Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/v3c2i7qjUGqYJunxFlZi1ZBzzWA.roa
File: v3c2i7qjUGqYJunxFlZi1ZBzzWA.roa (raw, json)
Hash identifier: urzrgHn78NNxeBwI3Up09dG2+IvynhGoXfVv+jsbd64=
Subject key identifier: BF:77:36:8B:BA:A3:50:6A:98:26:E9:F1:16:56:62:D5:90:73:CD:60
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0198CD347861BB028CAA3C546C5A20D8EFE3
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/v3c2i7qjUGqYJunxFlZi1ZBzzWA.roa
Signing time: Thu 21 Aug 2025 15:17:04 +0000
ROA not before: Thu 21 Aug 2025 15:17:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 2a12:bec4:1520::/48 maxlen: 48
2a12:bec4:1521::/48 maxlen: 48
2a12:bec4:1522::/48 maxlen: 48
2a12:bec4:152f::/48 maxlen: 48
2a12:bec4:1651::/48 maxlen: 48
2a12:bec4:1652::/48 maxlen: 48
2a12:bec4:1653::/48 maxlen: 48
2a12:bec4:1654::/48 maxlen: 48
2a12:bec4:1655::/48 maxlen: 48
2a12:bec4:1656::/48 maxlen: 48
2a12:bec4:1657::/48 maxlen: 48
2a12:bec4:1658::/48 maxlen: 48
2a12:bec4:1659::/48 maxlen: 48
2a12:bec4:1be0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cd:34:78:61:bb:02:8c:aa:3c:54:6c:5a:20:d8:ef:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Aug 21 15:17:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf77368bbaa3506a9826e9f1165662d59073cd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:a5:ea:cb:a0:5f:e9:5d:cb:8d:d8:2b:fa:
8d:fe:79:fd:f5:4d:05:b4:5f:a1:4a:ff:c3:71:86:
f6:0f:d2:31:c0:a7:13:62:50:06:9a:c9:96:26:13:
8a:84:1a:14:18:1b:70:b1:01:16:97:15:53:67:70:
f9:ee:c1:02:2f:24:af:5b:0e:96:97:4e:48:61:92:
ef:2f:18:24:de:93:b5:b1:ff:d8:9b:86:fb:6c:1a:
08:ea:ff:27:73:42:c1:29:1e:59:af:c7:0c:f7:37:
08:2d:d4:b0:db:be:82:a2:78:10:b2:56:d7:44:94:
2c:b9:da:41:42:92:00:3c:a3:69:e1:a4:43:06:75:
63:e4:5f:da:8a:6a:86:2e:eb:56:a2:28:52:49:21:
e1:88:6d:04:16:e6:b9:f3:44:90:69:d3:fc:45:40:
bc:49:3d:51:c5:c0:3c:92:52:51:fc:26:75:8f:04:
f9:15:ec:90:96:ae:29:d0:1e:53:d6:ca:69:c4:fd:
70:35:ab:dd:35:73:81:01:a9:c5:eb:54:e2:f8:22:
7e:0d:ab:7b:bd:7b:c3:c2:89:ab:79:b1:23:a6:0d:
7f:ca:99:a5:47:ca:a9:ae:92:e7:e5:8b:35:ea:96:
70:3a:95:1e:c6:f7:8b:f7:6e:f2:0d:b0:ad:84:45:
d2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:77:36:8B:BA:A3:50:6A:98:26:E9:F1:16:56:62:D5:90:73:CD:60
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/v3c2i7qjUGqYJunxFlZi1ZBzzWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1520::-2a12:bec4:1522:ffff:ffff:ffff:ffff:ffff
