Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/utiOdGiPf1ry1hf-is43Kslb3Ow.roa
File: utiOdGiPf1ry1hf-is43Kslb3Ow.roa (raw, json)
Hash identifier: asqe9umEQTnVgKKli+v9em9L9U8glDW3quW6j7TH/Q8=
Subject key identifier: BA:D8:8E:74:68:8F:7F:5A:F2:D6:17:FE:8A:CE:37:2A:C9:5B:DC:EC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019970F6C2321D03B65EAA368EA851F156C7
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/utiOdGiPf1ry1hf-is43Kslb3Ow.roa
Signing time: Mon 22 Sep 2025 10:27:23 +0000
ROA not before: Mon 22 Sep 2025 10:27:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213702
IP address blocks: 2a12:bec4:150::/44 maxlen: 44
2a12:bec4:1460::/44 maxlen: 44
2a12:bec4:1a70::/44 maxlen: 44
2a12:bec4:1a80::/44 maxlen: 44
2a12:bec4:1c90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:f6:c2:32:1d:03:b6:5e:aa:36:8e:a8:51:f1:56:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Sep 22 10:27:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bad88e74688f7f5af2d617fe8ace372ac95bdcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:c1:c7:eb:58:e1:ea:73:b4:37:fc:a0:9b:
26:f1:f7:bf:c9:2c:f1:40:7f:fb:ed:95:a7:f9:22:
b7:de:6f:e8:19:a2:38:9a:36:38:24:b8:e9:23:1f:
80:1e:cc:57:b8:13:21:3f:e1:0f:bb:3d:26:72:5a:
dd:8c:bc:14:c9:65:89:ea:30:d5:19:4f:48:c8:3b:
67:62:0b:b4:ec:c9:92:73:73:bf:ff:75:bf:c0:d8:
b8:25:6f:fe:1a:da:33:65:e4:d8:1b:35:e0:10:aa:
da:ab:e9:5a:3c:c5:aa:5f:9c:ec:56:96:51:a5:84:
aa:6c:59:d6:e9:7c:ed:9c:5a:99:49:96:62:b4:c7:
cf:7c:81:f1:8b:d8:ae:46:db:d4:68:50:b4:b2:22:
d7:01:28:e2:68:8f:27:aa:77:b3:18:87:27:56:c3:
c5:3e:b9:fd:5b:45:5a:2e:e6:bb:eb:dd:ec:32:eb:
d7:50:7d:50:fa:00:51:f8:16:33:fc:6f:9d:49:8b:
89:5f:40:b9:89:85:3c:83:bb:90:f5:6a:1f:0e:12:
d2:8b:69:de:9f:cd:1a:72:a7:3c:a9:67:31:a3:ed:
3a:3a:0d:46:73:96:49:34:1c:74:0e:b0:f5:be:b7:
3e:25:c6:f0:4a:2d:c3:b3:19:c3:73:a5:44:5b:1b:
85:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D8:8E:74:68:8F:7F:5A:F2:D6:17:FE:8A:CE:37:2A:C9:5B:DC:EC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/utiOdGiPf1ry1hf-is43Kslb3Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:150::/44
2a12:bec4:1460::/44
2a12:bec4:1a70::-2a12:bec4:1a8f:ffff:ffff:ffff:ffff:ffff
2a12:bec4:1c90::/44
Signature Algorithm: sha256WithRSAEncryption
12:99:09:20:f2:45:2d:ba:f6:f0:ed:2a:45:15:64:3a:88:9b:
f9:f7:51:74:ee:11:d9:78:77:6b:00:93:cd:de:7e:c9:e9:76:
4f:fc:28:4b:5b:f8:75:da:0f:8e:1d:64:72:e9:91:88:36:f2:
68:66:c5:d4:25:2b:61:d1:c7:80:36:d8:e7:a5:ca:c2:82:e5:
d4:a4:72:ea:17:30:a2:c5:cf:bf:23:4e:07:56:bc:7a:dd:03:
d0:e6:61:95:cd:06:f8:c8:9d:70:a3:bc:4b:a4:b3:12:8a:4e:
e8:3c:b4:3d:81:01:e0:a7:6b:ac:66:2a:6d:50:e8:66:33:b4:
50:4b:5e:02:42:be:bf:cb:ea:fc:2c:7a:90:b0:a2:33:8b:fc:
fe:38:11:69:33:26:39:f3:eb:20:bf:e2:aa:c5:aa:f2:a6:eb:
34:01:6d:1d:54:70:28:46:3b:47:d4:b5:14:de:05:15:9a:44:
87:16:b0:16:11:64:83:9a:e8:16:d6:fe:66:ce:49:57:7a:f0:
4c:84:3e:fa:85:8f:49:a1:d8:b6:69:18:80:88:38:eb:2f:0d:
25:00:0a:ce:9f:ca:3e:e6:e2:43:a4:dc:81:62:fc:f6:da:86:
35:d0:5d:87:65:cd:25:d2:51:7b:1e:cb:8c:c9:56:00:8e:7c:
46:a9:25:31
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZlw9sIyHQO2Xqo2jqhR8VbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwOTIyMTAyNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQ4OGU3NDY4OGY3ZjVhZjJkNjE3ZmU4YWNlMzcyYWM5NWJkY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTzBx+tY4epztDf8oJsm8fe/ySzx
QH/77ZWn+SK33m/oGaI4mjY4JLjpIx+AHsxXuBMhP+EPuz0mclrdjLwUyWWJ6jDV
GU9IyDtnYgu07MmSc3O//3W/wNi4JW/+GtozZeTYGzXgEKraq+laPMWqX5zsVpZR
pYSqbFnW6XztnFqZSZZitMfPfIHxi9iuRtvUaFC0siLXASjiaI8nqnezGIcnVsPF
Prn9W0VaLua7693sMuvXUH1Q+gBR+BYz/G+dSYuJX0C5iYU8g7uQ9WofDhLSi2ne
n80acqc8qWcxo+06Og1Gc5ZJNBx0DrD1vrc+JcbwSi3DsxnDc6VEWxuFoQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLrYjnRoj39a8tYX/orONyrJW9zsMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvdXRpT2RHaVBmMXJ5MWhmLWlzNDNLc2xiM093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcEKhK+xAFQ
AwcEKhK+xBRgMBIDBwQqEr7EGnADBwQqEr7EGoADBwQqEr7EHJAwDQYJKoZIhvcN
AQELBQADggEBABKZCSDyRS269vDtKkUVZDqIm/n3UXTuEdl4d2sAk83efsnpdk/8
KEtb+HXaD44dZHLpkYg28mhmxdQlK2HRx4A22OelysKC5dSkcuoXMKLFz78jTgdW
vHrdA9DmYZXNBvjInXCjvEuksxKKTug8tD2BAeCna6xmKm1Q6GYztFBLXgJCvr/L
6vwsepCwojOL/P44EWkzJjnz6yC/4qrFqvKm6zQBbR1UcChGO0fUtRTeBRWaRIcW
sBYRZIOa6BbW/mbOSVd68EyEPvqFj0mh2LZpGICIOOsvDSUACs6fyj7m4kOk3IFi
/PbahjXQXYdlzSXSUXsey4zJVgCOfEapJTE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:12 2025 by rpki-client