Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8unbEejglE4F1HruIbGWAFOqoN8.roa
File: 8unbEejglE4F1HruIbGWAFOqoN8.roa (raw, json)
Hash identifier: vR8kFuJNQgQofu2fAmxQLxMdUdFuLmpTIve1dUHzUxc=
Subject key identifier: F2:E9:DB:11:E8:E0:94:4E:05:D4:7A:EE:21:B1:96:00:53:AA:A0:DF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0199E40FECBFEF51A07914407A8049D5A58F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8unbEejglE4F1HruIbGWAFOqoN8.roa
Signing time: Tue 14 Oct 2025 18:51:12 +0000
ROA not before: Tue 14 Oct 2025 18:51:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25159
IP address blocks: 2a06:1186::/32 maxlen: 32
2a09:17c0:1312::/48 maxlen: 48
2a09:17c0:fbad::/48 maxlen: 48
2a09:4900::/29 maxlen: 29
2a0a:2d01::/32 maxlen: 32
2a0f:3d80:b::/48 maxlen: 48
2a0f:3d85::/32 maxlen: 32
2a0f:3d86:1::/48 maxlen: 48
2a0f:3d86:11::/48 maxlen: 48
2a13:9280::/32 maxlen: 32
2a13:9380::/29 maxlen: 29
2a13:9f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:0f:ec:bf:ef:51:a0:79:14:40:7a:80:49:d5:a5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 14 18:51:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2e9db11e8e0944e05d47aee21b1960053aaa0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:e2:cc:be:56:b4:b8:8f:1e:60:68:41:9c:
4c:20:ed:05:4f:d3:c0:ea:ef:e3:6b:b3:d3:75:3c:
ab:ea:54:7d:22:6b:22:1c:8e:eb:0d:92:0a:52:de:
12:60:e5:21:d8:23:35:d1:ca:54:a4:ef:1b:94:57:
f0:7c:fd:8d:2f:c3:aa:2c:ac:17:e8:1f:56:dc:a5:
fb:6a:8e:ae:eb:8d:e0:f5:65:33:0a:df:f9:50:6c:
f8:7e:b2:44:6f:9b:2f:8b:2a:69:93:17:f6:ac:81:
61:6b:ca:15:aa:d3:b1:83:1d:06:08:81:36:06:57:
48:49:5d:17:a6:28:f8:d3:a6:08:97:2a:5a:0d:b0:
76:b5:9c:d7:50:db:4f:c3:21:29:b7:e0:1a:32:89:
38:94:4e:d0:e9:9d:ef:4d:8f:99:6d:e4:2c:a0:2c:
ab:04:9a:6c:43:82:c8:24:d5:95:62:a8:02:05:88:
a8:86:02:69:c9:b4:4e:c9:23:16:aa:af:dc:46:a2:
0a:2e:62:33:c8:70:a6:6d:c9:7c:bb:8c:2a:15:13:
67:bc:29:ff:0d:f9:d6:70:3c:76:eb:f2:67:e5:f4:
dc:48:3f:fb:85:74:fd:3f:37:f8:7f:cc:fb:37:75:
c4:43:8e:85:46:78:f4:ed:6a:f4:bb:b9:2c:fa:ef:
07:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E9:DB:11:E8:E0:94:4E:05:D4:7A:EE:21:B1:96:00:53:AA:A0:DF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8unbEejglE4F1HruIbGWAFOqoN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1186::/32
2a09:17c0:1312::/48
2a09:17c0:fbad::/48
2a09:4900::/29
2a0a:2d01::/32
2a0f:3d80:b::/48
2a0f:3d85::/32
