Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/3GJ0bOfekp5L6arp0MI-w_XPimQ.roa
File: 3GJ0bOfekp5L6arp0MI-w_XPimQ.roa (raw, json)
Hash identifier: 0lzM9+wo3VrPT3aYhPai/br06U/H49IVoIizC5oG8Xc=
Subject key identifier: DC:62:74:6C:E7:DE:92:9E:4B:E9:AA:E9:D0:C2:3E:C3:F5:CF:8A:64
Certificate issuer: /CN=2750f3d7ed825617e26be09aeccc62dda4ea314f
Certificate serial: 0197881D2F9DBB31916E17AC5565C07CB346
Authority key identifier: 27:50:F3:D7:ED:82:56:17:E2:6B:E0:9A:EC:CC:62:DD:A4:EA:31:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/3GJ0bOfekp5L6arp0MI-w_XPimQ.roa
Signing time: Thu 19 Jun 2025 12:15:03 +0000
ROA not before: Thu 19 Jun 2025 12:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212983
IP address blocks: 2001:67c:1308::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.mft
rsync://rpki.ripe.net/repository/DEFAULT/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:1d:2f:9d:bb:31:91:6e:17:ac:55:65:c0:7c:b3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2750f3d7ed825617e26be09aeccc62dda4ea314f
Validity
Not Before: Jun 19 12:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc62746ce7de929e4be9aae9d0c23ec3f5cf8a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:99:72:9b:d8:08:e5:0e:84:94:3f:8d:2e:
a2:42:78:d8:e1:e3:07:1f:9e:25:b1:7b:ec:d8:63:
fb:fd:5e:07:7b:41:ec:09:c8:03:16:04:ea:6e:07:
f5:ab:ce:85:49:11:06:a9:f2:4b:f9:f4:23:35:68:
94:81:e9:cf:7f:e2:e8:34:e7:59:d1:45:be:5e:d9:
11:fb:80:8a:30:06:79:7d:2a:10:db:f8:c9:39:4e:
c1:ad:30:a7:a8:a8:c5:86:08:b8:b8:d1:9d:01:5c:
4e:6b:10:83:1e:24:6d:fd:99:cd:71:90:1f:b2:61:
9e:e4:5f:d2:59:67:f1:2f:f0:aa:76:16:88:f7:5e:
a8:e0:bf:5b:c9:da:15:61:0d:6d:45:12:0a:6e:09:
44:ad:20:0f:9f:44:cb:be:b7:e4:39:01:2a:7f:7e:
e7:e3:2a:79:9b:f6:92:23:a1:e4:93:ba:3c:a0:90:
94:05:21:60:b8:76:bb:1e:e5:9d:4a:54:84:8b:fe:
1c:91:fa:e1:ad:da:a7:c2:1d:95:2c:fc:63:0f:be:
5e:95:80:26:ad:8c:68:30:1d:65:cf:02:04:e9:55:
83:ce:ad:5d:b1:2e:84:e0:43:dd:c0:e3:45:ab:74:
d3:d6:73:43:46:84:27:63:42:34:9f:07:86:59:34:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:62:74:6C:E7:DE:92:9E:4B:E9:AA:E9:D0:C2:3E:C3:F5:CF:8A:64
X509v3 Authority Key Identifier:
keyid:27:50:F3:D7:ED:82:56:17:E2:6B:E0:9A:EC:CC:62:DD:A4:EA:31:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/3GJ0bOfekp5L6arp0MI-w_XPimQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/857a2f-3288-467e-b043-2431e6ba6311/1/J1Dz1-2CVhfia-Ca7Mxi3aTqMU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1308::/48
Signature Algorithm: sha256WithRSAEncryption
