Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GnLsHXr2q_CjEgz4yQLtnggEC0.roa
File: 7GnLsHXr2q_CjEgz4yQLtnggEC0.roa (raw, json)
Hash identifier: Bw76tXLRtL/2q8rnSm8Tz4yYbEsXCqdHpvRHLNdmNR0=
Subject key identifier: EC:69:CB:B0:75:EB:DA:AF:C2:8C:48:33:E3:24:0B:B6:78:20:10:2D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0199624885D665FE9A9CF4CEF38CEA589FBD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GnLsHXr2q_CjEgz4yQLtnggEC0.roa
Signing time: Fri 19 Sep 2025 14:02:23 +0000
ROA not before: Fri 19 Sep 2025 14:02:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12389
IP address blocks: 2a09:17c3::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a0f:7d01::/32 maxlen: 32
2a10:67c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:62:48:85:d6:65:fe:9a:9c:f4:ce:f3:8c:ea:58:9f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 19 14:02:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec69cbb075ebdaafc28c4833e3240bb67820102d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:94:d6:26:05:3b:36:61:71:61:20:da:fe:
62:dd:98:f8:62:af:69:91:7a:19:f3:c0:b7:1f:4d:
91:3b:8f:f5:3f:ff:eb:8e:50:54:84:bf:2f:71:ab:
75:48:20:97:a7:63:2c:98:eb:a2:55:a1:a2:46:4b:
51:e1:b7:cc:26:dd:57:06:a7:d3:8d:5b:0b:b5:f1:
c6:bd:a7:d1:2d:11:3b:85:f9:d3:7a:01:31:e7:d7:
d2:90:e3:81:79:2c:ac:5b:8f:51:38:06:db:e8:01:
58:bd:b6:56:3c:a2:07:cc:c4:8b:bb:da:f1:79:62:
cf:aa:a5:eb:82:a5:6a:41:ab:86:a3:11:fd:7e:4d:
e5:d9:0e:6b:00:78:b2:bb:93:4e:d8:f2:5e:53:07:
71:27:98:8a:08:7f:8d:87:35:2b:1e:0f:33:c8:de:
88:9e:ad:d9:42:0a:49:ea:53:9d:7d:53:37:b9:7b:
36:73:a9:81:4d:58:a7:7a:2b:d6:58:a4:3c:eb:50:
22:e7:7d:2c:db:cf:8f:94:fb:d9:bc:5a:5d:ee:f3:
29:17:51:11:d4:cd:b2:74:c3:f5:6e:7b:31:eb:37:
b6:d8:3f:4a:da:34:fb:97:83:35:5b:77:7a:88:0d:
fd:86:06:65:f2:96:c5:dd:33:48:55:34:fd:7c:78:
ea:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:69:CB:B0:75:EB:DA:AF:C2:8C:48:33:E3:24:0B:B6:78:20:10:2D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GnLsHXr2q_CjEgz4yQLtnggEC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c3::/32
2a0f:3d83::/32
2a0f:7d01::/32
2a10:67c0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:a9:cd:d0:78:60:5e:08:35:8b:7c:98:19:b2:34:8a:a3:95:
2e:2d:ad:fb:44:62:f1:e7:74:04:0a:25:16:a6:30:26:a6:e6:
95:fc:c7:49:56:cf:b0:a6:6b:45:d8:bf:14:ed:e0:c5:11:fc:
cb:0e:1f:3b:7d:b1:c6:92:d0:78:54:a9:55:39:f8:8b:34:c5:
c6:3f:e5:e2:4a:6e:f6:75:1e:5f:2a:40:61:f7:c1:7d:e6:22:
4a:97:c1:bf:77:af:52:52:8f:24:6d:df:b6:d8:8e:9d:2b:85:
f6:36:b1:94:e4:b8:31:2d:bc:44:d0:7c:c8:a4:9b:4b:4b:70:
d3:48:69:fa:6b:1e:96:1f:22:ec:68:1d:51:f7:b7:4b:52:fa:
9e:55:49:67:29:a6:15:19:f8:d1:39:98:25:ff:ee:15:63:54:
cf:db:62:da:8c:79:62:f5:49:aa:db:16:e5:35:6d:75:ad:80:
0c:a6:74:3b:e1:06:2c:ac:d5:e6:77:65:c9:5d:d8:b7:68:2e:
b4:0d:36:8c:0a:f5:79:15:d0:f6:15:99:83:43:80:fe:25:91:
e2:6d:ae:4b:c6:14:d9:70:e0:d7:d5:e3:38:7c:f5:6c:7c:95:
84:1d:b9:5a:b8:37:a0:2a:11:5d:e9:bf:04:8c:54:91:1d:6d:
6b:e5:cd:f3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZliSIXWZf6anPTO84zqWJ+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTE5MTQwMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY5Y2JiMDc1ZWJkYWFmYzI4YzQ4MzNlMzI0MGJiNjc4MjAxMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu+U1iYFOzZhcWEg2v5i3Zj4Yq9p
kXoZ88C3H02RO4/1P//rjlBUhL8vcat1SCCXp2MsmOuiVaGiRktR4bfMJt1XBqfT
jVsLtfHGvafRLRE7hfnTegEx59fSkOOBeSysW49ROAbb6AFYvbZWPKIHzMSLu9rx
eWLPqqXrgqVqQauGoxH9fk3l2Q5rAHiyu5NO2PJeUwdxJ5iKCH+NhzUrHg8zyN6I
nq3ZQgpJ6lOdfVM3uXs2c6mBTVineivWWKQ861Ai530s28+PlPvZvFpd7vMpF1ER
1M2ydMP1bnsx6ze22D9K2jT7l4M1W3d6iA39hgZl8pbF3TNIVTT9fHjqnQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOxpy7B169qvwoxIM+MkC7Z4IBAtMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvN0duTHNIWHIycV9DakVnejR5UUx0bmdnRUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgkXwwMF
ACoPPYMDBQAqD30BAwUAKhBnwDANBgkqhkiG9w0BAQsFAAOCAQEArKnN0HhgXgg1
i3yYGbI0iqOVLi2t+0Ri8ed0BAolFqYwJqbmlfzHSVbPsKZrRdi/FO3gxRH8yw4f
O32xxpLQeFSpVTn4izTFxj/l4kpu9nUeXypAYffBfeYiSpfBv3evUlKPJG3fttiO
nSuF9jaxlOS4MS28RNB8yKSbS0tw00hp+mselh8i7GgdUfe3S1L6nlVJZymmFRn4
0TmYJf/uFWNUz9ti2ox5YvVJqtsW5TVtda2ADKZ0O+EGLKzV5ndlyV3Yt2gutA02
jAr1eRXQ9hWZg0OA/iWR4m2uS8YU2XDg19XjOHz1bHyVhB25Wrg3oCoRXem/BIxU
kR1ta+XN8w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:55:16 2025 by rpki-client