Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/fl64q3w812YfzXLS36kYEo550Os.roa
File: fl64q3w812YfzXLS36kYEo550Os.roa (raw, json)
Hash identifier: FCrMbgS1Qp2Ghje1H1/gJu/F21+3Pg9qcnIqWk+O48U=
Subject key identifier: 7E:5E:B8:AB:7C:3C:D7:66:1F:CD:72:D2:DF:A9:18:12:8E:79:D0:EB
Certificate issuer: /CN=a8246b88b829b4a3aadc280da145b63e99e92a0e
Certificate serial: 0198AE3B14A973A8D272BFF08EEFFD9BA2EF
Authority key identifier: A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCRriLgptKOq3CgNoUW2PpnpKg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/fl64q3w812YfzXLS36kYEo550Os.roa
Signing time: Fri 15 Aug 2025 14:56:04 +0000
ROA not before: Fri 15 Aug 2025 14:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 2a09:d140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qCRriLgptKOq3CgNoUW2PpnpKg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ae:3b:14:a9:73:a8:d2:72:bf:f0:8e:ef:fd:9b:a2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8246b88b829b4a3aadc280da145b63e99e92a0e
Validity
Not Before: Aug 15 14:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e5eb8ab7c3cd7661fcd72d2dfa918128e79d0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:ff:d2:98:ba:7a:81:c9:ab:77:01:63:f0:
3e:e6:1f:fa:c1:8c:fc:59:54:64:a5:5f:1c:05:2c:
09:20:62:c1:e8:82:c6:d5:98:0a:fe:6b:9b:79:e3:
ec:3e:56:15:a9:a1:b7:e1:32:a9:17:62:2a:17:b0:
ae:15:4f:64:1f:50:4d:40:49:fc:58:c0:95:b1:a4:
09:ea:dd:14:99:cf:51:0e:b5:92:13:64:1a:f9:a7:
1b:70:1c:f1:cc:78:4a:7c:81:67:eb:9c:a5:ed:fd:
1b:71:ac:47:72:4c:e7:bd:0b:b5:5b:26:e5:68:4e:
18:e4:ae:07:43:f1:bb:8c:bd:45:5b:07:1a:41:d9:
2f:d7:af:8a:06:ac:0b:a4:06:ee:60:cf:fe:f7:89:
9b:2c:a6:6e:c8:07:b7:39:b0:03:82:d8:e9:cb:8b:
fb:62:e8:ec:ff:26:a0:dd:3e:2b:8d:54:55:f7:5e:
dd:a3:eb:8f:81:cc:aa:66:2a:ef:93:11:d6:fd:8e:
e7:25:e2:43:dc:38:65:1e:9d:02:95:4a:d8:df:d5:
6a:d1:4e:63:39:4f:35:df:0d:63:61:3d:50:31:41:
32:85:a4:92:78:54:3b:c7:46:b3:20:ae:cb:34:99:
0a:9c:ab:65:79:8a:56:3b:5e:69:c9:3c:9d:96:0d:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5E:B8:AB:7C:3C:D7:66:1F:CD:72:D2:DF:A9:18:12:8E:79:D0:EB
X509v3 Authority Key Identifier:
keyid:A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCRriLgptKOq3CgNoUW2PpnpKg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/fl64q3w812YfzXLS36kYEo550Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d140::/29
Signature Algorithm: sha256WithRSAEncryption
94:bf:70:c6:6d:0f:58:66:8d:78:d6:f3:5f:91:f6:ee:81:cf:
