Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5n3pDdBZIfRKKwvF-PXsVxqWP7g.roa
File: 5n3pDdBZIfRKKwvF-PXsVxqWP7g.roa (raw, json)
Hash identifier: OEQS8BiFWADS330IE0IjflqpZ+380q91zFOvGv1tTY0=
Subject key identifier: E6:7D:E9:0D:D0:59:21:F4:4A:2B:0B:C5:F8:F5:EC:57:1A:96:3F:B8
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0198BEABC30C626DE8282697FADEDE1DFFB2
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5n3pDdBZIfRKKwvF-PXsVxqWP7g.roa
Signing time: Mon 18 Aug 2025 19:33:04 +0000
ROA not before: Mon 18 Aug 2025 19:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:b480::/29 maxlen: 29
2a0f:63c0::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:be40::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:be:ab:c3:0c:62:6d:e8:28:26:97:fa:de:de:1d:ff:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Aug 18 19:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e67de90dd05921f44a2b0bc5f8f5ec571a963fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f2:79:81:a9:04:d6:96:e0:31:20:1c:f5:43:
15:5d:42:12:84:e4:e6:ed:83:71:4b:3e:f7:be:42:
48:01:e9:40:a6:b7:da:86:40:8a:3d:5a:58:2e:c8:
1c:57:43:6c:3b:68:02:1f:1a:a7:43:f2:0a:ec:44:
c1:10:61:13:17:22:96:24:8e:a2:fc:e8:a6:eb:f2:
f2:39:29:09:5f:0f:9b:75:ef:01:fb:79:01:4d:76:
c9:bc:17:85:c5:fa:ef:29:6d:c9:96:74:b4:0d:6a:
1f:45:be:c3:35:cb:1a:da:cf:c0:07:55:81:b0:78:
f0:29:2b:f2:40:88:2f:63:eb:a3:80:48:dd:45:2b:
08:46:68:ba:b5:74:0e:1d:47:b4:9d:8f:47:cf:1a:
f9:03:ce:66:e4:bb:0a:04:d8:12:5b:47:47:2d:88:
33:e4:63:66:f2:62:00:f4:70:d5:ad:39:54:71:7f:
df:88:63:6a:7a:61:f4:32:f3:0c:a8:59:f8:42:7a:
09:f5:87:4c:af:1a:b5:c0:5f:e3:30:0d:8c:f4:d7:
87:96:7a:2d:2b:9b:eb:07:72:32:dd:74:8c:0d:2f:
eb:cb:40:bc:0e:b4:9a:30:e7:78:0d:90:d5:d7:1f:
ab:2f:96:e1:fd:6f:c0:ee:7a:df:68:1e:a8:07:8a:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7D:E9:0D:D0:59:21:F4:4A:2B:0B:C5:F8:F5:EC:57:1A:96:3F:B8
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5n3pDdBZIfRKKwvF-PXsVxqWP7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
2a0f:63c0::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:be40::/29
2a13:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:10:1b:f1:2d:50:c9:00:27:a5:2d:cf:83:70:42:22:86:1a:
fe:ee:2c:b3:30:8b:c8:71:4a:1b:dd:14:7d:25:ce:85:ef:fa:
de:2b:00:36:a1:81:9f:85:3a:ae:b0:db:ad:2a:38:ae:28:a7:
2c:26:83:fc:b4:7e:57:21:ad:4f:5e:da:ce:2d:40:db:92:90:
c8:d4:33:04:ff:66:26:c6:6d:e1:86:fa:22:2e:c1:b3:53:47:
37:a9:db:85:25:73:b3:f6:49:bc:4e:f6:b6:27:50:34:e1:52:
64:fa:ae:22:99:c1:c6:2b:2e:6e:2b:d8:11:d5:62:a1:db:07:
78:37:1e:07:07:b8:d6:e0:b6:99:67:c0:6d:88:b5:e6:5c:27:
24:0a:7e:2b:05:23:e6:5a:37:50:3b:2d:ce:cd:41:3c:87:82:
4e:b5:aa:23:67:c6:44:33:ba:be:a4:b3:65:b4:6f:a7:72:c7:
da:49:ce:b6:9b:19:1e:a3:13:bb:d2:2c:b8:3e:cd:8d:51:af:
c4:5d:a6:12:85:ed:0e:75:cb:b3:52:74:32:54:4a:48:8f:cf:
36:18:11:3c:6d:02:82:8b:dc:a7:88:77:0c:60:9e:a0:f6:28:
8a:f2:b6:3f:96:dc:4d:4d:6f:9f:cb:84:65:35:d2:b9:36:83:
7c:19:2b:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZi+q8MMYm3oKCaX+t7eHf+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwODE4MTkzMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdkZTkwZGQwNTkyMWY0NGEyYjBiYzVmOGY1ZWM1NzFhOTYzZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fJ5gakE1pbgMSAc9UMVXUIShOTm
7YNxSz73vkJIAelAprfahkCKPVpYLsgcV0NsO2gCHxqnQ/IK7ETBEGETFyKWJI6i
/Oim6/LyOSkJXw+bde8B+3kBTXbJvBeFxfrvKW3JlnS0DWofRb7DNcsa2s/AB1WB
sHjwKSvyQIgvY+ujgEjdRSsIRmi6tXQOHUe0nY9Hzxr5A85m5LsKBNgSW0dHLYgz
5GNm8mIA9HDVrTlUcX/fiGNqemH0MvMMqFn4QnoJ9YdMrxq1wF/jMA2M9NeHlnot
K5vrB3Iy3XSMDS/ry0C8DrSaMOd4DZDV1x+rL5bh/W/A7nrfaB6oB4rlAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOZ96Q3QWSH0SisLxfj17Fcalj+4MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvNW4zcERkQlpJZlJLS3d2Ri1QWHNWeHFXUDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgu0gAMF
AyoPY8ADBQMqEKnAAwUDKhNQQAMFAyoTvkADBQMqE77AMA0GCSqGSIb3DQEBCwUA
A4IBAQAuEBvxLVDJACelLc+DcEIihhr+7iyzMIvIcUob3RR9Jc6F7/reKwA2oYGf
hTqusNutKjiuKKcsJoP8tH5XIa1PXtrOLUDbkpDI1DME/2Ymxm3hhvoiLsGzU0c3
qduFJXOz9km8Tva2J1A04VJk+q4imcHGKy5uK9gR1WKh2wd4Nx4HB7jW4LaZZ8Bt
iLXmXCckCn4rBSPmWjdQOy3OzUE8h4JOtaojZ8ZEM7q+pLNltG+ncsfaSc62mxke
oxO70iy4Ps2NUa/EXaYShe0OdcuzUnQyVEpIj882GBE8bQKCi9yniHcMYJ6g9iiK
8rY/ltxNTW+fy4RlNdK5NoN8GSug
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:09:39 2025 by rpki-client