Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/o0_uokbc8DAfkpFpL5KTzIMz2xw.roa
File: o0_uokbc8DAfkpFpL5KTzIMz2xw.roa (raw, json)
Hash identifier: 3yOZWGBb9gTR6xj666KpKp6gCkdifbvsz2ZEHLlrZpg=
Subject key identifier: A3:4F:EE:A2:46:DC:F0:30:1F:92:91:69:2F:92:93:CC:83:33:DB:1C
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0199616577CD472B73C4B4EA992E33649EA5
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/o0_uokbc8DAfkpFpL5KTzIMz2xw.roa
Signing time: Fri 19 Sep 2025 09:54:23 +0000
ROA not before: Fri 19 Sep 2025 09:54:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:f083::/32 maxlen: 32
2a13:f085::/32 maxlen: 32
2a13:f086::/32 maxlen: 32
2a13:f087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:61:65:77:cd:47:2b:73:c4:b4:ea:99:2e:33:64:9e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Sep 19 09:54:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a34feea246dcf0301f9291692f9293cc8333db1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4a:74:d7:2e:ba:aa:8b:18:2e:05:d8:d3:10:
ec:f8:ca:62:0e:22:b3:d4:de:c7:7c:57:91:89:76:
27:4c:af:28:15:38:90:5d:35:3b:3f:4c:a4:c2:b4:
b6:2b:a7:19:ca:11:5c:ca:fb:19:2d:c1:b8:a8:0e:
21:86:9f:0c:b0:0e:43:6e:45:ef:c3:73:29:16:a7:
7f:98:88:97:cd:6c:f5:dc:bc:90:5f:2a:8f:f0:4c:
19:ea:09:e5:7b:55:18:97:d8:e9:ec:c6:c6:93:80:
69:b0:f3:cb:d9:6d:d8:8f:63:13:f9:a7:da:d8:63:
de:3c:bd:dd:9a:03:08:08:8a:11:a6:32:4d:d8:30:
04:ac:51:3a:ec:da:6d:a6:7c:63:09:7c:71:7f:df:
9e:35:5f:f7:a4:fd:97:a2:85:49:f4:7d:67:97:1e:
74:34:ad:5e:a9:5a:88:3f:a6:b4:7d:1c:2a:b0:eb:
47:84:49:fa:43:e3:35:6a:cb:74:22:04:16:5c:16:
0c:7f:dc:d9:7e:ea:4a:ab:7b:b5:76:b9:1c:c7:65:
84:61:24:2a:b3:79:6e:19:8c:ee:99:6d:85:e6:b6:
16:12:e5:dc:40:cd:b4:4e:fd:7b:4e:e7:0b:cc:fc:
f2:58:81:82:e3:8e:ec:67:d8:13:08:58:ef:c6:1f:
b8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4F:EE:A2:46:DC:F0:30:1F:92:91:69:2F:92:93:CC:83:33:DB:1C
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/o0_uokbc8DAfkpFpL5KTzIMz2xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f083::/32
2a13:f085::-2a13:f087:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:b1:40:33:0d:ca:15:b8:26:c6:af:7c:74:4c:29:c7:86:02:
24:f2:f2:42:00:a9:89:b8:1e:17:f4:bf:fb:05:94:ed:62:7e:
a0:c8:49:2f:83:0a:65:6f:5d:b4:3f:cf:6d:17:d7:82:bf:4c:
81:3f:50:f5:89:07:07:a9:63:2c:a6:b6:54:f4:85:91:d9:48:
f4:88:dd:43:2f:12:61:29:3c:f4:48:21:0c:87:e3:cf:f2:a3:
dc:51:c6:f0:8e:1f:f9:50:7d:48:c2:18:8b:7d:fb:fe:12:92:
60:d2:66:03:54:f4:77:8e:cf:85:15:05:f0:16:47:dd:8f:28:
b8:b2:8c:22:a8:96:0a:46:df:94:25:5c:89:1d:4d:62:6f:25:
fc:c3:ed:8e:13:cb:2f:06:ab:57:26:71:4a:c7:34:6c:e1:5c:
0f:8d:81:cb:51:37:da:a4:d0:33:f0:00:5d:1f:77:c6:14:c8:
0f:5d:c8:8f:75:14:4e:2d:d2:2f:56:6f:2d:90:b5:16:ea:ce:
25:e9:9a:9f:0e:49:49:29:32:66:c4:6b:17:54:f5:70:a6:3a:
f6:08:43:fb:df:07:58:53:a9:d3:e6:39:9d:05:70:4d:9c:c6:
60:c1:08:3d:a4:e0:0f:ea:4c:b7:80:ca:6b:70:59:d9:fb:53:
ca:f5:14:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZlhZXfNRytzxLTqmS4zZJ6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwOTE5MDk1NDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzRmZWVhMjQ2ZGNmMDMwMWY5MjkxNjkyZjkyOTNjYzgzMzNkYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40p01y66qosYLgXY0xDs+MpiDiKz
1N7HfFeRiXYnTK8oFTiQXTU7P0ykwrS2K6cZyhFcyvsZLcG4qA4hhp8MsA5DbkXv
w3MpFqd/mIiXzWz13LyQXyqP8EwZ6gnle1UYl9jp7MbGk4BpsPPL2W3Yj2MT+afa
2GPePL3dmgMICIoRpjJN2DAErFE67NptpnxjCXxxf9+eNV/3pP2XooVJ9H1nlx50
NK1eqVqIP6a0fRwqsOtHhEn6Q+M1ast0IgQWXBYMf9zZfupKq3u1drkcx2WEYSQq
s3luGYzumW2F5rYWEuXcQM20Tv17TucLzPzyWIGC447sZ9gTCFjvxh+49QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNP7qJG3PAwH5KRaS+Sk8yDM9scMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvbzBfdW9rYmM4REFma3BGcEw1S1R6SU16Mnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKhPwgzAO
AwUAKhPwhQMFAyoT8IAwDQYJKoZIhvcNAQELBQADggEBACixQDMNyhW4JsavfHRM
KceGAiTy8kIAqYm4Hhf0v/sFlO1ifqDISS+DCmVvXbQ/z20X14K/TIE/UPWJBwep
YyymtlT0hZHZSPSI3UMvEmEpPPRIIQyH48/yo9xRxvCOH/lQfUjCGIt9+/4SkmDS
ZgNU9HeOz4UVBfAWR92PKLiyjCKolgpG35QlXIkdTWJvJfzD7Y4Tyy8Gq1cmcUrH
NGzhXA+NgctRN9qk0DPwAF0fd8YUyA9dyI91FE4t0i9Wby2QtRbqziXpmp8OSUkp
MmbEaxdU9XCmOvYIQ/vfB1hTqdPmOZ0FcE2cxmDBCD2k4A/qTLeAymtwWdn7U8r1
FJ0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:59:28 2025 by rpki-client