Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/OXzsoQWcfSLHj04LygHORaYth3Y.roa
File: OXzsoQWcfSLHj04LygHORaYth3Y.roa (raw, json)
Hash identifier: gP/eQqQ3pnpzbZZ+ZP/h1YGN6dV6ixwkRO3nX2q99p0=
Subject key identifier: 39:7C:EC:A1:05:9C:7D:22:C7:8F:4E:0B:CA:01:CE:45:A6:2D:87:76
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0196AC433F81435F5EF24ECF1D774BA8E5E0
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/OXzsoQWcfSLHj04LygHORaYth3Y.roa
Signing time: Wed 07 May 2025 19:40:10 +0000
ROA not before: Wed 07 May 2025 19:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:9fc0::/29 maxlen: 29
2a11:c440::/29 maxlen: 29
2a11:c540::/29 maxlen: 29
2a11:c700::/29 maxlen: 29
2a11:e7c0::/29 maxlen: 29
2a12:10c0::/29 maxlen: 29
2a12:15c0::/29 maxlen: 29
2a12:1880::/29 maxlen: 29
2a12:25c0::/29 maxlen: 29
2a12:34c0::/29 maxlen: 29
2a12:4500::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:6600::/29 maxlen: 29
2a12:7980::/29 maxlen: 29
2a12:8800::/29 maxlen: 29
2a12:9700::/29 maxlen: 29
2a12:9e00::/29 maxlen: 29
2a12:c180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:43:3f:81:43:5f:5e:f2:4e:cf:1d:77:4b:a8:e5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: May 7 19:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=397ceca1059c7d22c78f4e0bca01ce45a62d8776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:38:b9:78:87:2e:9a:bf:8b:62:43:ad:3d:
b0:75:54:13:06:4c:db:d5:6c:82:f2:0f:ad:91:85:
31:cc:f9:29:b1:9f:54:eb:b5:00:f1:90:16:49:69:
34:be:63:bd:d0:ec:ba:c0:3d:09:95:7f:38:dc:9d:
13:bf:b8:49:70:09:6e:11:bf:f4:73:6e:1b:aa:c8:
f6:4d:b0:f3:cf:aa:46:86:84:ee:af:ff:10:a3:ba:
92:92:50:a5:0a:94:5d:ef:b9:3f:11:19:e2:39:13:
f2:ed:32:24:39:fe:0c:64:63:ef:a8:84:38:66:e4:
c1:df:32:f9:85:32:67:17:20:49:97:75:94:cd:20:
cf:68:ed:4e:67:1e:6c:c7:68:8f:1d:8d:7f:aa:cc:
f0:ba:77:f5:19:32:6f:91:7d:97:61:f5:b8:cf:34:
eb:75:0f:fc:cc:f4:93:4e:3f:9a:7e:63:4f:be:69:
f7:82:a3:a6:a0:73:4c:0b:4d:51:d7:7a:d9:f9:d2:
47:c8:57:85:84:b7:ba:7b:86:2d:ab:de:bb:eb:17:
24:d8:c8:3e:c0:35:cd:d9:87:0b:a9:c3:5e:c3:34:
a8:3e:d8:3e:2f:2e:2f:58:1c:e6:11:11:67:df:7f:
34:74:be:c7:f5:8a:0d:22:a1:7f:2c:5b:ef:b0:cd:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7C:EC:A1:05:9C:7D:22:C7:8F:4E:0B:CA:01:CE:45:A6:2D:87:76
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/OXzsoQWcfSLHj04LygHORaYth3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9fc0::/29
2a11:c440::/29
2a11:c540::/29
2a11:c700::/29
2a11:e7c0::/29
2a12:10c0::/29
2a12:15c0::/29