cd:8a:ea:0a:e6:c6:92:35:fe:be:53:97:bf:c5:b8:fa:bd:30:
10:ff:3c:a8:fa:8a:1f:c5:02:b9:a2:1b:c8:db:d3:90:e9:9b:
42:0b:7d:cc:ac:e1:43:b0:f8:11:1f:a1:e1:be:d0:fb:ba:95:
d2:fd:fb:28:8c:70:d4:e1:19:dc:1d:57:9b:c6:c2:a6:06:59:
71:e2:dd:c6:47:bb:f0:20:cf:8b:26:ba:b8:08:48:f9:6e:f4:
09:df:ba:b4:ff:f3:78:12:c7:a0:79:2f:6c:92:99:b4:09:31:
38:aa:ca:3e:83:e1:24:1d:5c:27:ff:89:8e:75:aa:7a:b5:f2:
03:48:36:50:b4:13:5a:41:41:dd:db:fa:c3:98:db:c3:e1:21:
1e:94:e4:9a:c2:30:c5:3d:7d:23:93:3c:37:ff:46:9e:cc:68:
58:7d:ec:05:b0:9f:71:fb:eb:39:d3:44:86:0f:78:6f:f6:7e:
15:b7:ce:59:63:75:18:96:8c:ed:e5:f3:40:59:50:58:67:18:
40:3f:f8:42:e4:72:bc:2e:67:a4:82:39:51:81:ee:64:af:ea:
89:84:b5:ae:d9:69:7b:01:5e:9b:78:34:5d:79:8f:7b:23:82:
58:94:91:fd:6e:c1:4d:3c:e8:c4:12:f0:0a:28:d5:1b:28:3e:
84:86:e5:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZeIHS+duzGRbhesVWXAfLNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTBmM2Q3ZWQ4MjU2MTdlMjZiZTA5YWVjY2M2MmRkYTRl
YTMxNGYwHhcNMjUwNjE5MTIxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzYyNzQ2Y2U3ZGU5MjllNGJlOWFhZTlkMGMyM2VjM2Y1Y2Y4YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsleZcpvYCOUOhJQ/jS6iQnjY4eMH
H54lsXvs2GP7/V4He0HsCcgDFgTqbgf1q86FSREGqfJL+fQjNWiUgenPf+LoNOdZ
0UW+XtkR+4CKMAZ5fSoQ2/jJOU7BrTCnqKjFhgi4uNGdAVxOaxCDHiRt/ZnNcZAf
smGe5F/SWWfxL/CqdhaI916o4L9bydoVYQ1tRRIKbglErSAPn0TLvrfkOQEqf37n
4yp5m/aSI6Hkk7o8oJCUBSFguHa7HuWdSlSEi/4ckfrhrdqnwh2VLPxjD75elYAm
rYxoMB1lzwIE6VWDzq1dsS6E4EPdwONFq3TT1nNDRoQnY0I0nweGWTSqzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNxidGzn3pKeS+mq6dDCPsP1z4pkMB8GA1UdIwQY
MBaAFCdQ89ftglYX4mvgmuzMYt2k6jFPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFEejEtMkNWaGZpYS1DYTdNeGkzYVRxTVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84NTdhMmYtMzI4OC00NjdlLWIwNDMt
MjQzMWU2YmE2MzExLzEvM0dKMGJPZmVrcDVMNmFycDBNSS13X1hQaW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84NTdhMmYtMzI4OC00NjdlLWIwNDMtMjQzMWU2YmE2MzEx
LzEvSjFEejEtMkNWaGZpYS1DYTdNeGkzYVRxTVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBMI
MA0GCSqGSIb3DQEBCwUAA4IBAQDNiuoK5saSNf6+U5e/xbj6vTAQ/zyo+oofxQK5
ohvI29OQ6ZtCC33MrOFDsPgRH6HhvtD7upXS/fsojHDU4RncHVebxsKmBllx4t3G
R7vwIM+LJrq4CEj5bvQJ37q0//N4EsegeS9skpm0CTE4qso+g+EkHVwn/4mOdap6
tfIDSDZQtBNaQUHd2/rDmNvD4SEelOSawjDFPX0jkzw3/0aezGhYfewFsJ9x++s5
00SGD3hv9n4Vt85ZY3UYlozt5fNAWVBYZxhAP/hC5HK8LmekgjlRge5kr+qJhLWu
2Wl7AV6beDRdeY97I4JYlJH9bsFNPOjEEvAKKNUbKD6EhuXV
-----END CERTIFICATE-----
Generated at Wed Jul 2 21:55:04 2025 by rpki-client