Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-9itQB5tTM8KjZ41aTRervY45vY.roa
File: 1-9itQB5tTM8KjZ41aTRervY45vY.roa (raw, json)
Hash identifier: xEmPkuMKjMTEtnxAbup4iBBukZ+GyYM1rNVKNTwGF+s=
Subject key identifier: FB:D8:AD:40:1E:6D:4C:CF:0A:8D:9E:35:69:34:5E:AE:F6:38:E6:F6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196680D686921F191DACEA0758B58092CEC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-9itQB5tTM8KjZ41aTRervY45vY.roa
Signing time: Thu 24 Apr 2025 13:47:11 +0000
ROA not before: Thu 24 Apr 2025 13:47:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197992
IP address blocks: 2a07:95c0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
2a0d:a9c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a10:3040::/29 maxlen: 29
2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
2a13:cc0::/29 maxlen: 29
2a13:2f40::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a13:9100::/29 maxlen: 29
2a13:9b00::/29 maxlen: 29
2a13:9d00::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:0d:68:69:21:f1:91:da:ce:a0:75:8b:58:09:2c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 24 13:47:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbd8ad401e6d4ccf0a8d9e3569345eaef638e6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:de:8f:b2:8d:0c:2b:1a:c2:5b:36:55:2f:90:
f6:8b:27:73:86:2f:81:9b:9e:65:a6:18:16:eb:42:
0a:6c:25:df:f2:65:98:ca:b3:e1:55:0d:42:7f:b7:
c9:71:b1:87:5d:9e:e0:50:33:b2:a5:ff:26:dd:99:
a0:6f:f7:cd:74:9c:6b:4f:86:58:9b:53:bf:d6:53:
57:25:2d:1b:7f:2e:7d:5e:01:db:e7:60:2c:c3:c5:
c9:46:44:ba:06:f1:41:69:af:b2:5e:ca:5e:23:ab:
21:26:b1:c3:86:a2:2e:28:3d:e4:fe:09:25:da:14:
f3:18:5b:d7:40:53:10:f9:c2:48:89:da:69:4e:89:
cc:d4:c8:69:f9:c5:a2:dc:66:d3:b1:38:0b:1e:0a:
2c:3d:6d:4d:c4:be:72:2a:c5:02:f3:a9:fd:dc:b2:
83:ec:da:7e:a5:a8:41:d0:75:93:3f:af:8e:79:6e:
14:6c:60:92:a8:92:0f:6c:4b:51:d9:d4:ae:62:af:
7d:cb:24:2b:08:03:76:f3:7c:23:8a:33:76:ae:2b:
30:20:a0:77:8f:28:6d:5f:eb:4e:c1:88:61:45:6c:
a1:f5:dc:c7:da:1a:c8:6f:86:50:b2:93:d1:dc:c3:
21:f6:9a:54:03:ed:7b:c8:fb:87:bb:02:62:ee:54:
d3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D8:AD:40:1E:6D:4C:CF:0A:8D:9E:35:69:34:5E:AE:F6:38:E6:F6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-9itQB5tTM8KjZ41aTRervY45vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:95c0::/29
2a0d:1140::/29
2a0d:a9c0::/29
2a0f:16c0::/29
2a0f:1a40::/29
2a0f:27c0::/29
2a0f:2e40::/29
2a0f:3740::/29
2a0f:7280::/29
2a0f:9600::/29
2a0f:ec00::/29
2a10:3040::/29
2a10:3640::/29
2a10:6300::/29
2a10:6900::/29
2a11:f040::/29
2a12:cd00::/29
2a13:cc0::/29
