Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8633eHkflcZmhuPrECQw69dm7xw.roa
File: 8633eHkflcZmhuPrECQw69dm7xw.roa (raw, json)
Hash identifier: kI1lpegFSdii4lvJZau90dG3ehECVjpE7NhLZPFyeH8=
Subject key identifier: F3:AD:F7:78:79:1F:95:C6:66:86:E3:EB:10:24:30:EB:D7:66:EF:1C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198B8833AD6AD07AC13669C9F793ACF294A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8633eHkflcZmhuPrECQw69dm7xw.roa
Signing time: Sun 17 Aug 2025 14:51:04 +0000
ROA not before: Sun 17 Aug 2025 14:51:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:1a84::/32 maxlen: 32
2a0f:1e84:20::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b8:83:3a:d6:ad:07:ac:13:66:9c:9f:79:3a:cf:29:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 17 14:51:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3adf778791f95c66686e3eb102430ebd766ef1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c9:d9:7e:74:ad:ad:24:c5:8b:77:20:82:e6:
b7:9c:44:13:0b:6f:a3:22:cc:c5:97:98:cb:94:d6:
cf:f4:6a:3a:e2:87:1e:9c:f0:ec:a0:f1:29:12:49:
2d:80:d4:82:5d:c2:9d:35:fa:2c:41:38:4f:7e:6d:
9a:ef:23:09:de:db:5d:1b:33:2f:57:71:7e:07:ab:
3e:fa:e4:62:39:b0:31:70:f5:2d:b7:23:3c:c4:90:
8b:23:b9:15:97:8d:3d:d2:73:c8:09:a7:68:48:22:
95:ec:93:65:ea:37:3f:24:d5:5d:73:3b:3f:82:97:
33:95:38:38:7d:56:b8:4e:a7:99:17:ac:b4:4e:b2:
b7:14:40:07:f5:8b:29:00:27:97:65:67:dc:5b:ef:
b8:37:be:9d:8a:bd:c1:28:41:7f:9c:42:fa:b3:05:
40:d4:d9:12:54:92:da:57:41:73:43:a8:f6:e4:8c:
46:ae:48:d3:e7:77:7c:f7:31:70:c1:5a:cd:77:e4:
e3:d0:5e:73:b6:11:10:7e:74:ae:4f:51:23:d3:f2:
5c:10:68:d3:f5:73:d5:36:a8:dc:62:1a:f4:43:b4:
ab:8d:d1:26:24:12:0d:af:90:8a:de:96:b0:7f:cd:
ed:5c:a3:f6:ca:e9:fb:cf:6b:1a:8d:98:fa:5a:48:
fc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AD:F7:78:79:1F:95:C6:66:86:E3:EB:10:24:30:EB:D7:66:EF:1C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8633eHkflcZmhuPrECQw69dm7xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a84::/32
2a0f:1e84:20::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
32:b9:61:d9:3c:5e:3e:df:dd:cb:01:a9:28:9e:82:3f:69:2c:
8a:ec:16:f3:d6:4c:66:8a:c8:48:3f:8d:90:ce:2d:34:17:29:
9f:7e:e0:3f:32:65:4d:b7:96:9a:8c:b0:4b:ad:bb:0e:fc:2c:
36:4b:60:71:a2:ca:3b:56:03:45:c7:2d:8c:73:f0:89:9c:f1:
04:58:e9:b4:5c:f8:63:d2:c3:d6:f6:17:df:f4:a0:05:7e:78:
54:a7:86:a3:ea:d0:35:02:5d:63:b4:e1:09:d9:f0:8b:e0:06:
1a:35:a8:fd:85:84:38:ff:d1:8b:39:58:27:ee:eb:e6:60:f6:
65:0e:9d:1e:4a:d0:22:2e:60:21:7e:4b:86:b3:a1:65:8e:ac:
46:c2:b5:2d:00:8a:2c:d0:b8:08:b5:a8:f0:ee:09:7f:31:f2:
e2:88:60:aa:3c:8d:a2:45:e7:f8:f4:8d:67:53:49:7f:8d:58:
62:40:2b:d5:86:2b:dc:8b:38:b0:70:60:72:42:c8:2b:db:dc:
f8:55:b8:bc:ca:70:cd:50:66:91:41:69:1b:53:df:84:77:88:
bd:66:0e:12:ca:eb:c8:67:6a:48:76:42:2a:32:72:6e:6e:6e:
be:1d:0d:23:08:ee:7e:be:75:cd:3d:37:74:5b:6e:4b:33:16:
bf:b0:2c:8e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZi4gzrWrQesE2acn3k6zylKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwODE3MTQ1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FkZjc3ODc5MWY5NWM2NjY4NmUzZWIxMDI0MzBlYmQ3NjZlZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2snZfnStrSTFi3cggua3nEQTC2+j
IszFl5jLlNbP9Go64ocenPDsoPEpEkktgNSCXcKdNfosQThPfm2a7yMJ3ttdGzMv
V3F+B6s++uRiObAxcPUttyM8xJCLI7kVl4090nPICadoSCKV7JNl6jc/JNVdczs/
gpczlTg4fVa4TqeZF6y0TrK3FEAH9YspACeXZWfcW++4N76dir3BKEF/nEL6swVA
1NkSVJLaV0FzQ6j25IxGrkjT53d89zFwwVrNd+Tj0F5zthEQfnSuT1Ej0/JcEGjT
9XPVNqjcYhr0Q7SrjdEmJBINr5CK3pawf83tXKP2yun7z2sajZj6Wkj8ywIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPOt93h5H5XGZobj6xAkMOvXZu8cMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvODYzM2VIa2ZsY1ptaHVQckVDUXc2OWRtN3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwUAKg4ahAMH
ACoPHoQAIAMHACoPfQAAAQMHACoPvAChxAMFAyoTK0AwDQYJKoZIhvcNAQELBQAD
ggEBADK5Ydk8Xj7f3csBqSiegj9pLIrsFvPWTGaKyEg/jZDOLTQXKZ9+4D8yZU23
lpqMsEutuw78LDZLYHGiyjtWA0XHLYxz8Imc8QRY6bRc+GPSw9b2F9/0oAV+eFSn
hqPq0DUCXWO04QnZ8IvgBho1qP2FhDj/0Ys5WCfu6+Zg9mUOnR5K0CIuYCF+S4az
oWWOrEbCtS0AiizQuAi1qPDuCX8x8uKIYKo8jaJF5/j0jWdTSX+NWGJAK9WGK9yL
OLBwYHJCyCvb3PhVuLzKcM1QZpFBaRtT34R3iL1mDhLK68hnakh2Qioycm5ubr4d
DSMI7n6+dc09N3RbbkszFr+wLI4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:19:24 2025 by rpki-client