Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Dp3SFvMoTsBZMzpnM-2qll8qyP4.roa
File: Dp3SFvMoTsBZMzpnM-2qll8qyP4.roa (raw, json)
Hash identifier: cp2e9792KOloDMdWDrzAUSTeWW6do57mWBjFLagMlYQ=
Subject key identifier: 0E:9D:D2:16:F3:28:4E:C0:59:33:3A:67:33:ED:AA:96:5F:2A:C8:FE
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01979E3F62F38BE2B842DB0E8DE457FE5E81
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Dp3SFvMoTsBZMzpnM-2qll8qyP4.roa
Signing time: Mon 23 Jun 2025 19:24:03 +0000
ROA not before: Mon 23 Jun 2025 19:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:6506::/32 maxlen: 32
2a11:7680::/32 maxlen: 32
2a11:7685::/32 maxlen: 32
2a11:8300::/32 maxlen: 32
2a11:b783::/32 maxlen: 32
2a11:b786::/32 maxlen: 32
2a11:c106::/32 maxlen: 32
2a11:cd00::/32 maxlen: 32
2a11:d080::/32 maxlen: 32
2a11:d084::/32 maxlen: 32
2a12:3b40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:3f:62:f3:8b:e2:b8:42:db:0e:8d:e4:57:fe:5e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jun 23 19:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e9dd216f3284ec059333a6733edaa965f2ac8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:8f:65:f6:12:ff:88:79:95:76:00:6a:45:
4a:bc:41:7d:e7:41:a2:cb:92:d4:f2:a2:38:ba:6b:
e9:19:39:36:23:03:9c:56:88:31:41:cc:a2:44:69:
5c:50:21:c8:f7:dd:38:30:df:b5:af:36:11:b7:1e:
bf:f1:c4:b8:3e:20:8e:b9:f9:7a:38:76:35:5a:04:
50:81:be:7a:88:14:22:b9:42:49:25:ea:5b:9b:2c:
06:e7:61:42:ac:59:62:6c:d8:75:5e:2d:71:26:fe:
48:1c:a4:2f:02:77:90:0e:58:eb:7d:c0:66:60:4b:
2e:96:5e:5c:12:29:49:63:b1:dd:1a:7a:f7:e8:d8:
5c:02:bf:0e:75:23:c3:5d:db:45:ea:4a:7a:bd:6f:
4b:2b:83:28:0a:a4:57:e2:50:b7:ad:78:ea:75:1e:
8f:b3:d3:1e:3b:c3:12:22:66:d8:9d:af:c2:2a:7f:
a4:4a:d2:6a:ba:6e:91:98:4d:9a:5d:71:00:bc:95:
3f:83:67:63:4c:4f:29:d7:97:1d:72:e1:a6:9d:fa:
df:ed:21:8e:4d:64:6c:7e:6c:85:ea:f1:2d:a2:fb:
04:da:25:09:f0:4c:30:76:f3:ac:04:dc:21:d5:dc:
24:3d:81:98:d6:08:c1:57:be:ad:d2:13:36:ba:df:
54:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:9D:D2:16:F3:28:4E:C0:59:33:3A:67:33:ED:AA:96:5F:2A:C8:FE
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/Dp3SFvMoTsBZMzpnM-2qll8qyP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6506::/32
2a11:7680::/32
2a11:7685::/32
2a11:8300::/32
2a11:b783::/32
2a11:b786::/32
2a11:c106::/32
2a11:cd00::/32
2a11:d080::/32
2a11:d084::/32
2a12:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
73:c2:25:5a:0d:df:2f:44:c6:11:ab:0f:d0:09:52:1f:f4:a2:
8f:ad:ee:7c:a5:56:9f:43:47:40:b6:e8:1a:5f:c5:40:12:64:
f6:30:ae:2c:45:fb:9e:b5:07:7d:bb:55:18:f6:e2:6e:1f:79:
3e:23:d6:bf:80:b7:eb:9e:bc:90:c0:14:b1:a2:ba:17:f2:fd:
5f:43:bb:a4:9d:52:a0:5a:b8:76:1c:d3:98:3e:82:bd:7a:a4:
d9:11:ca:45:69:07:cb:4f:90:62:2d:92:c6:a2:90:28:1c:a8:
9a:07:b0:c6:2f:e9:52:37:42:e2:c8:9d:63:1e:1d:37:05:1c:
d1:e5:1c:a9:7d:ff:80:c5:d5:b8:1f:f4:75:3c:fe:d3:c5:3e:
a3:53:57:b0:4e:b6:3c:bc:15:99:00:76:70:6a:45:a7:0b:b9:
f3:58:64:59:f1:5a:f4:bf:7c:91:a6:7a:4b:db:e5:1e:b6:45:
74:d2:1d:f4:9b:a4:98:5a:d7:79:51:f1:22:28:ea:61:89:dd:
8a:10:c6:3d:d7:86:32:d3:74:5b:38:80:98:25:82:f0:db:d3:
5d:5f:f4:f9:ee:db:e4:47:27:6c:79:1c:c6:f0:00:6f:be:09:
e2:c0:7c:a8:eb:e1:e6:76:80:98:b0:fc:2c:46:e9:74:f8:ea:
b3:0e:c1:19
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZeeP2Lzi+K4QtsOjeRX/l6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNjIzMTkyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTlkZDIxNmYzMjg0ZWMwNTkzMzNhNjczM2VkYWE5NjVmMmFjOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyqPZfYS/4h5lXYAakVKvEF950Gi
y5LU8qI4umvpGTk2IwOcVogxQcyiRGlcUCHI9904MN+1rzYRtx6/8cS4PiCOufl6
OHY1WgRQgb56iBQiuUJJJepbmywG52FCrFlibNh1Xi1xJv5IHKQvAneQDljrfcBm
YEsull5cEilJY7HdGnr36NhcAr8OdSPDXdtF6kp6vW9LK4MoCqRX4lC3rXjqdR6P
s9MeO8MSImbYna/CKn+kStJqum6RmE2aXXEAvJU/g2djTE8p15cdcuGmnfrf7SGO
TWRsfmyF6vEtovsE2iUJ8EwwdvOsBNwh1dwkPYGY1gjBV76t0hM2ut9U0QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFA6d0hbzKE7AWTM6ZzPtqpZfKsj+MB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvRHAzU0Z2TW9Uc0JaTXpwbk0tMnFsbDhxeVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUAKhFlBgMF
ACoRdoADBQAqEXaFAwUAKhGDAAMFACoRt4MDBQAqEbeGAwUAKhHBBgMFACoRzQAD
BQAqEdCAAwUAKhHQhAMFACoSO0AwDQYJKoZIhvcNAQELBQADggEBAHPCJVoN3y9E
xhGrD9AJUh/0oo+t7nylVp9DR0C26BpfxUASZPYwrixF+561B327VRj24m4feT4j
1r+At+uevJDAFLGiuhfy/V9Du6SdUqBauHYc05g+gr16pNkRykVpB8tPkGItksai
kCgcqJoHsMYv6VI3QuLInWMeHTcFHNHlHKl9/4DF1bgf9HU8/tPFPqNTV7BOtjy8
FZkAdnBqRacLufNYZFnxWvS/fJGmekvb5R62RXTSHfSbpJha13lR8SIo6mGJ3YoQ
xj3XhjLTdFs4gJglgvDb011f9Pnu2+RHJ2x5HMbwAG++CeLAfKjr4eZ2gJiw/CxG
6XT46rMOwRk=
-----END CERTIFICATE-----
Generated at Sun Jun 29 21:06:56 2025 by rpki-client