2a12:1880::/29
2a12:25c0::/29
2a12:34c0::/29
2a12:4500::/29
2a12:5580::/29
2a12:6600::/29
2a12:7980::/29
2a12:8800::/29
2a12:9700::/29
2a12:9e00::/29
2a12:c180::/29
Signature Algorithm: sha256WithRSAEncryption
05:9f:dd:b5:a5:4a:8f:6b:c0:f3:33:b2:04:2d:8c:44:4c:c2:
fa:54:26:a9:1e:47:97:e1:8d:b3:3b:14:01:02:ac:3e:be:38:
60:55:35:13:1f:66:86:88:e0:36:19:78:e5:da:0a:5b:67:cd:
e2:2a:9f:13:2f:4a:3b:df:0e:27:c9:dd:03:36:55:c6:16:7d:
60:d4:5d:f6:a1:38:9e:96:fd:94:82:15:e4:80:1a:29:0c:bb:
3b:3c:1a:10:0b:8b:6f:12:41:f4:d6:fc:19:ef:9e:5e:0d:1c:
0b:b7:22:7d:6d:cd:12:9b:72:7a:d8:bf:7e:f8:29:e3:2e:2b:
10:6d:9b:7d:4e:1e:21:b9:2d:63:62:15:01:5d:8f:41:a6:56:
5b:37:9e:91:7e:b6:53:80:65:ef:a8:37:2f:c5:26:e0:1d:e2:
75:b2:ad:24:c4:49:48:b5:ca:80:ca:0d:1b:1e:b1:a0:8c:b0:
7e:ad:6a:10:9b:ca:f0:ac:c6:45:8e:f5:99:85:09:0c:08:d3:
7f:5f:3f:b0:8f:37:f4:4d:07:ec:ba:7b:a2:a8:7b:ca:c9:ed:
35:db:a8:0d:5c:ef:96:1e:30:96:cb:c7:c9:96:a6:08:a2:55:
b6:5e:c7:50:7f:ca:ca:61:c1:61:19:ba:4a:b4:7e:7f:6b:18:
d7:e5:1c:93
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZasQz+BQ19e8k7PHXdLqOXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNTA3MTk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdjZWNhMTA1OWM3ZDIyYzc4ZjRlMGJjYTAxY2U0NWE2MmQ4Nzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK44uXiHLpq/i2JDrT2wdVQTBkzb
1WyC8g+tkYUxzPkpsZ9U67UA8ZAWSWk0vmO90Oy6wD0JlX843J0Tv7hJcAluEb/0
c24bqsj2TbDzz6pGhoTur/8Qo7qSklClCpRd77k/ERniORPy7TIkOf4MZGPvqIQ4
ZuTB3zL5hTJnFyBJl3WUzSDPaO1OZx5sx2iPHY1/qszwunf1GTJvkX2XYfW4zzTr
dQ/8zPSTTj+afmNPvmn3gqOmoHNMC01R13rZ+dJHyFeFhLe6e4Ytq9676xck2Mg+
wDXN2YcLqcNewzSoPtg+Ly4vWBzmERFn3380dL7H9YoNIqF/LFvvsM1vywIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFDl87KEFnH0ix49OC8oBzkWmLYd2MB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvT1h6c29RV2NmU0xIajA0THlnSE9SYVl0aDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoR
n8ADBQMqEcRAAwUDKhHFQAMFAyoRxwADBQMqEefAAwUDKhIQwAMFAyoSFcADBQMq
EhiAAwUDKhIlwAMFAyoSNMADBQMqEkUAAwUDKhJVgAMFAyoSZgADBQMqEnmAAwUD
KhKIAAMFAyoSlwADBQMqEp4AAwUDKhLBgDANBgkqhkiG9w0BAQsFAAOCAQEABZ/d
taVKj2vA8zOyBC2MREzC+lQmqR5Hl+GNszsUAQKsPr44YFU1Ex9mhojgNhl45doK
W2fN4iqfEy9KO98OJ8ndAzZVxhZ9YNRd9qE4npb9lIIV5IAaKQy7OzwaEAuLbxJB
9Nb8Ge+eXg0cC7cifW3NEptyeti/fvgp4y4rEG2bfU4eIbktY2IVAV2PQaZWWzee
kX62U4Bl76g3L8Um4B3idbKtJMRJSLXKgMoNGx6xoIywfq1qEJvK8KzGRY71mYUJ
DAjTf18/sI839E0H7Lp7oqh7ysntNduoDVzvlh4wlsvHyZamCKJVtl7HUH/KymHB
YRm6SrR+f2sY1+Uckw==
-----END CERTIFICATE-----
Generated at Sun May 11 12:35:32 2025 by rpki-client