Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/2rSo3-q09N7iB7jaYOjneDrv5u0.roa
File: 2rSo3-q09N7iB7jaYOjneDrv5u0.roa (raw, json)
Hash identifier: SeBUuABk516SvykaHeAgwtcJvEimuVjuj4HjynLJdB4=
Subject key identifier: DA:B4:A8:DF:EA:B4:F4:DE:E2:07:B8:DA:60:E8:E7:78:3A:EF:E6:ED
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0199BA0D0A03B274606198FC50FDBF60C4B6
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/2rSo3-q09N7iB7jaYOjneDrv5u0.roa
Signing time: Mon 06 Oct 2025 15:04:00 +0000
ROA not before: Mon 06 Oct 2025 15:04:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205828
IP address blocks: 2a11:85c0::/29 maxlen: 29
2a11:9fc0::/29 maxlen: 29
2a11:acc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ba:0d:0a:03:b2:74:60:61:98:fc:50:fd:bf:60:c4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Oct 6 15:04:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dab4a8dfeab4f4dee207b8da60e8e7783aefe6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cb:9b:fa:0b:49:e4:aa:14:a8:17:70:15:04:
06:53:a7:9c:40:47:8e:3e:02:09:5c:4d:33:ce:5a:
8f:37:b6:f5:a6:45:47:b4:03:ae:00:2e:6a:bd:21:
90:68:4c:52:64:56:6d:5a:d4:1a:46:47:a6:79:8d:
19:a8:be:4d:d3:5c:e9:68:13:dc:73:49:d8:19:02:
25:95:47:e7:6f:88:b3:58:3a:d4:42:7a:e5:85:d0:
b9:38:52:32:b1:b8:06:3f:0a:6d:d4:2a:26:71:34:
08:17:fb:2a:e4:95:d9:30:c1:22:af:d7:3a:50:8b:
25:ea:13:64:14:f1:1a:7e:8d:db:1e:7f:c9:a0:96:
b5:7c:cf:37:21:22:4e:10:32:82:b8:51:bc:e2:bd:
d5:68:52:63:2c:27:99:a4:3b:97:20:6d:27:fa:15:
f8:10:02:7b:85:d3:fc:c3:7b:6a:95:64:9c:dc:bf:
dd:59:60:2a:e6:2d:97:e6:93:aa:41:1d:65:a0:a4:
94:25:73:c5:aa:aa:bd:50:00:e1:a6:95:41:11:9d:
25:85:d5:a1:11:f2:8f:2b:d3:e4:e2:31:cb:a0:b7:
ea:fa:89:07:c7:36:cf:1d:70:6c:de:d4:35:b8:db:
22:18:e5:94:2b:0c:16:4d:5b:36:ff:cb:c8:0f:13:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B4:A8:DF:EA:B4:F4:DE:E2:07:B8:DA:60:E8:E7:78:3A:EF:E6:ED
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/2rSo3-q09N7iB7jaYOjneDrv5u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:85c0::/29
2a11:9fc0::/29
2a11:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
d2:4e:f9:68:87:5e:73:3f:cd:24:08:78:95:a2:a0:2e:75:08:
50:25:bd:1d:a2:0e:b8:30:4f:b9:90:cb:d5:91:5c:7a:e0:9f:
e4:75:d9:9c:26:23:75:b0:d9:32:57:1f:21:d1:16:69:e9:19:
3d:72:2e:81:e9:19:bd:ef:4f:c0:ae:35:d6:eb:03:d1:84:3f:
c6:fa:dd:4e:d0:d5:59:59:82:15:b4:c5:40:dc:ea:5e:06:11:
4d:31:1f:d3:b5:bc:7c:fe:38:59:3e:ac:53:2a:b3:fd:2c:e8:
ce:9f:7d:c3:56:aa:1a:e7:6c:99:86:6e:a9:45:6f:6f:42:31:
ae:3f:bd:ac:cb:3b:d2:4b:63:3e:fd:bf:43:2d:53:22:32:c6:
9b:8a:30:90:1c:e1:b0:52:29:b5:09:cd:6e:64:e2:67:da:c4:
f2:8b:bf:5f:a0:7a:7d:c3:70:64:fe:ba:73:93:86:db:77:08:
f3:a4:1e:ff:26:61:70:8e:8f:e1:c3:ed:ed:6d:31:0d:20:41:
51:db:8e:68:6e:48:2f:01:3b:66:98:94:2d:8e:c5:a0:80:64:
d4:62:95:da:f3:7b:21:a0:66:81:70:59:89:dc:21:71:f6:80:
14:49:a1:7c:55:33:6e:9d:2d:82:ab:df:e9:28:61:ba:e0:73:
c7:fb:92:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZm6DQoDsnRgYZj8UP2/YMS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUxMDA2MTUwNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI0YThkZmVhYjRmNGRlZTIwN2I4ZGE2MGU4ZTc3ODNhZWZlNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cub+gtJ5KoUqBdwFQQGU6ecQEeO
PgIJXE0zzlqPN7b1pkVHtAOuAC5qvSGQaExSZFZtWtQaRkemeY0ZqL5N01zpaBPc
c0nYGQIllUfnb4izWDrUQnrlhdC5OFIysbgGPwpt1ComcTQIF/sq5JXZMMEir9c6
UIsl6hNkFPEafo3bHn/JoJa1fM83ISJOEDKCuFG84r3VaFJjLCeZpDuXIG0n+hX4
EAJ7hdP8w3tqlWSc3L/dWWAq5i2X5pOqQR1loKSUJXPFqqq9UADhppVBEZ0lhdWh
EfKPK9Pk4jHLoLfq+okHxzbPHXBs3tQ1uNsiGOWUKwwWTVs2/8vIDxMOiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNq0qN/qtPTe4ge42mDo53g67+btMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvMnJTbzMtcTA5TjdpQjdqYVlPam5lRHJ2NXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhGFwAMF
AyoRn8ADBQMqEazAMA0GCSqGSIb3DQEBCwUAA4IBAQDSTvloh15zP80kCHiVoqAu
dQhQJb0dog64ME+5kMvVkVx64J/kddmcJiN1sNkyVx8h0RZp6Rk9ci6B6Rm970/A
rjXW6wPRhD/G+t1O0NVZWYIVtMVA3OpeBhFNMR/Ttbx8/jhZPqxTKrP9LOjOn33D
Vqoa52yZhm6pRW9vQjGuP72syzvSS2M+/b9DLVMiMsabijCQHOGwUim1Cc1uZOJn
2sTyi79foHp9w3Bk/rpzk4bbdwjzpB7/JmFwjo/hw+3tbTENIEFR245obkgvATtm
mJQtjsWggGTUYpXa83shoGaBcFmJ3CFx9oAUSaF8VTNunS2Cq9/pKGG64HPH+5JF
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:12 2025 by rpki-client