Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cg7eSRufoKma-wy1gOXBtbWFBDk.roa
File: Cg7eSRufoKma-wy1gOXBtbWFBDk.roa (raw, json)
Hash identifier: sfq+bvLeGybxtPHXukq0w9VRO9DY6badbL482OBj5cY=
Subject key identifier: 0A:0E:DE:49:1B:9F:A0:A9:9A:FB:0C:B5:80:E5:C1:B5:B5:85:04:39
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197A32638F7C888D6542586CB3568126684
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cg7eSRufoKma-wy1gOXBtbWFBDk.roa
Signing time: Tue 24 Jun 2025 18:14:40 +0000
ROA not before: Tue 24 Jun 2025 18:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a11:5c80::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a13:9f00::/29 maxlen: 29
2a13:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:26:38:f7:c8:88:d6:54:25:86:cb:35:68:12:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 24 18:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a0ede491b9fa0a99afb0cb580e5c1b5b5850439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a5:33:af:36:22:f4:92:bd:55:c9:58:74:1b:
02:9b:13:32:c5:0d:b0:25:48:c3:95:ba:3c:2b:0a:
e3:4a:42:5c:9d:01:82:ea:73:09:d5:a3:de:16:71:
c5:1f:cb:35:2b:21:5e:bd:80:0d:ac:4c:0c:ce:1e:
a6:99:b0:20:41:63:5e:e2:8d:70:6c:85:6c:c1:9f:
6d:52:b0:34:18:ae:9e:55:8e:b0:7f:c7:af:a6:35:
7f:8e:e8:15:88:5b:a2:91:14:4b:c8:d1:1f:ee:eb:
49:1f:5b:0e:06:7a:eb:22:ea:2d:24:05:b6:9a:cf:
95:92:6a:1d:84:ea:10:ba:fb:39:9b:8c:e3:14:a5:
60:76:03:ab:67:bd:b4:1e:a6:da:43:9f:68:62:7b:
e2:e1:80:ae:dd:5c:2e:e4:72:ae:c6:78:ed:eb:7a:
13:3c:33:ea:86:84:ac:a5:59:ab:8e:a9:78:e7:e9:
3e:ac:d1:5b:15:a3:52:d0:1d:b4:ec:71:2e:d7:b0:
56:b2:83:75:6e:dc:76:33:03:fb:28:c3:7e:6d:3a:
33:9d:e9:26:eb:42:b0:18:f1:a6:04:7a:67:5a:96:
d1:d7:9f:5b:83:8b:9c:0b:36:8d:c7:c5:0a:aa:71:
f6:6e:ab:9c:2b:29:3b:dd:0d:20:79:2a:df:d8:95:
59:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:0E:DE:49:1B:9F:A0:A9:9A:FB:0C:B5:80:E5:C1:B5:B5:85:04:39
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cg7eSRufoKma-wy1gOXBtbWFBDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5c80::/29
2a13:9380::/29
2a13:9f00::/29
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
8c:63:c0:85:7c:d9:a8:b0:73:35:c7:b1:65:31:de:a0:4e:10:
a4:b5:9e:43:a2:bd:15:d4:76:2d:db:f9:15:4b:7e:ec:62:6d:
02:63:7f:1d:1d:96:a9:a3:1b:ca:0e:f0:09:03:b6:cc:89:2f:
a6:07:9d:93:27:0d:85:08:5b:1d:df:55:27:3a:17:d0:51:ba:
a3:dd:a4:2c:49:5d:36:a6:dc:f3:e4:1b:4a:71:a0:0c:92:11:
2d:f9:d7:68:37:68:8f:9c:f2:75:bf:09:03:30:18:02:60:6d:
8d:6c:76:fc:87:e7:4a:bd:b8:f6:6b:e7:fe:66:95:2e:cd:d1:
9d:51:d8:60:a9:91:07:68:7c:92:3c:4c:d8:1e:6b:e4:5e:26:
25:1a:f6:d9:7c:a6:08:b6:4f:9b:d7:20:de:cc:31:76:75:03:
b4:d0:5c:a6:ea:f6:1c:5f:ad:e6:10:35:46:ee:f0:11:6b:d4:
43:33:49:af:7a:ce:74:68:48:fb:0d:75:eb:f8:40:c2:01:5f:
27:e5:a0:af:ea:3d:2f:0e:c6:67:b7:d5:a7:97:d5:9a:28:14:
db:95:5c:31:5d:26:a0:2f:dc:bc:e2:b4:15:50:e4:04:51:0b:
52:00:a7:26:94:ce:79:4a:07:3c:0a:ac:8d:12:81:cf:22:21:
b1:c3:55:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZejJjj3yIjWVCWGyzVoEmaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjI0MTgxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTBlZGU0OTFiOWZhMGE5OWFmYjBjYjU4MGU1YzFiNWI1ODUwNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aUzrzYi9JK9VclYdBsCmxMyxQ2w
JUjDlbo8KwrjSkJcnQGC6nMJ1aPeFnHFH8s1KyFevYANrEwMzh6mmbAgQWNe4o1w
bIVswZ9tUrA0GK6eVY6wf8evpjV/jugViFuikRRLyNEf7utJH1sOBnrrIuotJAW2
ms+VkmodhOoQuvs5m4zjFKVgdgOrZ720HqbaQ59oYnvi4YCu3Vwu5HKuxnjt63oT
PDPqhoSspVmrjql45+k+rNFbFaNS0B207HEu17BWsoN1btx2MwP7KMN+bToznekm
60KwGPGmBHpnWpbR159bg4ucCzaNx8UKqnH2bqucKyk73Q0geSrf2JVZYwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAoO3kkbn6CpmvsMtYDlwbW1hQQ5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ2c3ZVNSdWZvS21hLXd5MWdPWEJ0YldGQkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhFcgAMF
AyoTk4ADBQMqE58AAwUDKhPPADANBgkqhkiG9w0BAQsFAAOCAQEAjGPAhXzZqLBz
NcexZTHeoE4QpLWeQ6K9FdR2Ldv5FUt+7GJtAmN/HR2WqaMbyg7wCQO2zIkvpged
kycNhQhbHd9VJzoX0FG6o92kLEldNqbc8+QbSnGgDJIRLfnXaDdoj5zydb8JAzAY
AmBtjWx2/IfnSr249mvn/maVLs3RnVHYYKmRB2h8kjxM2B5r5F4mJRr22XymCLZP
m9cg3swxdnUDtNBcpur2HF+t5hA1Ru7wEWvUQzNJr3rOdGhI+w116/hAwgFfJ+Wg
r+o9Lw7GZ7fVp5fVmigU25VcMV0moC/cvOK0FVDkBFELUgCnJpTOeUoHPAqsjRKB
zyIhscNVTA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:03:24 2025 by rpki-client