Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DnsVTWMcDKhFsRAMvFlB0aArQ08.roa
File: DnsVTWMcDKhFsRAMvFlB0aArQ08.roa (raw, json)
Hash identifier: Ha7Ge0/7+92h5pWrXZZ90/VUm/gcAO41JRi88LdaSuk=
Subject key identifier: 0E:7B:15:4D:63:1C:0C:A8:45:B1:10:0C:BC:59:41:D1:A0:2B:43:4F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0197BCE08EE828C15B1E89B0ED76A67D70CD
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DnsVTWMcDKhFsRAMvFlB0aArQ08.roa
Signing time: Sun 29 Jun 2025 18:08:42 +0000
ROA not before: Sun 29 Jun 2025 18:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62513
IP address blocks: 2a0f:b240::/46 maxlen: 48
2a0f:b241:8::/46 maxlen: 48
2a0f:b243::/32 maxlen: 48
2a0f:b247::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 03:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bc:e0:8e:e8:28:c1:5b:1e:89:b0:ed:76:a6:7d:70:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jun 29 18:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e7b154d631c0ca845b1100cbc5941d1a02b434f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:28:a0:bb:f6:7b:44:0f:c7:9c:61:ac:48:ca:
81:f9:ed:5b:f5:3d:07:b7:e6:08:a4:4e:00:67:51:
98:8a:a6:ec:0c:94:a0:16:92:72:23:d8:9c:36:63:
a2:54:7e:48:2f:f8:f8:c8:48:82:7b:90:11:66:48:
79:92:18:5e:fa:8b:b2:b8:98:f9:51:d5:2b:fa:3f:
16:aa:99:23:c1:59:fb:d8:1c:e7:4c:71:de:63:c3:
28:44:1d:13:81:e7:22:a2:de:cb:a3:54:d8:62:e5:
de:a0:8b:39:71:fa:ca:e1:8c:6f:86:8f:5b:7c:a7:
a2:03:54:00:71:de:65:f1:16:5d:cd:da:4d:fd:c0:
f2:b5:23:a6:d9:bb:13:28:f0:83:4e:1e:f6:e7:92:
27:10:91:de:32:2f:a9:e4:94:34:6f:ca:6e:94:bf:
80:ed:50:1d:ec:05:33:68:7f:20:ab:da:78:3c:12:
29:05:55:5c:12:60:4b:47:c6:82:7b:10:88:49:f3:
5a:21:c7:6c:9c:ff:09:1a:76:40:b3:f3:d4:29:e0:
19:fc:e9:68:09:a9:47:50:2a:f9:39:6e:4c:b2:58:
e6:8e:60:18:7c:1c:6c:c7:82:37:71:93:e2:4b:33:
81:bf:04:99:be:19:50:51:fd:18:f1:be:76:3c:17:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7B:15:4D:63:1C:0C:A8:45:B1:10:0C:BC:59:41:D1:A0:2B:43:4F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DnsVTWMcDKhFsRAMvFlB0aArQ08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b240::/46
2a0f:b241:8::/46
2a0f:b243::/32
2a0f:b247::/32
Signature Algorithm: sha256WithRSAEncryption
20:63:5d:d7:39:ca:3d:3d:04:3d:e4:6b:7f:44:44:ef:16:d9:
7e:d0:00:1d:2b:0f:6f:ff:5f:95:6b:da:a5:2c:9d:e9:5f:5b:
de:c1:c0:a7:5c:1d:c9:15:ab:a8:6e:19:d8:05:3a:19:75:2d:
e8:eb:9d:3e:b1:70:a6:8f:89:4c:2f:a2:d0:42:44:87:6c:0f:
12:8b:f3:aa:07:14:65:c0:e0:29:6c:45:7a:63:4d:df:34:84:
84:95:48:4b:86:7c:e3:91:2f:10:d7:8f:a9:0c:0e:5d:46:4c:
c5:24:dd:81:8a:28:dc:c5:70:ff:f5:03:1c:44:eb:e0:69:c0:
ec:63:e0:61:4a:fb:e5:c6:9f:71:ef:61:79:ea:22:2d:7e:30:
7e:8d:63:fb:34:36:2a:7d:b5:bb:2e:9f:ec:ee:56:f9:ec:6b:
c6:40:7a:c8:33:73:26:74:87:4c:9a:e1:5d:d9:2c:f0:4f:df:
c9:92:bd:0e:57:45:c3:5a:18:b4:fe:40:a6:de:7d:9d:b7:4a:
65:71:93:1d:d8:62:ce:01:b3:e6:4d:e9:fb:a3:31:83:3b:7d:
2e:7d:aa:1e:b4:39:f2:2b:6c:08:dc:64:bd:51:8b:ce:df:3d:
1b:2c:b8:10:39:4f:61:50:a7:55:88:52:fc:58:ea:e3:0c:8f:
21:30:fb:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZe84I7oKMFbHomw7XamfXDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwNjI5MTgwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTdiMTU0ZDYzMWMwY2E4NDViMTEwMGNiYzU5NDFkMWEwMmI0MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSigu/Z7RA/HnGGsSMqB+e1b9T0H
t+YIpE4AZ1GYiqbsDJSgFpJyI9icNmOiVH5IL/j4yEiCe5ARZkh5khhe+ouyuJj5
UdUr+j8WqpkjwVn72BznTHHeY8MoRB0Tgeciot7Lo1TYYuXeoIs5cfrK4Yxvho9b
fKeiA1QAcd5l8RZdzdpN/cDytSOm2bsTKPCDTh7255InEJHeMi+p5JQ0b8pulL+A
7VAd7AUzaH8gq9p4PBIpBVVcEmBLR8aCexCISfNaIcdsnP8JGnZAs/PUKeAZ/Olo
CalHUCr5OW5MsljmjmAYfBxsx4I3cZPiSzOBvwSZvhlQUf0Y8b52PBfksQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA57FU1jHAyoRbEQDLxZQdGgK0NPMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRG5zVlRXTWNES2hGc1JBTXZGbEIwYUFyUTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcCKg+yQAAA
AwcCKg+yQQAIAwUAKg+yQwMFACoPskcwDQYJKoZIhvcNAQELBQADggEBACBjXdc5
yj09BD3ka39ERO8W2X7QAB0rD2//X5Vr2qUsnelfW97BwKdcHckVq6huGdgFOhl1
LejrnT6xcKaPiUwvotBCRIdsDxKL86oHFGXA4ClsRXpjTd80hISVSEuGfOORLxDX
j6kMDl1GTMUk3YGKKNzFcP/1AxxE6+BpwOxj4GFK++XGn3HvYXnqIi1+MH6NY/s0
Nip9tbsun+zuVvnsa8ZAesgzcyZ0h0ya4V3ZLPBP38mSvQ5XRcNaGLT+QKbefZ23
SmVxkx3YYs4Bs+ZN6fujMYM7fS59qh60OfIrbAjcZL1Ri87fPRssuBA5T2FQp1WI
UvxY6uMMjyEw+68=
-----END CERTIFICATE-----
Generated at Mon Jun 30 12:58:08 2025 by rpki-client