Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_2x8vVYCfFWmPsHwbDuBVGpvtk.roa
File: O_2x8vVYCfFWmPsHwbDuBVGpvtk.roa (raw, json)
Hash identifier: Gi0YG/5RycinzHVec+6Fy9zBLtev+s2AJQ/D3zYVR3c=
Subject key identifier: 3B:FD:B1:F2:F5:58:09:F1:56:98:FB:07:C1:B0:EE:05:51:A9:BE:D9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01992D6EDDF7E2D6BF478D2D82A0E3C516BF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_2x8vVYCfFWmPsHwbDuBVGpvtk.roa
Signing time: Tue 09 Sep 2025 07:44:24 +0000
ROA not before: Tue 09 Sep 2025 07:44:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199925
IP address blocks: 2a0d:b740::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
2a13:9b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:6e:dd:f7:e2:d6:bf:47:8d:2d:82:a0:e3:c5:16:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 9 07:44:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bfdb1f2f55809f15698fb07c1b0ee0551a9bed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:53:11:b3:68:9c:9e:c5:d9:e0:9b:d0:43:28:
d3:bc:ed:e9:bc:8a:30:46:0c:82:90:9c:0a:61:76:
04:e7:36:2a:ca:29:43:5d:a4:c5:6d:99:ff:cb:fe:
3c:90:27:41:4b:7b:49:0b:d7:42:90:41:c4:e6:1a:
15:a4:71:29:f5:f2:e4:c1:76:d6:30:4c:bb:d0:6f:
20:b4:a5:82:47:11:45:bd:ac:c1:d2:3d:97:4a:56:
47:92:59:57:40:de:06:e3:36:19:05:ba:cd:fa:8e:
a7:fb:50:8b:e5:b5:3a:c2:34:13:4a:26:21:c8:ba:
15:78:39:35:89:bf:69:13:43:96:96:71:b2:7c:15:
08:20:18:57:76:83:c8:ff:2f:6e:60:bb:9e:ff:4f:
9b:6f:7f:e7:85:e0:c6:3c:18:e9:88:97:5f:e3:db:
fa:a8:d5:05:fb:cb:47:57:8e:aa:bf:4e:57:b0:68:
d5:69:96:0d:6a:91:52:30:a7:ac:c8:3f:3b:31:45:
1a:d3:2e:91:84:13:c7:ea:f8:06:d9:16:cd:f9:aa:
cd:6d:84:3d:97:54:6c:59:cf:44:b9:42:42:78:0c:
53:a1:bb:8f:f5:01:40:ce:a3:83:05:95:ce:d5:e2:
9f:46:46:92:c7:e6:f1:c3:bd:75:eb:81:37:73:21:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FD:B1:F2:F5:58:09:F1:56:98:FB:07:C1:B0:EE:05:51:A9:BE:D9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_2x8vVYCfFWmPsHwbDuBVGpvtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b740::/29
2a0f:1480::/29
2a13:2b40::/29
2a13:9b00::/29
Signature Algorithm: sha256WithRSAEncryption
63:c9:4d:50:01:39:0b:f6:64:58:42:03:13:f1:c0:b0:ef:9f:
2f:79:ea:1d:95:1e:c8:5e:b6:d1:de:8a:07:e4:b8:4b:d6:c8:
8e:b4:0a:ee:32:c8:22:0f:89:a5:93:b5:a0:ea:6b:bb:85:a8:
2e:b5:c2:96:e1:d5:d2:65:2e:18:47:4e:41:4a:0c:81:0a:5a:
b4:5e:87:ff:ec:3f:7c:1a:e0:6c:c8:c7:62:5d:4c:3f:a3:3b:
e7:da:ec:c8:f9:03:fd:f3:03:53:fb:8e:19:d0:e9:dd:cf:d7:
69:af:97:ce:b9:cd:8e:76:80:7f:f3:06:c5:a4:39:dc:84:4a:
5f:4a:63:78:ef:82:39:90:04:9c:64:4b:70:5c:ae:12:04:96:
ae:62:20:4b:8d:5a:53:7c:6e:24:54:4d:80:97:aa:e9:4c:87:
55:c3:bf:94:b8:a6:d5:9d:3f:10:aa:31:98:75:08:a3:85:a0:
a7:76:08:e0:3b:04:f3:7e:0c:45:82:cf:9e:23:b8:03:14:1e:
1e:db:1b:c9:60:1d:29:72:4f:5a:81:ef:d6:ad:09:3e:24:ae:
d6:c4:38:0a:ee:0f:52:d2:24:cc:45:da:39:7b:9f:03:0d:9a:
4e:07:c7:e7:08:84:b0:f7:a3:16:d6:43:51:31:39:97:30:2c:
ad:1a:df:6e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZktbt334ta/R40tgqDjxRa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTA5MDc0NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZkYjFmMmY1NTgwOWYxNTY5OGZiMDdjMWIwZWUwNTUxYTliZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VMRs2icnsXZ4JvQQyjTvO3pvIow
RgyCkJwKYXYE5zYqyilDXaTFbZn/y/48kCdBS3tJC9dCkEHE5hoVpHEp9fLkwXbW
MEy70G8gtKWCRxFFvazB0j2XSlZHkllXQN4G4zYZBbrN+o6n+1CL5bU6wjQTSiYh
yLoVeDk1ib9pE0OWlnGyfBUIIBhXdoPI/y9uYLue/0+bb3/nheDGPBjpiJdf49v6
qNUF+8tHV46qv05XsGjVaZYNapFSMKesyD87MUUa0y6RhBPH6vgG2RbN+arNbYQ9
l1RsWc9EuUJCeAxTobuP9QFAzqODBZXO1eKfRkaSx+bxw71164E3cyE6AQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDv9sfL1WAnxVpj7B8Gw7gVRqb7ZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT18yeDh2VllDZkZXbVBzSHdiRHVCVkdwdnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg23QAMF
AyoPFIADBQMqEytAAwUDKhObADANBgkqhkiG9w0BAQsFAAOCAQEAY8lNUAE5C/Zk
WEIDE/HAsO+fL3nqHZUeyF620d6KB+S4S9bIjrQK7jLIIg+JpZO1oOpru4WoLrXC
luHV0mUuGEdOQUoMgQpatF6H/+w/fBrgbMjHYl1MP6M759rsyPkD/fMDU/uOGdDp
3c/Xaa+XzrnNjnaAf/MGxaQ53IRKX0pjeO+COZAEnGRLcFyuEgSWrmIgS41aU3xu
JFRNgJeq6UyHVcO/lLim1Z0/EKoxmHUIo4Wgp3YI4DsE834MRYLPniO4AxQeHtsb
yWAdKXJPWoHv1q0JPiSu1sQ4Cu4PUtIkzEXaOXufAw2aTgfH5wiEsPejFtZDUTE5
lzAsrRrfbg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:12:17 2025 by rpki-client