Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/7LNXf7Bznb6zSlZKik5NejFPtps.roa
File: 7LNXf7Bznb6zSlZKik5NejFPtps.roa (raw, json)
Hash identifier: nHV4wnFI2ST8pfXcMR2KmTzVKZj4yZAnhnT1bbBbBbc=
Subject key identifier: EC:B3:57:7F:B0:73:9D:BE:B3:4A:56:4A:8A:4E:4D:7A:31:4F:B6:9B
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01977FAE96D50B4B5477F6660774D1DBD6FE
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/7LNXf7Bznb6zSlZKik5NejFPtps.roa
Signing time: Tue 17 Jun 2025 20:57:17 +0000
ROA not before: Tue 17 Jun 2025 20:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a09:da40::/32 maxlen: 32
2a0d:adc4::/32 maxlen: 32
2a11:3d01::/32 maxlen: 32
2a14:9705::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:ae:96:d5:0b:4b:54:77:f6:66:07:74:d1:db:d6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 17 20:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecb3577fb0739dbeb34a564a8a4e4d7a314fb69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:df:0a:39:ac:6a:bf:c2:ec:14:49:b1:fd:2f:
92:cf:39:c6:6c:54:1e:4e:42:73:55:f5:e8:58:52:
6f:24:33:d2:61:96:d9:8a:e2:92:40:c9:b0:80:36:
8b:a2:7d:79:04:22:33:b6:af:e6:c9:d5:d9:26:96:
3d:19:a7:dd:a4:26:ba:7d:1c:58:1b:26:06:57:40:
c7:80:cd:04:c1:ec:f4:44:ec:d4:65:d1:1f:a9:28:
56:a0:f2:d5:50:5a:89:ac:73:bc:c1:98:f1:80:b2:
f0:26:8c:9a:a3:cc:b1:aa:3b:e2:3c:fc:69:7e:31:
ed:59:99:25:35:8c:90:a7:f8:e6:ab:6f:e7:36:75:
95:5f:09:8a:85:04:3f:cd:af:66:00:d1:28:fc:a6:
dc:a0:f3:75:7d:f1:d8:ca:ff:32:d8:6e:5d:e6:60:
82:92:9b:fd:a0:ef:b8:b4:c4:16:1c:da:a8:6d:41:
14:c5:b0:75:e4:1d:f9:73:c5:ca:1e:73:22:e0:92:
99:03:c7:b9:50:2b:1f:a2:7e:c4:cf:c2:fb:10:7e:
fc:c3:9e:ef:d0:87:2e:c1:8b:32:99:bf:0e:c7:00:
5d:eb:5f:33:21:86:78:eb:83:92:79:4d:51:ec:d6:
9a:62:14:aa:32:3b:0d:9c:b7:f1:30:28:60:4d:31:
b9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B3:57:7F:B0:73:9D:BE:B3:4A:56:4A:8A:4E:4D:7A:31:4F:B6:9B
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/7LNXf7Bznb6zSlZKik5NejFPtps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da40::/32
2a0d:adc4::/32
2a11:3d01::/32
2a14:9705::/32
Signature Algorithm: sha256WithRSAEncryption
8d:0b:a0:c9:a4:63:d3:d1:6d:88:24:32:76:92:f4:a5:88:c6:
b0:d5:67:19:09:53:0b:e3:6f:4c:e3:f1:52:7b:42:2a:ae:a7:
08:3d:5e:15:7e:54:eb:8f:3c:3b:ca:09:85:ca:23:7d:69:d9:
63:27:28:fa:f4:c3:ec:84:ad:07:df:a5:b2:8d:82:67:40:99:
70:07:1e:2c:f2:74:b3:11:4c:94:37:ee:0e:37:e0:5b:60:06:
2c:23:c1:6a:ea:10:77:0b:db:6b:27:63:5d:ac:8a:d1:76:88:
ad:e3:b3:d4:1c:cb:5d:49:d8:f1:50:22:07:95:44:4b:38:cd:
fb:ea:0e:f8:88:f3:4f:4c:8c:9c:b0:69:23:be:ea:ba:30:cf:
de:18:c4:e0:a5:2b:e0:59:fb:ed:df:4f:ae:40:47:47:6b:b3:
29:6c:26:ba:d1:63:59:b1:33:98:58:23:db:41:2a:c2:16:07:
30:19:25:fc:f5:8a:0c:f9:ff:3e:69:ff:f6:fd:b9:33:6e:74:
70:2e:09:15:0e:5b:de:b5:d3:69:d1:91:29:a7:a6:f4:8f:e5:
b6:53:b3:69:c2:71:07:7b:72:c0:d6:5a:e0:ed:c0:80:82:50:
db:56:e6:cf:6b:b4:0a:ec:85:c8:03:89:93:13:9b:b5:62:a1:
5e:12:ee:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZd/rpbVC0tUd/ZmB3TR29b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjE3MjA1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IzNTc3ZmIwNzM5ZGJlYjM0YTU2NGE4YTRlNGQ3YTMxNGZiNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+t8KOaxqv8LsFEmx/S+SzznGbFQe
TkJzVfXoWFJvJDPSYZbZiuKSQMmwgDaLon15BCIztq/mydXZJpY9GafdpCa6fRxY
GyYGV0DHgM0Ewez0ROzUZdEfqShWoPLVUFqJrHO8wZjxgLLwJoyao8yxqjviPPxp
fjHtWZklNYyQp/jmq2/nNnWVXwmKhQQ/za9mANEo/KbcoPN1ffHYyv8y2G5d5mCC
kpv9oO+4tMQWHNqobUEUxbB15B35c8XKHnMi4JKZA8e5UCsfon7Ez8L7EH78w57v
0IcuwYsymb8OxwBd618zIYZ464OSeU1R7NaaYhSqMjsNnLfxMChgTTG5mQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOyzV3+wc52+s0pWSopOTXoxT7abMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvN0xOWGY3QnpuYjZ6U2xaS2lrNU5lakZQdHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgnaQAMF
ACoNrcQDBQAqET0BAwUAKhSXBTANBgkqhkiG9w0BAQsFAAOCAQEAjQugyaRj09Ft
iCQydpL0pYjGsNVnGQlTC+NvTOPxUntCKq6nCD1eFX5U6488O8oJhcojfWnZYyco
+vTD7IStB9+lso2CZ0CZcAceLPJ0sxFMlDfuDjfgW2AGLCPBauoQdwvbaydjXayK
0XaIreOz1BzLXUnY8VAiB5VESzjN++oO+IjzT0yMnLBpI77qujDP3hjE4KUr4Fn7
7d9PrkBHR2uzKWwmutFjWbEzmFgj20EqwhYHMBkl/PWKDPn/Pmn/9v25M250cC4J
FQ5b3rXTadGRKaem9I/ltlOzacJxB3tywNZa4O3AgIJQ21bmz2u0CuyFyAOJkxOb
tWKhXhLuTA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:14 2025 by rpki-client