2a0f:3d86:1::/48
2a0f:3d86:11::/48
2a13:9280::/32
2a13:9380::/29
2a13:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
29:69:fd:8d:e1:ea:77:e2:44:da:02:22:ee:81:7c:1d:25:6f:
f8:2f:4e:e4:f0:58:6d:52:35:b3:2a:8f:24:a9:7b:04:d7:ac:
38:9e:38:50:91:b8:15:ac:cc:8f:57:1e:46:ec:cc:76:9e:cc:
43:05:c3:a0:38:40:f4:95:a1:ea:c9:0c:c2:b9:c9:52:32:1c:
2b:c0:e5:f5:25:8e:e0:f3:50:a8:76:0a:eb:34:82:ec:ec:4e:
45:5c:05:d5:75:ee:c2:c0:58:a6:4e:91:b8:94:6c:34:bc:6d:
b3:c1:c8:55:5e:72:ef:0e:c8:03:d6:b5:7c:78:d5:cb:7f:8a:
9d:98:4f:45:90:2a:cc:5f:ec:34:83:e8:cf:7a:d2:9f:59:87:
a0:a7:1c:57:21:7f:91:96:f4:49:86:47:9e:b3:1c:13:23:db:
09:37:24:93:3e:b4:d8:1c:ba:51:a8:c8:57:13:77:61:68:5c:
8c:8e:e8:14:3a:1c:fd:f8:3d:76:b2:5b:4e:5d:33:13:02:de:
9f:ab:49:ec:11:cd:06:52:48:ce:50:d1:98:6a:81:6c:f1:90:
2e:d0:6e:5e:d3:2a:07:07:d3:b8:6c:6c:48:aa:fd:78:82:08:
93:dd:2c:e0:f6:f0:12:22:d9:cc:cd:09:89:48:ed:c6:75:08:
56:a2:38:15
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZnkD+y/71GgeRRAeoBJ1aWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDE0MTg1MTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU5ZGIxMWU4ZTA5NDRlMDVkNDdhZWUyMWIxOTYwMDUzYWFhMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLbizL5WtLiPHmBoQZxMIO0FT9PA
6u/ja7PTdTyr6lR9ImsiHI7rDZIKUt4SYOUh2CM10cpUpO8blFfwfP2NL8OqLKwX
6B9W3KX7ao6u643g9WUzCt/5UGz4frJEb5sviyppkxf2rIFha8oVqtOxgx0GCIE2
BldISV0Xpij406YIlypaDbB2tZzXUNtPwyEpt+AaMok4lE7Q6Z3vTY+ZbeQsoCyr
BJpsQ4LIJNWVYqgCBYiohgJpybROySMWqq/cRqIKLmIzyHCmbcl8u4wqFRNnvCn/
DfnWcDx26/Jn5fTcSD/7hXT9Pzf4f8z7N3XEQ46FRnj07Wr0u7ks+u8H+QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPLp2xHo4JROBdR67iGxlgBTqqDfMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOHVuYkVlamdsRTRGMUhydUliR1dBRk9xb044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAAjBeAwUAKgYRhgMH
ACoJF8ATEgMHACoJF8D7rQMFAyoJSQADBQAqCi0BAwcAKg89gAALAwUAKg89hQMH
ACoPPYYAAQMHACoPPYYAEQMFACoTkoADBQMqE5OAAwUDKhOfADANBgkqhkiG9w0B
AQsFAAOCAQEAKWn9jeHqd+JE2gIi7oF8HSVv+C9O5PBYbVI1syqPJKl7BNesOJ44
UJG4FazMj1ceRuzMdp7MQwXDoDhA9JWh6skMwrnJUjIcK8Dl9SWO4PNQqHYK6zSC
7OxORVwF1XXuwsBYpk6RuJRsNLxts8HIVV5y7w7IA9a1fHjVy3+KnZhPRZAqzF/s
NIPoz3rSn1mHoKccVyF/kZb0SYZHnrMcEyPbCTckkz602By6UajIVxN3YWhcjI7o
FDoc/fg9drJbTl0zEwLen6tJ7BHNBlJIzlDRmGqBbPGQLtBuXtMqBwfTuGxsSKr9
eIIIk90s4PbwEiLZzM0JiUjtxnUIVqI4FQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:15:54 2025 by rpki-client