Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4jX-GLuNFDs3KBlgs_Jjl_XYrf4.roa
File: 4jX-GLuNFDs3KBlgs_Jjl_XYrf4.roa (raw, json)
Hash identifier: DgZiQrsEtWOlauPY8X1ry/0gJgZ/hH34WdAXTwz6xuo=
Subject key identifier: E2:35:FE:18:BB:8D:14:3B:37:28:19:60:B3:F2:63:97:F5:D8:AD:FE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0199CA292825B72F5989E39C533E99E222DA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4jX-GLuNFDs3KBlgs_Jjl_XYrf4.roa
Signing time: Thu 09 Oct 2025 18:08:38 +0000
ROA not before: Thu 09 Oct 2025 18:08:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206560
IP address blocks: 2a13:2c40::/29 maxlen: 29
2a13:3040::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:29:28:25:b7:2f:59:89:e3:9c:53:3e:99:e2:22:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 9 18:08:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e235fe18bb8d143b37281960b3f26397f5d8adfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3b:dd:d8:6e:8a:83:e8:44:6b:63:81:16:28:
52:28:a5:ef:f7:9b:29:72:cc:59:37:4b:df:f8:f9:
a8:a9:47:66:06:f1:99:93:fd:2a:d0:f9:55:a3:98:
eb:d5:ba:76:17:b0:d5:b0:2c:1c:12:ce:37:b6:42:
59:1c:f8:f2:87:08:66:0c:71:06:b7:c4:b9:47:8f:
d3:c8:55:e1:7b:98:86:8d:4c:bb:12:9d:5d:ee:cd:
be:4e:ee:50:44:36:6e:78:db:0e:6a:e7:39:87:23:
46:ec:9f:a5:bf:7e:17:6c:df:fa:a8:45:ea:e1:8e:
93:8e:de:72:5c:b4:81:c0:38:a5:aa:41:75:19:0f:
76:43:05:9d:0e:4c:9b:da:bc:43:6b:5b:50:92:c0:
bd:8d:d9:5b:d7:42:db:db:76:6a:1e:e5:10:d7:20:
02:e8:ef:cb:fb:01:13:21:15:c1:91:d0:a9:31:08:
3e:ca:d2:fe:52:23:13:ab:b5:e7:f3:18:95:ba:83:
d1:ea:90:5b:50:67:e7:a2:0e:42:ae:f8:da:53:04:
26:f1:ac:b1:3f:36:47:e0:e4:6f:58:fb:19:2c:07:
d9:79:f4:b3:ea:14:13:3a:c5:29:aa:49:6d:37:71:
33:e6:c7:0b:ec:7b:e2:37:6b:97:ec:18:38:57:ba:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:35:FE:18:BB:8D:14:3B:37:28:19:60:B3:F2:63:97:F5:D8:AD:FE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4jX-GLuNFDs3KBlgs_Jjl_XYrf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2c40::/29
2a13:3040::/29
2a13:7400::/29
Signature Algorithm: sha256WithRSAEncryption
1b:4e:80:d5:4d:d0:f7:e4:b3:fe:26:50:ba:4e:99:1f:9b:d7:
6c:84:db:d0:94:d4:59:69:5c:2b:6a:91:d1:10:17:c8:ba:87:
df:36:4a:08:eb:2f:01:1f:c9:dc:a8:15:08:2c:02:be:e4:1a:
7d:62:6a:08:07:85:fa:77:40:44:50:fa:fb:8d:91:41:a9:d4:
82:42:98:23:71:32:5e:4c:a3:fb:5b:a1:2d:ee:b0:1c:7e:e8:
6f:aa:e9:fc:d1:b2:07:6d:9b:0c:ef:8c:52:78:c2:e7:8b:f9:
5f:29:f6:97:46:eb:8a:84:e0:42:a5:07:69:fc:db:07:fd:be:
51:5a:fa:e5:96:f2:16:b5:3c:41:59:50:96:33:95:a8:4e:0d:
ac:a1:12:3c:14:d9:64:23:b5:35:00:38:08:c6:6b:98:2c:e7:
01:d2:6f:c8:71:6a:7d:2a:75:83:bc:cf:96:be:f0:39:e6:a7:
a1:80:e1:e6:fd:21:75:5f:b8:e2:84:85:61:c3:46:97:3b:36:
ac:48:74:f7:fd:a3:72:55:f7:5c:2b:06:7f:e8:5c:14:09:f7:
04:da:ac:8b:ee:05:98:d5:d4:f9:bf:41:50:7a:a0:ea:9d:01:
a7:26:d8:d5:4c:50:ed:3b:f8:f6:53:99:58:41:76:5a:53:6f:
bd:28:c6:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZnKKSglty9ZieOcUz6Z4iLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDA5MTgwODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjM1ZmUxOGJiOGQxNDNiMzcyODE5NjBiM2YyNjM5N2Y1ZDhhZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Tvd2G6Kg+hEa2OBFihSKKXv95sp
csxZN0vf+PmoqUdmBvGZk/0q0PlVo5jr1bp2F7DVsCwcEs43tkJZHPjyhwhmDHEG
t8S5R4/TyFXhe5iGjUy7Ep1d7s2+Tu5QRDZueNsOauc5hyNG7J+lv34XbN/6qEXq
4Y6Tjt5yXLSBwDilqkF1GQ92QwWdDkyb2rxDa1tQksC9jdlb10Lb23ZqHuUQ1yAC
6O/L+wETIRXBkdCpMQg+ytL+UiMTq7Xn8xiVuoPR6pBbUGfnog5CrvjaUwQm8ayx
PzZH4ORvWPsZLAfZefSz6hQTOsUpqkltN3Ez5scL7HviN2uX7Bg4V7qaJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOI1/hi7jRQ7NygZYLPyY5f12K3+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNGpYLUdMdU5GRHMzS0JsZ3NfSmpsX1hZcmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhMsQAMF
AyoTMEADBQMqE3QAMA0GCSqGSIb3DQEBCwUAA4IBAQAbToDVTdD35LP+JlC6Tpkf
m9dshNvQlNRZaVwrapHREBfIuoffNkoI6y8BH8ncqBUILAK+5Bp9YmoIB4X6d0BE
UPr7jZFBqdSCQpgjcTJeTKP7W6Et7rAcfuhvqun80bIHbZsM74xSeMLni/lfKfaX
RuuKhOBCpQdp/NsH/b5RWvrllvIWtTxBWVCWM5WoTg2soRI8FNlkI7U1ADgIxmuY
LOcB0m/IcWp9KnWDvM+WvvA55qehgOHm/SF1X7jihIVhw0aXOzasSHT3/aNyVfdc
KwZ/6FwUCfcE2qyL7gWY1dT5v0FQeqDqnQGnJtjVTFDtO/j2U5lYQXZaU2+9KMYs
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:58 2025 by rpki-client