c7:52:3f:b1:6d:e6:af:43:c5:66:5c:c3:50:0f:6a:28:1d:1b:
ee:c0:ec:da:77:85:e5:c7:73:9b:b0:1f:54:18:1c:6e:f3:58:
37:d5:3e:50:4f:43:24:b6:1e:6c:17:74:bc:8b:4d:3c:fa:1d:
7a:aa:dc:fe:4b:16:3b:9b:fb:73:c1:0c:f4:4b:ef:b9:51:ab:
3a:6c:f4:9a:33:7f:4f:36:d9:de:0b:70:1a:c0:24:66:f3:13:
c5:e6:a1:11:f1:26:2f:20:f7:d6:21:4e:ad:2a:7e:8a:da:73:
6e:fa:7c:c6:dd:21:ef:d9:e1:d9:e3:dd:27:39:33:ed:e9:90:
e8:a4:3b:af:10:c9:c7:77:35:bc:4b:43:60:6f:b1:a4:d1:25:
0a:81:9b:03:d5:74:0a:81:0f:a8:7f:f9:ed:91:58:3c:96:20:
03:67:30:7c:da:ce:e6:bd:7a:26:06:13:4d:ee:75:29:82:d2:
b5:fe:0a:52:2d:31:66:86:02:df:4b:6e:f6:0c:69:ce:ae:98:
06:16:8b:89:4a:07:0d:f3:56:b1:d6:58:5f:2c:98:c0:b0:5f:
da:45:f0:de:9c:6a:93:a5:81:28:2f:45:9c:77:80:61:ca:34:
8b:4b:97:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZiuOxSpc6jScr/wju/9m6LvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjQ2Yjg4YjgyOWI0YTNhYWRjMjgwZGExNDViNjNlOTll
OTJhMGUwHhcNMjUwODE1MTQ1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTVlYjhhYjdjM2NkNzY2MWZjZDcyZDJkZmE5MTgxMjhlNzlkMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshP/0pi6eoHJq3cBY/A+5h/6wYz8
WVRkpV8cBSwJIGLB6ILG1ZgK/mubeePsPlYVqaG34TKpF2IqF7CuFU9kH1BNQEn8
WMCVsaQJ6t0Umc9RDrWSE2Qa+acbcBzxzHhKfIFn65yl7f0bcaxHckznvQu1Wybl
aE4Y5K4HQ/G7jL1FWwcaQdkv16+KBqwLpAbuYM/+94mbLKZuyAe3ObADgtjpy4v7
Yujs/yag3T4rjVRV917do+uPgcyqZirvkxHW/Y7nJeJD3DhlHp0ClUrY39Vq0U5j
OU813w1jYT1QMUEyhaSSeFQ7x0azIK7LNJkKnKtleYpWO15pyTydlg033QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH5euKt8PNdmH81y0t+pGBKOedDrMB8GA1UdIwQY
MBaAFKgka4i4KbSjqtwoDaFFtj6Z6SoOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNScmlMZ3B0S09xM0NnTm9VVzJQcG5wS2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hMzZmYjItZTYwZC00ZjhiLTljOGEt
NDkwYzg4MzAxZmNlLzEvZmw2NHEzdzgxMllmelhMUzM2a1lFbzU1ME9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hMzZmYjItZTYwZC00ZjhiLTljOGEtNDkwYzg4MzAxZmNl
LzEvcUNScmlMZ3B0S09xM0NnTm9VVzJQcG5wS2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgnRQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlL9wxm0PWGaNeNbzX5H27oHPx1I/sW3mr0PFZlzD
UA9qKB0b7sDs2neF5cdzm7AfVBgcbvNYN9U+UE9DJLYebBd0vItNPPodeqrc/ksW
O5v7c8EM9EvvuVGrOmz0mjN/TzbZ3gtwGsAkZvMTxeahEfEmLyD31iFOrSp+itpz
bvp8xt0h79nh2ePdJzkz7emQ6KQ7rxDJx3c1vEtDYG+xpNElCoGbA9V0CoEPqH/5
7ZFYPJYgA2cwfNrO5r16JgYTTe51KYLStf4KUi0xZoYC30tu9gxpzq6YBhaLiUoH
DfNWsdZYXyyYwLBf2kXw3pxqk6WBKC9FnHeAYco0i0uXeA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:59:02 2025 by rpki-client