2a13:2f40::/29
2a13:4f00::/29
2a13:9100::/29
2a13:9b00::/29
2a13:9d00::/29
2a13:c700::/29
Signature Algorithm: sha256WithRSAEncryption
2a:d2:8b:9e:fb:55:c4:06:9e:ed:2c:99:4a:26:dd:e3:0a:db:
50:d2:09:77:55:30:66:33:ac:88:fa:07:32:57:3d:53:f6:71:
20:9f:8b:7b:8e:97:38:94:8e:7b:b8:1d:c1:7a:f2:61:8d:d6:
ac:3e:d4:1e:80:53:c2:9f:6e:f6:99:dd:4a:25:95:8d:e0:0a:
71:4e:92:98:26:a8:2c:59:09:dc:68:db:c1:24:53:a9:b6:f8:
c3:df:a5:cd:af:47:12:48:90:b5:c0:22:f0:3c:85:dc:58:95:
a3:89:b5:bb:36:8a:e9:af:db:43:a4:bc:31:f7:d4:ba:f1:22:
52:e5:72:21:f1:b7:ad:1d:b4:bd:c1:c8:48:1e:9c:61:1f:3a:
ad:17:6d:5a:ee:2a:82:64:9d:f0:9e:a9:82:87:d7:54:d6:bc:
36:04:9f:2d:fe:55:71:68:ef:88:a0:88:a4:15:01:9b:55:e3:
7d:56:4e:0b:71:ee:53:39:28:b2:08:03:5f:f8:fe:80:14:ac:
10:c9:55:d4:48:49:b9:ae:8d:78:ef:2b:72:12:9a:7f:1f:ed:
da:79:02:cb:07:2f:97:ab:db:5f:4b:94:83:dc:fa:d3:b9:81:
10:08:a5:15:74:1e:bf:cf:b8:f6:2f:da:2c:f2:2d:f7:99:45:
43:55:e7:bc
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZZoDWhpIfGR2s6gdYtYCSzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI0MTM0NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQ4YWQ0MDFlNmQ0Y2NmMGE4ZDllMzU2OTM0NWVhZWY2MzhlNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt6Pso0MKxrCWzZVL5D2iydzhi+B
m55lphgW60IKbCXf8mWYyrPhVQ1Cf7fJcbGHXZ7gUDOypf8m3Zmgb/fNdJxrT4ZY
m1O/1lNXJS0bfy59XgHb52Asw8XJRkS6BvFBaa+yXspeI6shJrHDhqIuKD3k/gkl
2hTzGFvXQFMQ+cJIidppTonM1Mhp+cWi3GbTsTgLHgosPW1NxL5yKsUC86n93LKD
7Np+pahB0HWTP6+OeW4UbGCSqJIPbEtR2dSuYq99yyQrCAN283wjijN2riswIKB3
jyhtX+tOwYhhRWyh9dzH2hrIb4ZQspPR3MMh9ppUA+17yPuHuwJi7lTTqwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFPvYrUAebUzPCo2eNWk0Xq72OOb2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS05aXRRQjV0VE04S2paNDFhVFJlcnZZNDV2WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRi
Ni8xL2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxQYIKwYBBQUHAQcBAf8EgbUwgbIwga8EAgACMIGoAwUD
KgeVwAMFAyoNEUADBQMqDanAAwUDKg8WwAMFAyoPGkADBQMqDyfAAwUDKg8uQAMF
AyoPN0ADBQMqD3KAAwUDKg+WAAMFAyoP7AADBQMqEDBAAwUDKhA2QAMFAyoQYwAD
BQMqEGkAAwUDKhHwQAMFAyoSzQADBQMqEwzAAwUDKhMvQAMFAyoTTwADBQMqE5EA
AwUDKhObAAMFAyoTnQADBQMqE8cAMA0GCSqGSIb3DQEBCwUAA4IBAQAq0oue+1XE
Bp7tLJlKJt3jCttQ0gl3VTBmM6yI+gcyVz1T9nEgn4t7jpc4lI57uB3BevJhjdas
PtQegFPCn272md1KJZWN4ApxTpKYJqgsWQncaNvBJFOptvjD36XNr0cSSJC1wCLw
PIXcWJWjibW7Norpr9tDpLwx99S68SJS5XIh8betHbS9wchIHpxhHzqtF21a7iqC
ZJ3wnqmCh9dU1rw2BJ8t/lVxaO+IoIikFQGbVeN9Vk4Lce5TOSiyCANf+P6AFKwQ
yVXUSEm5ro147ytyEpp/H+3aeQLLBy+Xq9tfS5SD3PrTuYEQCKUVdB6/z7j2L9os
8i33mUVDVee8
-----END CERTIFICATE-----
Generated at Thu May 8 10:09:28 2025 by rpki-client