:49:57:
c2:e1:d3:77:95:4b:24:49:9d:e0:82:2c:d0:49:0d:0d:5e:42:
60:e3:d2:98
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZekFSxygv3CNXVqpMgEYSmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNjI0MjIzNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRiNmQwNDJmNDYxYjk0YjBjMTk2NzY3NTJmNjQyZDA2ZTZmNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7UyPr2GFndcunblgmy0TtMhuiI3
tXvmN7hrNVzmmAg+tKAaf4Eph31mwjm9/aeY2PK+5RMvxYTVAzQGujWsef0AG2Yh
WSi0p6ZB31oRkk1HTpQmmOQ/Mc1sA3QE4sHrj30z/4vXMutuQOaNM5hrx1e4HUZ2
I2yt88Ab+DLVXb74G/F24bibRoR8SKkvqnlNp0YsBNcQELo0b7uNjLuC2OF6ML4f
6sGoK1oJ4U3Hy/SKLPtLqWO4Y1p3k9FkDlr/q1EGWd/n/Pb5ZI9/y4egjen6V0bP
ifzFuFopbESvM/EmZn+0oH3KWhG35IhlJ3+CRUTbY8vITAyeAoZy+jgIdQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJNLbQQvRhuUsMGWdnUvZC0G5vaUMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvazB0dEJDOUdHNVN3d1paMmRTOWtMUWJtOXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcEKhK+xBVg
AwcEKhK+xBbwAwcEKhK+xBkQAwcEKhK+xBqwAwcEKhK+xBsQMA0GCSqGSIb3DQEB
CwUAA4IBAQAjfpkPjWxmVzOABAFzoAvTLvRLQpds3XfCdXOg6+By3rNqTcQr5lsB
BTr0UHU9kZjINX1pY0OvLcvzpI+HAfqCbcnROmFd5yHyFWxl+UitNd6kxtGWJr1F
6MtMSTnJpRJ7vggykGAifiux67H78STbw8OEzI5IFm56V37zBrsJMhRNu2yDb7Eq
GZ+M79Nbxbyqbq16w8ZEHH9qeBvmWLijJYdKj3xnzFOXs7dw9mzRj3zPEszS3ZZk
+F0H/SrJmmrXyA7O+3vMI6XFIpn3pi13MVrv3nEF4Jf9KYIVOSwg+Y7unBJjZgMC
SVfC4dN3lUskSZ3ggizQSQ0NXkJg49KY
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:26:52 2025 by rpki-client