Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/nTLrnsLe5pfeZdn2nN3avyrKvR8.roa
File: nTLrnsLe5pfeZdn2nN3avyrKvR8.roa (raw, json)
Hash identifier: PYUn70hC1UKNiPtYZXRm5ik4trcOE5BeJZLN9btWaTY=
Subject key identifier: 9D:32:EB:9E:C2:DE:E6:97:DE:65:D9:F6:9C:DD:DA:BF:2A:CA:BD:1F
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0199E74F02C58889DF63154454B7BF832E7A
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/nTLrnsLe5pfeZdn2nN3avyrKvR8.roa
Signing time: Wed 15 Oct 2025 09:58:58 +0000
ROA not before: Wed 15 Oct 2025 09:58:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0b:8440::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:be40::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:4f:02:c5:88:89:df:63:15:44:54:b7:bf:83:2e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Oct 15 09:58:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d32eb9ec2dee697de65d9f69cdddabf2acabd1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:ea:ec:60:36:1b:37:ac:c6:df:d3:08:10:
ae:8d:ef:88:fd:4c:95:5e:3f:2b:b8:30:97:95:8e:
70:4f:e1:17:01:95:c8:7b:fd:94:63:8a:10:ea:7a:
a9:8b:08:be:e6:c2:cb:a1:8c:18:b0:1b:24:bd:e0:
31:6c:c4:55:c1:ae:c0:14:50:0d:55:bc:a3:38:30:
45:a2:b2:ad:77:04:1f:ad:7f:e4:c6:39:62:06:33:
0e:ab:e3:ee:cb:94:bd:b2:e6:c2:ed:b5:a7:30:98:
17:d4:f7:5a:2c:60:0e:49:f2:04:33:ec:12:c5:5e:
cf:79:15:70:9f:ec:00:96:5b:56:a4:25:a0:ce:dd:
d8:90:6f:b6:7c:8e:2f:0e:7f:2d:e8:59:a8:53:e8:
3e:47:11:9b:c2:54:04:ae:0d:ec:be:6d:15:b5:cc:
67:a8:08:87:6d:64:67:40:26:18:0d:0d:f8:14:7b:
9a:2f:2d:70:2a:22:13:46:e2:3f:69:67:c8:87:29:
c1:30:6a:2d:be:dd:46:e8:9d:2d:fa:79:16:12:99:
92:74:4e:dd:5f:33:2c:49:d5:c8:1c:f7:35:f9:65:
5d:32:cc:ca:d3:7d:1f:ae:da:34:9a:d4:2a:3d:67:
95:d5:f4:2d:4b:d5:00:d7:34:77:ec:fc:99:2c:c8:
05:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:32:EB:9E:C2:DE:E6:97:DE:65:D9:F6:9C:DD:DA:BF:2A:CA:BD:1F
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/nTLrnsLe5pfeZdn2nN3avyrKvR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:8440::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:be40::/29
2a13:bec0::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
45:da:78:5f:07:33:9d:c0:b0:c3:3d:c4:87:47:3f:42:1a:3e:
f5:be:ca:ec:fd:ca:0b:97:40:d1:10:fb:83:d3:7d:56:1f:10:
59:cb:74:38:c6:be:cb:37:94:9b:ed:65:f4:03:c0:11:c5:55:
b5:cf:96:38:e8:3f:61:f1:a7:ee:36:65:0e:08:8f:95:ea:55:
22:c9:4d:b6:a5:04:35:57:70:df:15:aa:3c:ae:f8:0e:58:f9:
45:65:57:bd:4e:94:82:c2:d4:5a:f1:d1:91:f6:e6:81:25:21:
e1:d9:07:0f:26:ad:4d:ec:c7:23:74:32:84:10:9a:4e:77:2e:
68:1a:9e:40:b5:f6:58:93:9a:33:49:69:61:5e:1e:55:8e:02:
f5:6a:d7:87:68:7d:e2:91:3f:4e:e0:6b:f5:17:47:20:db:b5:
21:14:f8:38:80:05:4f:e0:98:0e:ea:99:9e:02:ae:8e:d4:6f:
cf:44:91:55:ac:a5:f7:1b:c3:87:77:f5:06:f9:a6:99:0e:b0:
8d:12:c9:cd:8e:85:a4:7f:b6:56:72:3a:82:4d:79:06:af:10:
ce:56:c4:87:58:8b:9e:86:7a:78:62:6e:e4:08:5e:e5:54:f6:
a2:37:c1:be:b2:c3:bb:3e:51:bf:06:65:5a:bb:24:a7:e7:11:
6e:fa:66:4e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZnnTwLFiInfYxVEVLe/gy56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUxMDE1MDk1ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMyZWI5ZWMyZGVlNjk3ZGU2NWQ5ZjY5Y2RkZGFiZjJhY2FiZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlezq7GA2Gzesxt/TCBCuje+I/UyV
Xj8ruDCXlY5wT+EXAZXIe/2UY4oQ6nqpiwi+5sLLoYwYsBskveAxbMRVwa7AFFAN
VbyjODBForKtdwQfrX/kxjliBjMOq+Puy5S9subC7bWnMJgX1PdaLGAOSfIEM+wS
xV7PeRVwn+wAlltWpCWgzt3YkG+2fI4vDn8t6FmoU+g+RxGbwlQErg3svm0Vtcxn
qAiHbWRnQCYYDQ34FHuaLy1wKiITRuI/aWfIhynBMGotvt1G6J0t+nkWEpmSdE7d
XzMsSdXIHPc1+WVdMszK030frto0mtQqPWeV1fQtS9UA1zR37PyZLMgFYQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJ0y657C3uaX3mXZ9pzd2r8qyr0fMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvblRMcm5zTGU1cGZlWmRuMm5OM2F2eXJLdlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgfyQAMF
AyoLhEADBQMqEKnAAwUDKhNQQAMFAyoTvkADBQMqE77AAwUDKhPNwAMFAyoT0UAw
DQYJKoZIhvcNAQELBQADggEBAEXaeF8HM53AsMM9xIdHP0IaPvW+yuz9yguXQNEQ
+4PTfVYfEFnLdDjGvss3lJvtZfQDwBHFVbXPljjoP2Hxp+42ZQ4Ij5XqVSLJTbal
BDVXcN8Vqjyu+A5Y+UVlV71OlILC1Frx0ZH25oElIeHZBw8mrU3sxyN0MoQQmk53
LmgankC19liTmjNJaWFeHlWOAvVq14dofeKRP07ga/UXRyDbtSEU+DiABU/gmA7q
mZ4Cro7Ub89EkVWspfcbw4d39Qb5ppkOsI0Syc2OhaR/tlZyOoJNeQavEM5WxIdY
i56GenhibuQIXuVU9qI3wb6yw7s+Ub8GZVq7JKfnEW76Zk4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:42 2025 by rpki-client