Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/V4PQyWYBsYtVrR0oCjk0ileHLD4.roa
File: V4PQyWYBsYtVrR0oCjk0ileHLD4.roa (raw, json)
Hash identifier: b+H7qgC2YY/+3rrp1wlJFWuXCP4ZVfCxbHowTGmwqwg=
Subject key identifier: 57:83:D0:C9:66:01:B1:8B:55:AD:1D:28:0A:39:34:8A:57:87:2C:3E
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0198C3F229D08495EB4AC577ECFB6AF7A46F
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/V4PQyWYBsYtVrR0oCjk0ileHLD4.roa
Signing time: Tue 19 Aug 2025 20:08:04 +0000
ROA not before: Tue 19 Aug 2025 20:08:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:8b85::/32 maxlen: 32
2a0e:6743::/32 maxlen: 32
2a0e:c441::/32 maxlen: 32
2a12:3cc6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c3:f2:29:d0:84:95:eb:4a:c5:77:ec:fb:6a:f7:a4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Aug 19 20:08:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5783d0c96601b18b55ad1d280a39348a57872c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:0c:94:5e:19:b4:09:6a:5b:af:0c:37:38:
12:46:a9:10:e1:6c:88:a3:c1:61:80:e8:2f:55:79:
bc:b8:15:1d:fb:02:6d:1e:d6:4a:78:61:5c:be:f8:
e1:d6:1c:29:eb:49:ce:ef:b2:53:10:28:73:f3:9a:
31:47:95:10:75:65:29:91:90:db:8e:73:af:1c:69:
2d:c9:c4:1b:8c:bb:f1:78:a9:3d:35:99:9c:42:7c:
50:05:dd:98:d4:d8:b3:c4:24:7a:8d:f1:c3:40:d5:
98:c2:a2:db:48:2c:45:22:c6:61:0d:75:28:6f:47:
82:df:34:b4:01:f7:6e:f2:e4:4f:f7:fc:e3:f9:9a:
5e:87:3d:d4:47:95:79:a4:69:2c:69:20:63:2a:0a:
ec:92:7c:f4:b5:b7:91:30:9f:52:88:5b:26:15:a7:
09:66:56:38:98:cf:00:29:77:0b:38:71:d2:f4:66:
24:76:c4:16:3f:3a:99:e5:2f:d0:dc:94:19:41:c6:
8a:4b:6c:7a:31:1c:33:5a:49:7e:0d:4b:14:01:fa:
dc:5e:9d:14:60:8a:8c:2a:35:f3:f6:eb:f6:68:31:
66:52:e9:4e:4a:cb:17:e1:59:d4:54:1a:16:51:98:
8f:a2:82:c6:d6:59:e7:b7:5d:b3:de:07:8f:55:32:
c2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:83:D0:C9:66:01:B1:8B:55:AD:1D:28:0A:39:34:8A:57:87:2C:3E
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/V4PQyWYBsYtVrR0oCjk0ileHLD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b85::/32
2a0e:6743::/32
2a0e:c441::/32
2a12:3cc6::/32
Signature Algorithm: sha256WithRSAEncryption
71:9b:4b:a0:1d:67:08:fa:10:9c:fb:ca:7a:8f:41:9e:07:7c:
e1:72:5a:da:82:ab:23:82:dd:25:69:25:ea:c6:f6:40:92:0b:
aa:e9:f1:b4:82:71:fc:80:65:c3:25:89:4e:d8:2c:c3:36:a0:
bb:16:b5:43:b8:bf:c1:ca:03:22:7c:64:d9:11:41:f5:d1:6f:
ca:8a:37:56:5c:d3:65:6c:3f:a7:01:7f:2a:1b:42:dd:13:f1:
aa:9e:d3:b0:4e:5f:c9:94:5f:4d:81:d1:71:49:06:bb:c5:a3:
18:fe:22:ae:b1:9b:b8:a1:fb:b4:b8:fe:88:95:14:16:3e:3d:
b9:b7:41:32:f4:7f:bf:1d:cb:bf:dc:75:cf:cd:85:a6:db:7b:
0e:88:b7:ca:ee:59:36:ab:8f:fc:d8:1b:58:a2:95:af:3a:0d:
88:33:ee:4a:3a:4a:c9:e1:58:f8:fa:4c:05:cd:cb:2a:7d:17:
e6:14:3b:a4:b4:e2:69:b2:9c:d1:21:5a:70:53:e3:0f:c8:0d:
fd:60:f7:3d:94:0a:36:48:71:87:c2:d4:af:53:81:b8:eb:46:
31:3f:f5:ab:ff:9c:7e:4f:18:e9:d4:44:31:25:62:d6:b6:87:
32:08:22:e4:40:e1:ce:fb:f7:d5:96:80:87:5e:43:1e:d7:93:
27:33:ce:c3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZjD8inQhJXrSsV37Ptq96RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwODE5MjAwODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzgzZDBjOTY2MDFiMThiNTVhZDFkMjgwYTM5MzQ4YTU3ODcyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7MMlF4ZtAlqW68MNzgSRqkQ4WyI
o8FhgOgvVXm8uBUd+wJtHtZKeGFcvvjh1hwp60nO77JTEChz85oxR5UQdWUpkZDb
jnOvHGktycQbjLvxeKk9NZmcQnxQBd2Y1NizxCR6jfHDQNWYwqLbSCxFIsZhDXUo
b0eC3zS0Afdu8uRP9/zj+Zpehz3UR5V5pGksaSBjKgrsknz0tbeRMJ9SiFsmFacJ
ZlY4mM8AKXcLOHHS9GYkdsQWPzqZ5S/Q3JQZQcaKS2x6MRwzWkl+DUsUAfrcXp0U
YIqMKjXz9uv2aDFmUulOSssX4VnUVBoWUZiPooLG1lnnt12z3gePVTLC6wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFeD0MlmAbGLVa0dKAo5NIpXhyw+MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvVjRQUXlXWUJzWXRWclIwb0NqazBpbGVITEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgmLhQMF
ACoOZ0MDBQAqDsRBAwUAKhI8xjANBgkqhkiG9w0BAQsFAAOCAQEAcZtLoB1nCPoQ
nPvKeo9Bngd84XJa2oKrI4LdJWkl6sb2QJILqunxtIJx/IBlwyWJTtgswzaguxa1
Q7i/wcoDInxk2RFB9dFvyoo3VlzTZWw/pwF/KhtC3RPxqp7TsE5fyZRfTYHRcUkG
u8WjGP4irrGbuKH7tLj+iJUUFj49ubdBMvR/vx3Lv9x1z82Fptt7Doi3yu5ZNquP
/NgbWKKVrzoNiDPuSjpKyeFY+PpMBc3LKn0X5hQ7pLTiabKc0SFacFPjD8gN/WD3
PZQKNkhxh8LUr1OBuOtGMT/1q/+cfk8Y6dREMSVi1raHMggi5EDhzvv31ZaAh15D
HteTJzPOww==
-----END CERTIFICATE-----
Generated at Sun Aug 24 05:27:08 2025 by rpki-client