Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vKoxyxYIBhk8zbvmPzapIbUviA0.roa
File: vKoxyxYIBhk8zbvmPzapIbUviA0.roa (raw, json)
Hash identifier: XCmP48vMQ6o3/DPJNcBfMJPxoCJ0btJxVPjR5e+yPTA=
Subject key identifier: BC:AA:31:CB:16:08:06:19:3C:CD:BB:E6:3F:36:A9:21:B5:2F:88:0D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197A320BACE4F40C87417162DEE9DE054C7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vKoxyxYIBhk8zbvmPzapIbUviA0.roa
Signing time: Tue 24 Jun 2025 18:08:40 +0000
ROA not before: Tue 24 Jun 2025 18:08:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197992
IP address blocks: 2a06:5280::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
2a0d:a9c0::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a10:3040::/29 maxlen: 29
2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:90c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a13:2f40::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a13:9100::/29 maxlen: 29
2a13:9480::/29 maxlen: 29
2a13:9b00::/29 maxlen: 29
2a13:9d00::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:20:ba:ce:4f:40:c8:74:17:16:2d:ee:9d:e0:54:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 24 18:08:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcaa31cb160806193ccdbbe63f36a921b52f880d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:66:e3:36:6d:09:4e:92:5f:af:4a:ea:be:
cf:2b:ca:fc:c0:e0:78:67:aa:4f:20:f4:ce:a7:7f:
a9:51:f5:40:2e:03:7c:fe:b0:a6:8b:fb:6d:04:27:
14:38:43:a4:b4:0f:56:1d:fd:e8:5c:b7:b3:8d:a7:
16:68:07:d3:d3:f2:87:39:07:4e:b3:36:fe:b9:2c:
0c:af:b9:32:ae:8e:8a:be:0f:f2:5e:00:fa:c2:05:
13:19:0c:4a:5d:ab:b8:a7:85:f9:02:cd:a7:76:5f:
9c:d2:51:72:6f:55:31:26:5d:07:ff:72:fb:ce:89:
74:7e:7b:b8:eb:fb:b7:6f:af:c6:4d:a2:66:ae:5d:
95:03:41:35:4f:60:b5:63:f2:5a:aa:ec:ca:61:87:
e4:cd:65:e8:5d:14:22:0e:eb:f3:67:fd:88:6c:a2:
b6:8a:1e:f5:d5:51:0f:0f:cc:b3:1e:41:f9:fb:0e:
a0:26:c7:31:68:68:b3:c5:3d:08:37:8b:e0:bc:30:
04:c5:c9:f1:f6:3b:63:26:10:00:61:de:71:3a:51:
47:7f:a3:70:f6:f9:6e:16:e7:41:34:ca:c2:59:df:
42:1f:84:cc:95:13:a3:fb:95:19:67:54:6e:d5:62:
ea:e1:51:82:66:44:3b:69:5f:b5:d6:82:2d:03:92:
2d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:31:CB:16:08:06:19:3C:CD:BB:E6:3F:36:A9:21:B5:2F:88:0D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vKoxyxYIBhk8zbvmPzapIbUviA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a07:95c0::/29
2a0d:1140::/29
2a0d:a9c0::/29
2a0f:1a40::/29
2a0f:27c0::/29
2a0f:3640::/29
2a0f:7280::/29
2a0f:9600::/29
2a0f:ec00::/29
2a10:3040::/29
2a10:3640::/29
2a10:6300::/29
2a10:6900::/29
2a11:1880::/29
2a11:3f80::/29