2a12:bec4:152f::/48
2a12:bec4:1651::-2a12:bec4:1659:ffff:ffff:ffff:ffff:ffff
2a12:bec4:1be0::/44
Signature Algorithm: sha256WithRSAEncryption
6d:c3:31:e4:55:17:7a:f5:51:a2:56:24:4f:8d:94:e0:77:e3:
bf:c9:4c:15:05:00:3f:fc:d2:86:70:83:bc:4f:f6:97:b9:ae:
2b:9d:00:12:db:33:67:b1:15:43:42:f2:32:59:29:8f:1e:c3:
bb:a9:0a:d4:49:fb:b1:4e:0f:32:31:e6:1f:0d:61:25:d9:b0:
05:b7:7c:63:8a:e1:ee:8b:56:cc:f3:86:21:7d:0e:0e:7a:d7:
ed:1b:29:aa:59:d9:18:0a:af:15:bb:7a:0e:03:12:a5:a0:68:
db:37:9e:02:73:cf:f8:40:01:6c:b2:8c:4e:59:6e:1b:6c:de:
d0:27:0a:10:3f:c0:11:1d:bd:bb:b8:0c:0d:70:27:5b:b3:43:
ed:98:e8:62:e7:e4:bb:24:d6:ea:7a:98:68:9c:3f:93:4f:6f:
70:e9:66:a0:e9:75:f0:4a:8b:02:6f:ef:60:b3:85:6f:4f:f9:
d0:fd:59:23:1a:f1:f3:88:29:ff:c5:25:a6:d1:39:e2:9f:c2:
62:84:69:40:8e:92:63:5a:3f:55:07:cd:79:f9:ed:05:a1:62:
e1:44:a1:9e:fe:c2:cd:e1:8e:5c:20:c3:d7:ef:24:f6:30:00:
e9:8a:a7:5c:06:b7:21:7c:45:70:1a:40:ae:de:a2:65:75:03:
45:d0:f2:74
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZjNNHhhuwKMqjxUbFog2O/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwODIxMTUxNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc3MzY4YmJhYTM1MDZhOTgyNmU5ZjExNjU2NjJkNTkwNzNjZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAKl6sugX+ldy43YK/qN/nn99U0F
tF+hSv/DcYb2D9IxwKcTYlAGmsmWJhOKhBoUGBtwsQEWlxVTZ3D57sECLySvWw6W
l05IYZLvLxgk3pO1sf/Ym4b7bBoI6v8nc0LBKR5Zr8cM9zcILdSw276CongQslbX
RJQsudpBQpIAPKNp4aRDBnVj5F/aimqGLutWoihSSSHhiG0EFua580SQadP8RUC8
ST1RxcA8klJR/CZ1jwT5FeyQlq4p0B5T1sppxP1wNavdNXOBAanF61Ti+CJ+Dat7
vXvDwomrebEjpg1/ypmlR8qprpLn5Ys16pZwOpUexveL927yDbCthEXS6wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFL93Nou6o1BqmCbp8RZWYtWQc81gMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvdjNjMmk3cWpVR3FZSnVueEZsWmkxWkJ6eldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6MBIDBwUqEr7E
FSADBwAqEr7EFSIDBwAqEr7EFS8wEgMHACoSvsQWUQMHASoSvsQWWAMHBCoSvsQb
4DANBgkqhkiG9w0BAQsFAAOCAQEAbcMx5FUXevVRolYkT42U4Hfjv8lMFQUAP/zS
hnCDvE/2l7muK50AEtszZ7EVQ0LyMlkpjx7Du6kK1En7sU4PMjHmHw1hJdmwBbd8
Y4rh7otWzPOGIX0ODnrX7RspqlnZGAqvFbt6DgMSpaBo2zeeAnPP+EABbLKMTllu
G2ze0CcKED/AER29u7gMDXAnW7ND7ZjoYufkuyTW6nqYaJw/k09vcOlmoOl18EqL
Am/vYLOFb0/50P1ZIxrx84gp/8UlptE54p/CYoRpQI6SY1o/VQfNefntBaFi4USh
nv7CzeGOXCDD1+8k9jAA6YqnXAa3IXxFcBpArt6iZXUDRdDydA==
-----END CERTIFICATE-----
Generated at Sun Aug 24 09:01:45 2025 by rpki-client