Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/DaFgw0iNa5nSkbNJv-PnmACTGEE.roa
File: DaFgw0iNa5nSkbNJv-PnmACTGEE.roa (raw, json)
Hash identifier: 8633rdskCHMREKXJdJgcLU/YxRAFrByGjKiInCfQwbs=
Subject key identifier: 0D:A1:60:C3:48:8D:6B:99:D2:91:B3:49:BF:E3:E7:98:00:93:18:41
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 0198C92CAA21B3FCB65DEF1B9BA5C3469865
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/DaFgw0iNa5nSkbNJv-PnmACTGEE.roa
Signing time: Wed 20 Aug 2025 20:30:04 +0000
ROA not before: Wed 20 Aug 2025 20:30:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9201
IP address blocks: 2001:1400::/29 maxlen: 32
2001:1400:ffee::/48 maxlen: 48
2001:1401::/32 maxlen: 32
2001:1402::/32 maxlen: 32
2001:1403::/32 maxlen: 32
2001:1404::/32 maxlen: 32
2001:1405::/32 maxlen: 32
2001:1406::/32 maxlen: 32
2001:1407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c9:2c:aa:21:b3:fc:b6:5d:ef:1b:9b:a5:c3:46:98:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Aug 20 20:30:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0da160c3488d6b99d291b349bfe3e79800931841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:aa:10:ca:51:32:66:00:30:cf:83:f6:78:
dc:4b:5e:95:1c:39:24:16:5c:69:ca:ad:d9:ea:f3:
a2:8f:da:79:5c:1d:79:34:70:05:48:a3:d2:e1:29:
f4:35:30:1f:6b:83:0f:e5:ad:99:a2:59:87:16:5b:
78:65:97:82:64:fd:23:b2:03:ea:09:a4:bb:9d:1f:
0e:6b:2a:c2:54:d8:ae:73:e6:bb:6c:0e:58:23:a2:
d0:bb:39:a7:76:43:a9:57:2c:18:47:4c:f3:98:a8:
9c:7b:ee:61:e7:51:d0:bb:c8:92:10:3f:1c:88:96:
00:aa:9f:d8:30:b1:38:e0:47:cf:f1:15:78:6a:c0:
30:b4:5b:67:c3:e7:94:59:ec:5c:d1:25:70:9a:8b:
20:1d:9a:5a:62:ec:60:85:ec:52:65:a6:ed:ba:f6:
c1:3b:21:87:ac:5a:50:5e:98:d4:5c:d1:10:0b:f6:
c0:b7:1a:b2:7a:19:a6:8d:4c:fb:a0:bb:b3:77:af:
20:2c:b7:a9:de:ee:02:8c:59:ba:cd:c4:2f:39:96:
88:45:09:e8:7b:c2:73:a7:75:ad:a3:b9:57:dc:a3:
ed:77:ed:58:69:84:38:d5:0c:e6:92:b7:41:cb:5a:
8c:07:b4:39:ea:b4:c2:85:1f:96:6f:4a:61:34:1d:
ea:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A1:60:C3:48:8D:6B:99:D2:91:B3:49:BF:E3:E7:98:00:93:18:41
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/DaFgw0iNa5nSkbNJv-PnmACTGEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1400::/29
Signature Algorithm: sha256WithRSAEncryption
96:34:e7:7f:0d:b5:89:ac:d1:c1:7f:bd:a7:10:da:23:1c:23:
16:b1:65:13:93:ef:2c:0a:8c:04:99:ea:88:2b:50:83:13:8b:
96:f4:5c:4c:db:b6:8a:02:bb:ec:1a:5e:b2:ff:99:40:19:ec:
28:1a:cf:6f:6b:85:f4:1d:41:4e:7f:4c:4a:f9:90:68:6a:9b:
fc:ca:c8:ea:f3:6b:01:cc:59:a5:5f:83:78:a8:8e:71:f5:9f:
5f:41:e5:6a:ea:0c:25:ff:1c:c3:79:b3:f0:f9:18:15:0b:88:
f5:72:ec:8f:a0:f3:78:01:20:5b:55:fc:65:0a:fd:b8:1e:4d:
a3:8c:1f:06:89:03:6f:a9:fe:c2:57:8b:86:20:4c:c5:8c:8b:
80:75:17:87:ee:1c:bc:04:d0:6f:5d:b4:e5:2b:77:7d:16:32:
63:5f:0b:96:e7:04:26:83:b3:44:8a:3d:8b:ed:ed:90:bb:63:
b1:83:d5:6d:be:75:86:5c:a7:f7:a1:40:25:e2:e4:0d:b2:1d:
ae:cd:56:00:7f:1b:37:6b:8d:4a:a4:a8:e4:aa:1f:76:62:fa:
11:d1:35:4f:2f:19:79:91:81:c7:af:a1:cd:28:60:fb:66:69:
f7:c1:99:78:87:8e:1c:22:f9:0d:c5:8e:80:cd:52:60:1b:6a:
d0:ae:44:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjJLKohs/y2Xe8bm6XDRphlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmM5YmMyZDJkYWNmZDZmMTMwZDg1YTg0ZmVkZWFiZjE3
OWE1NjcwHhcNMjUwODIwMjAzMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGExNjBjMzQ4OGQ2Yjk5ZDI5MWIzNDliZmUzZTc5ODAwOTMxODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYCqEMpRMmYAMM+D9njcS16VHDkk
Flxpyq3Z6vOij9p5XB15NHAFSKPS4Sn0NTAfa4MP5a2ZolmHFlt4ZZeCZP0jsgPq
CaS7nR8OayrCVNiuc+a7bA5YI6LQuzmndkOpVywYR0zzmKice+5h51HQu8iSED8c
iJYAqp/YMLE44EfP8RV4asAwtFtnw+eUWexc0SVwmosgHZpaYuxghexSZabtuvbB
OyGHrFpQXpjUXNEQC/bAtxqyehmmjUz7oLuzd68gLLep3u4CjFm6zcQvOZaIRQno
e8Jzp3Wto7lX3KPtd+1YaYQ41QzmkrdBy1qMB7Q56rTChR+Wb0phNB3qgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA2hYMNIjWuZ0pGzSb/j55gAkxhBMB8GA1UdIwQY
MBaAFKgsm8LS2s/W8TDYWoT+3qvxeaVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgt
NTVjMTQwYzlmNTRmLzEvRGFGZ3cwaU5hNW5Ta2JOSnYtUG5tQUNUR0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgtNTVjMTQwYzlmNTRm
LzEvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAEUADAN
BgkqhkiG9w0BAQsFAAOCAQEAljTnfw21iazRwX+9pxDaIxwjFrFlE5PvLAqMBJnq
iCtQgxOLlvRcTNu2igK77Bpesv+ZQBnsKBrPb2uF9B1BTn9MSvmQaGqb/MrI6vNr
AcxZpV+DeKiOcfWfX0HlauoMJf8cw3mz8PkYFQuI9XLsj6DzeAEgW1X8ZQr9uB5N
o4wfBokDb6n+wleLhiBMxYyLgHUXh+4cvATQb1205St3fRYyY18LlucEJoOzRIo9
i+3tkLtjsYPVbb51hlyn96FAJeLkDbIdrs1WAH8bN2uNSqSo5KofdmL6EdE1Ty8Z
eZGBx6+hzShg+2Zp98GZeIeOHCL5DcWOgM1SYBtq0K5EHg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:01:59 2025 by rpki-client