
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3UrcXAvUPXOxJHin-fpij-Rxeow.roa
File: 3UrcXAvUPXOxJHin-fpij-Rxeow.roa (raw, json)
Hash identifier: u5YOevQq4A8lK81tVn2BR62vGaGNiFwRH3yerg3JNHU=
Subject key identifier: DD:4A:DC:5C:0B:D4:3D:73:B1:24:78:A7:F9:FA:62:8F:E4:71:7A:8C
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01999975DE63336B187373F2F11329D2DC46
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3UrcXAvUPXOxJHin-fpij-Rxeow.roa
Signing time: Tue 30 Sep 2025 07:11:02 +0000
ROA not before: Tue 30 Sep 2025 07:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133944
IP address blocks: 2a06:fe45::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:75:de:63:33:6b:18:73:73:f2:f1:13:29:d2:dc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 30 07:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd4adc5c0bd43d73b12478a7f9fa628fe4717a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:e6:cc:d8:da:e8:15:d4:5a:c8:4f:d4:53:
2a:ae:c8:86:4b:fd:13:a5:68:12:a1:53:63:d2:a9:
64:a1:48:a0:e8:6a:9d:41:2c:bc:20:1e:bd:00:9c:
7a:2b:c6:ea:84:48:d1:c6:90:82:87:64:77:f2:80:
27:6b:f0:2e:ef:8e:7a:42:87:35:c4:d3:e2:3c:82:
05:12:07:a5:d6:c0:49:52:61:64:fe:a1:e8:7a:f2:
c3:17:b7:45:88:0a:af:45:e3:82:4a:e3:bf:cf:76:
8e:42:e2:a8:19:0b:fc:5e:57:be:dc:66:5d:c2:5b:
03:78:c8:4e:36:b9:d6:73:3c:a3:da:51:a3:c5:49:
ec:ce:e8:f7:34:90:c1:ac:e7:cf:09:e5:78:3e:9f:
74:63:95:68:cd:3e:59:d4:6f:05:d7:ee:06:43:f5:
d3:be:08:b4:67:97:62:53:cf:06:99:a8:32:dc:a0:
94:34:f9:f5:3d:5b:a6:23:09:b2:f8:19:e2:76:a0:
d3:7c:e8:36:79:75:ca:85:3e:57:33:a9:2b:ec:15:
ea:70:9d:62:00:aa:83:bd:c5:a2:8e:18:3a:80:50:
9d:db:e3:b1:5e:0b:38:41:2f:15:be:92:85:cd:2c:
ec:b4:8a:a3:26:fb:ca:e9:90:c3:2a:72:34:25:44:
71:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4A:DC:5C:0B:D4:3D:73:B1:24:78:A7:F9:FA:62:8F:E4:71:7A:8C
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3UrcXAvUPXOxJHin-fpij-Rxeow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:fe45::/32
Signature Algorithm: sha256WithRSAEncryption
14:a2:c6:ca:73:f2:16:ef:07:33:96:c4:58:51:95:57:80:a5:
ca:14:7d:c2:48:0e:f8:89:53:53:99:7d:23:59:4b:53:a1:c9:
6e:8b:85:6d:5a:cf:ed:31:f3:a6:c3:47:29:8a:b6:72:1c:99:
e5:16:7b:b5:6b:4d:5b:22:0a:c5:75:85:30:18:6b:c9:2d:48:
23:45:54:c1:4b:e3:e5:28:6f:03:a2:8f:a3:3d:3d:81:45:c2:
b5:5e:e8:f0:71:32:aa:02:4a:06:ff:c0:d5:a2:68:3a:8b:02:
58:e8:1f:7f:36:d2:db:74:dd:3c:d5:40:d8:75:d9:25:1e:1a:
68:4d:88:ff:dc:3d:b0:a8:0c:1d:cc:8a:c8:8d:6c:66:b5:47:
ba:58:af:11:5b:bb:b0:76:05:7b:8c:19:11:4a:1d:1f:a0:e9:
26:0f:6c:22:bc:54:10:b3:94:37:52:51:52:7b:cb:ec:cd:a6:
7f:31:30:62:64:70:01:61:4a:a9:81:51:7c:89:88:1a:3a:de:
02:36:7d:7a:e1:f9:77:89:b7:bf:b3:84:cb:a0:05:e6:b2:9b:
7b:ae:9f:da:00:33:9f:c2:0e:1f:99:74:fd:70:c8:f2:9b:7b:
58:e8:83:92:bf:a9:77:da:ac:6c:85:06:d0:cb:86:c4:0d:23:
a2:df:8c:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZmZdd5jM2sYc3Py8RMp0txGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTMwMDcxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRhZGM1YzBiZDQzZDczYjEyNDc4YTdmOWZhNjI4ZmU0NzE3YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ/mzNja6BXUWshP1FMqrsiGS/0T
pWgSoVNj0qlkoUig6GqdQSy8IB69AJx6K8bqhEjRxpCCh2R38oAna/Au7456Qoc1
xNPiPIIFEgel1sBJUmFk/qHoevLDF7dFiAqvReOCSuO/z3aOQuKoGQv8Xle+3GZd
wlsDeMhONrnWczyj2lGjxUnszuj3NJDBrOfPCeV4Pp90Y5VozT5Z1G8F1+4GQ/XT
vgi0Z5diU88Gmagy3KCUNPn1PVumIwmy+BnidqDTfOg2eXXKhT5XM6kr7BXqcJ1i
AKqDvcWijhg6gFCd2+OxXgs4QS8VvpKFzSzstIqjJvvK6ZDDKnI0JURxYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN1K3FwL1D1zsSR4p/n6Yo/kcXqMMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvM1VyY1hBdlVQWE94Skhpbi1mcGlqLVJ4ZW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgb+RTAN
BgkqhkiG9w0BAQsFAAOCAQEAFKLGynPyFu8HM5bEWFGVV4ClyhR9wkgO+IlTU5l9
I1lLU6HJbouFbVrP7THzpsNHKYq2chyZ5RZ7tWtNWyIKxXWFMBhryS1II0VUwUvj
5ShvA6KPoz09gUXCtV7o8HEyqgJKBv/A1aJoOosCWOgffzbS23TdPNVA2HXZJR4a
aE2I/9w9sKgMHcyKyI1sZrVHulivEVu7sHYFe4wZEUodH6DpJg9sIrxUELOUN1JR
UnvL7M2mfzEwYmRwAWFKqYFRfImIGjreAjZ9euH5d4m3v7OEy6AF5rKbe66f2gAz
n8IOH5l0/XDI8pt7WOiDkr+pd9qsbIUG0MuGxA0jot+MIw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:13 2025 by rpki-client