Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DaZGZFmOHHN1XWh85ye4Q-74iw.roa
File: 2DaZGZFmOHHN1XWh85ye4Q-74iw.roa (raw, json)
Hash identifier: bQTsjNNXgbA7I8JT2b82LAQ8RDfk92pFW5MC1Q5Nrd4=
Subject key identifier: D8:36:99:19:91:66:38:71:CD:D5:75:A1:F3:9C:9E:E1:0F:BB:E2:2C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01977E8B758A12D7E39352F0599AB6E8B292
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DaZGZFmOHHN1XWh85ye4Q-74iw.roa
Signing time: Tue 17 Jun 2025 15:39:18 +0000
ROA not before: Tue 17 Jun 2025 15:39:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213505
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:a00::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:9b00::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a11:1200::/29 maxlen: 29
2a11:6d40::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
2a13:fd00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:8b:75:8a:12:d7:e3:93:52:f0:59:9a:b6:e8:b2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 17 15:39:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d836991991663871cdd575a1f39c9ee10fbbe22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:14:89:86:86:0e:68:f1:a5:dd:b2:69:8e:11:
80:c0:74:27:e6:e1:02:c5:c1:73:ed:56:6a:25:cc:
5c:97:28:80:f0:eb:45:fd:48:b2:c0:60:c7:fc:bc:
1e:03:a6:01:86:0a:0e:7f:33:29:18:97:f8:d5:00:
cd:1b:6e:38:88:7d:eb:96:00:92:2c:b7:e5:91:a3:
ff:da:d8:b6:b1:99:6c:26:74:9d:5b:4a:fc:a7:89:
67:cf:f1:98:1d:ea:80:34:64:51:9b:93:86:86:5e:
68:33:7b:43:a5:fe:78:81:80:a6:c9:c6:7b:c4:02:
b8:9f:ca:e8:f1:bc:57:73:74:96:14:25:6e:df:13:
3b:a6:2c:24:b8:5f:e0:e2:fb:09:ea:a2:e2:96:09:
75:0b:f8:3e:fa:db:b9:5c:63:80:1a:d5:d5:0f:ca:
93:a9:bc:fa:78:fa:92:d4:40:09:79:52:7d:4e:89:
0b:b3:b1:44:63:2b:f4:5f:f0:be:e9:f0:8f:52:c1:
b2:96:6f:ff:50:6d:3f:b5:80:b1:25:86:92:88:84:
c7:23:00:3a:ee:dc:90:01:69:6a:9e:75:92:a7:e1:
02:5a:c4:a0:96:90:36:a5:ab:93:eb:39:29:f6:26:
23:93:f3:66:09:98:b8:47:bf:24:ab:03:48:a7:e1:
44:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:36:99:19:91:66:38:71:CD:D5:75:A1:F3:9C:9E:E1:0F:BB:E2:2C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DaZGZFmOHHN1XWh85ye4Q-74iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:a00::/29
2a0f:14c0::/29
2a0f:1740::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:2ec0::/29
2a0f:9b00::/29
2a0f:e140::/29
2a11:1200::/29
2a11:6d40::/29
2a13:1940::/29
2a13:fa00::/29
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
53:fc:0f:32:7d:40:a6:6e:4c:3f:c1:5a:b0:ca:3f:96:5a:6a:
b6:ff:98:dc:7d:db:7c:28:0c:3c:63:2d:d7:c3:91:af:55:19:
43:c1:2c:ea:47:0d:bc:c4:f6:45:ea:f5:1e:bc:ab:99:04:35:
20:3b:5a:22:b8:91:ab:8b:d8:14:e6:46:31:1c:45:77:ee:d1:
fb:1b:91:b3:3a:ea:c9:4d:2c:24:81:32:b5:ff:6e:1a:ce:f4:
ea:a0:2e:98:41:cc:3c:8e:57:6f:c5:b3:83:23:25:75:e4:86:
ee:65:8f:a8:1c:23:2c:32:c4:f8:7a:88:43:f7:93:47:d2:c2:
07:3d:c2:22:f4:32:ed:7b:19:b8:36:f5:00:46:59:a0:dd:a4:
e8:a1:2b:08:f4:fc:ef:b6:cf:f7:15:9c:56:62:f4:a7:8b:c5:
ca:94:9d:ef:04:00:26:f7:f6:27:c3:ce:af:04:73:23:30:7d:
c9:84:88:23:8f:c4:57:d2:8e:21:48:7d:e3:01:09:f0:c4:aa:
a9:fb:c4:39:1b:95:59:63:df:69:4d:d6:a8:20:01:06:2d:0a:
d9:24:6e:af:1e:08:2a:ca:a5:38:4e:5c:b3:b9:7d:ef:f0:d7:
0c:fd:9e:2e:42:8e:10:f4:df:ec:24:a4:a5:9d:25:5f:a3:17:
74:4f:01:05
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZd+i3WKEtfjk1LwWZq26LKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjE3MTUzOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM2OTkxOTkxNjYzODcxY2RkNTc1YTFmMzljOWVlMTBmYmJlMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshSJhoYOaPGl3bJpjhGAwHQn5uEC
xcFz7VZqJcxclyiA8OtF/UiywGDH/LweA6YBhgoOfzMpGJf41QDNG244iH3rlgCS
LLflkaP/2ti2sZlsJnSdW0r8p4lnz/GYHeqANGRRm5OGhl5oM3tDpf54gYCmycZ7
xAK4n8ro8bxXc3SWFCVu3xM7piwkuF/g4vsJ6qLilgl1C/g++tu5XGOAGtXVD8qT
qbz6ePqS1EAJeVJ9TokLs7FEYyv0X/C+6fCPUsGylm//UG0/tYCxJYaSiITHIwA6
7tyQAWlqnnWSp+ECWsSglpA2pauT6zkp9iYjk/NmCZi4R78kqwNIp+FE1wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNg2mRmRZjhxzdV1ofOcnuEPu+IsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMkRhWkdaRm1PSEhOMVhXaDg1eWU0US03NGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFAyoO6YAD
BQMqDwoAAwUDKg8UwAMFAyoPF0ADBQMqDxhAAwUDKg8YwAMFAyoPGsADBQMqDx/A
AwUDKg8uwAMFAyoPmwADBQMqD+FAAwUDKhESAAMFAyoRbUADBQMqExlAAwUDKhP6
AAMFAyoT/QAwDQYJKoZIhvcNAQELBQADggEBAFP8DzJ9QKZuTD/BWrDKP5Zaarb/
mNx923woDDxjLdfDka9VGUPBLOpHDbzE9kXq9R68q5kENSA7WiK4kauL2BTmRjEc
RXfu0fsbkbM66slNLCSBMrX/bhrO9OqgLphBzDyOV2/Fs4MjJXXkhu5lj6gcIywy
xPh6iEP3k0fSwgc9wiL0Mu17Gbg29QBGWaDdpOihKwj0/O+2z/cVnFZi9KeLxcqU
ne8EACb39ifDzq8EcyMwfcmEiCOPxFfSjiFIfeMBCfDEqqn7xDkblVlj32lN1qgg
AQYtCtkkbq8eCCrKpThOXLO5fe/w1wz9ni5CjhD03+wkpKWdJV+jF3RPAQU=
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:01:28 2025 by rpki-client