Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2Z1uZ9VzJVYN7-bJMPqKwdc1JoE.roa
File: 2Z1uZ9VzJVYN7-bJMPqKwdc1JoE.roa (raw, json)
Hash identifier: F2JLs5+5MsI1KOYTg5TyUQMCbAFgXUy0LauhXoXfNRs=
Subject key identifier: D9:9D:6E:67:D5:73:25:56:0D:EF:E6:C9:30:FA:8A:C1:D7:35:26:81
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01979DB8CD4ED3945E79367581A2657918BE
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2Z1uZ9VzJVYN7-bJMPqKwdc1JoE.roa
Signing time: Mon 23 Jun 2025 16:57:03 +0000
ROA not before: Mon 23 Jun 2025 16:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207432
IP address blocks: 2a11:3a80::/29 maxlen: 37
2a11:6780::/29 maxlen: 37
2a11:6880::/29 maxlen: 37
2a11:6980::/29 maxlen: 37
2a11:a680::/29 maxlen: 37
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 09:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:b8:cd:4e:d3:94:5e:79:36:75:81:a2:65:79:18:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 23 16:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d99d6e67d57325560defe6c930fa8ac1d7352681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:72:54:72:8d:ee:ca:a1:23:7f:3b:eb:17:4e:
a3:58:2b:f7:6f:0a:a1:cd:7e:ca:d6:00:7f:09:85:
b3:15:98:ac:b3:cc:2a:ad:22:77:06:a7:b0:7f:cb:
9d:71:3b:0d:8c:8d:fb:a7:99:ad:04:c3:eb:9a:bf:
ac:48:20:89:e3:4d:3e:f7:4c:1b:14:8e:ae:6c:48:
58:14:8e:a2:dc:61:6b:5f:27:af:b3:3c:5e:a7:f7:
0d:da:93:5e:cf:02:bf:c9:72:0c:8c:9c:13:b7:9b:
9e:33:49:8e:7b:2d:cc:98:d6:39:83:fc:4e:00:18:
b9:81:b3:77:1f:00:2a:72:98:3a:d8:46:02:e3:e0:
51:70:9a:b5:31:e9:f9:67:80:17:2a:00:aa:e4:21:
a7:f7:9e:81:0f:ee:bc:6b:9e:61:ae:52:fe:dc:7c:
57:18:d0:a9:ae:e4:c5:47:9e:35:8b:3f:62:88:dc:
cc:fb:cb:1d:d6:93:0b:8d:9c:d1:85:4d:f7:36:7b:
47:7b:4e:8e:e6:5b:c5:51:fb:f1:7b:55:26:d6:0b:
bf:6c:b6:22:12:63:4e:3e:ec:09:06:26:31:83:f5:
a0:07:ca:44:b2:da:7c:cb:80:7f:f0:11:52:fc:01:
cf:c3:16:e6:79:57:4a:a2:c6:68:9e:07:67:c9:51:
5f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9D:6E:67:D5:73:25:56:0D:EF:E6:C9:30:FA:8A:C1:D7:35:26:81
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2Z1uZ9VzJVYN7-bJMPqKwdc1JoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3a80::/29
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:a680::/29
Signature Algorithm: sha256WithRSAEncryption
62:66:e8:11:a7:73:48:b1:22:47:ba:20:d4:6e:ba:d8:ae:9d:
62:ce:37:23:bc:90:2f:0c:e6:55:4e:9c:1d:ea:f8:b5:19:a9:
bf:30:65:e2:a6:7b:67:81:dd:c0:1b:4d:a2:e9:03:3a:04:48:
fa:e6:ee:88:1f:d4:a6:f1:c6:f6:e6:9b:0f:f1:ae:c8:82:31:
96:3f:48:44:c6:bc:f5:13:30:da:5f:3d:56:09:1a:83:99:22:
d2:32:27:f2:26:d4:be:31:e1:ba:18:86:de:42:df:ba:16:ca:
8c:f4:86:d8:f9:6d:01:28:db:68:9c:1f:dd:c0:f5:b3:e0:c2:
70:03:49:51:27:ed:74:09:64:36:49:59:40:91:6a:5a:8e:7d:
d1:98:d3:e6:b9:56:b2:cb:91:80:8f:13:fa:72:b6:96:45:d8:
bd:28:a4:2d:4b:c0:4d:fc:34:30:ec:a4:6c:e0:d4:3c:b6:8e:
0a:11:64:cd:24:44:50:12:0c:a0:cf:44:fd:42:cf:65:23:f3:
b0:66:6b:cd:ab:e9:97:ab:11:c1:64:ba:c8:d3:75:1f:76:74:
80:da:5e:20:00:3e:f3:33:80:60:3d:2f:de:2f:36:d6:09:2c:
15:c0:21:4d:9e:bd:16:67:d4:11:19:5d:62:6c:fe:38:a7:56:
dd:9c:5c:c9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZeduM1O05ReeTZ1gaJleRi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNjIzMTY1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTlkNmU2N2Q1NzMyNTU2MGRlZmU2YzkzMGZhOGFjMWQ3MzUyNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3JUco3uyqEjfzvrF06jWCv3bwqh
zX7K1gB/CYWzFZiss8wqrSJ3Bqewf8udcTsNjI37p5mtBMPrmr+sSCCJ400+90wb
FI6ubEhYFI6i3GFrXyevszxep/cN2pNezwK/yXIMjJwTt5ueM0mOey3MmNY5g/xO
ABi5gbN3HwAqcpg62EYC4+BRcJq1Men5Z4AXKgCq5CGn956BD+68a55hrlL+3HxX
GNCpruTFR541iz9iiNzM+8sd1pMLjZzRhU33NntHe06O5lvFUfvxe1Um1gu/bLYi
EmNOPuwJBiYxg/WgB8pEstp8y4B/8BFS/AHPwxbmeVdKosZongdnyVFfiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNmdbmfVcyVWDe/myTD6isHXNSaBMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMloxdVo5VnpKVllONy1iSk1QcUt3ZGMxSm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhE6gAMF
AyoRZ4ADBQMqEWiAAwUDKhFpgAMFAyoRpoAwDQYJKoZIhvcNAQELBQADggEBAGJm
6BGnc0ixIke6INRuutiunWLONyO8kC8M5lVOnB3q+LUZqb8wZeKme2eB3cAbTaLp
AzoESPrm7ogf1Kbxxvbmmw/xrsiCMZY/SETGvPUTMNpfPVYJGoOZItIyJ/Im1L4x
4boYht5C37oWyoz0htj5bQEo22icH93A9bPgwnADSVEn7XQJZDZJWUCRalqOfdGY
0+a5VrLLkYCPE/pytpZF2L0opC1LwE38NDDspGzg1Dy2jgoRZM0kRFASDKDPRP1C
z2Uj87Bma82r6ZerEcFkusjTdR92dIDaXiAAPvMzgGA9L94vNtYJLBXAIU2evRZn
1BEZXWJs/jinVt2cXMk=
-----END CERTIFICATE-----
Generated at Wed Jul 2 16:38:45 2025 by rpki-client