2a11:90c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b740::/29
2a11:f040::/29
2a13:2f40::/29
2a13:4f00::/29
2a13:9100::/29
2a13:9480::/29
2a13:9b00::/29
2a13:9d00::/29
2a13:c700::/29
Signature Algorithm: sha256WithRSAEncryption
73:8d:d5:ba:5f:2d:a4:0b:dd:c7:14:de:19:7a:c1:40:a6:84:
55:0b:9d:48:14:f3:ca:ca:61:46:ea:a5:32:d7:d5:c7:c9:5b:
e9:e4:b4:85:2f:31:8f:a9:74:79:6c:f0:cd:90:f6:33:e4:93:
25:5a:37:16:33:d3:a5:d6:33:a4:f6:0b:35:23:76:2b:fd:65:
3e:27:14:c0:c4:a3:73:bd:04:b9:b9:ef:64:50:a7:a7:ad:6e:
35:82:3f:2e:79:e7:9c:4c:69:ee:5b:e2:f6:ef:4c:83:a9:2e:
14:c9:0f:8f:a2:0d:bf:b8:ef:16:1a:0a:94:f4:8e:b2:91:cf:
8b:8f:60:4b:7f:79:f2:91:df:09:ed:d3:6a:ab:d0:4e:3a:2d:
54:76:4c:28:9a:de:3f:4a:f2:41:a2:45:7e:56:a4:5f:0c:1c:
54:e9:2c:81:e1:08:8f:ca:36:ea:bb:79:a9:da:c7:99:78:30:
c2:83:70:02:81:cd:a4:31:37:a2:9a:cc:8f:df:24:e5:61:58:
66:8a:38:31:f3:39:49:96:b5:62:ae:41:5e:6e:ac:dd:8d:ea:
40:68:d5:ca:f1:54:12:53:29:7b:f5:11:47:ac:dd:33:17:51:
8a:05:bd:15:f6:72:e4:d4:09:3c:4c:13:91:75:2b:76:8a:09:
aa:ef:4d:6d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZejILrOT0DIdBcWLe6d4FTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjI0MTgwODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FhMzFjYjE2MDgwNjE5M2NjZGJiZTYzZjM2YTkyMWI1MmY4ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bpm4zZtCU6SX69K6r7PK8r8wOB4
Z6pPIPTOp3+pUfVALgN8/rCmi/ttBCcUOEOktA9WHf3oXLezjacWaAfT0/KHOQdO
szb+uSwMr7kyro6Kvg/yXgD6wgUTGQxKXau4p4X5As2ndl+c0lFyb1UxJl0H/3L7
zol0fnu46/u3b6/GTaJmrl2VA0E1T2C1Y/JaquzKYYfkzWXoXRQiDuvzZ/2IbKK2
ih711VEPD8yzHkH5+w6gJscxaGizxT0IN4vgvDAExcnx9jtjJhAAYd5xOlFHf6Nw
9vluFudBNMrCWd9CH4TMlROj+5UZZ1Ru1WLq4VGCZkQ7aV+11oItA5IteQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFLyqMcsWCAYZPM275j82qSG1L4gNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdktveHl4WUlCaGs4emJ2bVB6YXBJYlV2aUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAIwgcQDBQMq
BlKAAwUDKgeVwAMFAyoNEUADBQMqDanAAwUDKg8aQAMFAyoPJ8ADBQMqDzZAAwUD
Kg9ygAMFAyoPlgADBQMqD+wAAwUDKhAwQAMFAyoQNkADBQMqEGMAAwUDKhBpAAMF
AyoRGIADBQMqET+AAwUDKhGQwAMFAyoRk0ADBQMqEZ4AAwUDKhG3QAMFAyoR8EAD
BQMqEy9AAwUDKhNPAAMFAyoTkQADBQMqE5SAAwUDKhObAAMFAyoTnQADBQMqE8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQBzjdW6Xy2kC93HFN4ZesFApoRVC51IFPPKymFG
6qUy19XHyVvp5LSFLzGPqXR5bPDNkPYz5JMlWjcWM9Ol1jOk9gs1I3Yr/WU+JxTA
xKNzvQS5ue9kUKenrW41gj8ueeecTGnuW+L270yDqS4UyQ+Pog2/uO8WGgqU9I6y
kc+Lj2BLf3nykd8J7dNqq9BOOi1Udkwomt4/SvJBokV+VqRfDBxU6SyB4QiPyjbq
u3mp2seZeDDCg3ACgc2kMTeimsyP3yTlYVhmijgx8zlJlrVirkFebqzdjepAaNXK
8VQSUyl79RFHrN0zF1GKBb0V9nLk1Ak8TBORdSt2igmq701t
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:53:29 2025 by rpki-client