Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ha9tSONFnxUfjmrF8Y_PSoiEqHw.roa
File: ha9tSONFnxUfjmrF8Y_PSoiEqHw.roa (raw, json)
Hash identifier: OI1m5ZMiOIZwJ6h7w8tMt/ZumiJgnI08ShS6uQrbQ3s=
Subject key identifier: 85:AF:6D:48:E3:45:9F:15:1F:8E:6A:C5:F1:8F:CF:4A:88:84:A8:7C
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0198C3F13F3159FC9D134B189FE1A72B1670
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ha9tSONFnxUfjmrF8Y_PSoiEqHw.roa
Signing time: Tue 19 Aug 2025 20:07:04 +0000
ROA not before: Tue 19 Aug 2025 20:07:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a09:8b81::/32 maxlen: 32
2a0e:6747::/32 maxlen: 32
2a0e:c446::/32 maxlen: 32
2a12:3cc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c3:f1:3f:31:59:fc:9d:13:4b:18:9f:e1:a7:2b:16:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Aug 19 20:07:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85af6d48e3459f151f8e6ac5f18fcf4a8884a87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:01:8a:10:2b:29:d9:34:65:c4:07:3e:19:61:
cb:20:f7:15:27:29:9b:c8:17:b7:ab:b8:06:98:e7:
07:3f:27:c1:5f:60:25:9a:3b:f9:8e:d8:42:bd:31:
47:c3:4e:63:aa:a0:a3:ad:97:8d:2c:cf:be:b1:1a:
d9:de:6f:81:ad:ee:6b:d9:a0:9b:d8:f8:26:30:75:
c8:a5:7a:5a:ad:91:94:e4:74:cc:03:e1:a6:2f:7b:
00:e2:98:51:93:a1:d9:2e:6b:c9:e5:d4:97:a8:a8:
a4:f5:b3:4e:55:3d:63:54:2a:2c:71:81:46:fe:98:
60:23:44:a2:df:a1:09:11:a0:64:e9:58:52:40:a4:
92:ed:14:2e:15:40:4e:5d:20:c1:5b:5e:ed:48:e8:
c9:fe:9a:a4:c4:3e:75:fb:58:3e:cc:cf:b3:85:52:
82:26:1f:56:bd:6a:1a:7e:59:97:45:66:44:9d:4e:
b7:1f:d8:85:c5:45:e2:38:c8:58:2c:fe:3d:23:69:
39:ff:0e:8d:6a:d3:c1:3b:7f:d3:ad:5a:51:d2:ae:
55:0e:b3:1a:5a:f2:ef:4d:6b:88:46:d6:f2:50:e0:
2c:86:80:33:ca:68:f5:eb:3a:cb:3d:f7:6b:ed:7e:
ee:d0:47:2c:9e:8d:0f:06:0f:7d:aa:27:2b:27:31:
20:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AF:6D:48:E3:45:9F:15:1F:8E:6A:C5:F1:8F:CF:4A:88:84:A8:7C
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ha9tSONFnxUfjmrF8Y_PSoiEqHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b81::/32
2a0e:6747::/32
2a0e:c446::/32
2a12:3cc2::/32
Signature Algorithm: sha256WithRSAEncryption
b4:74:b3:6c:3f:32:63:5b:21:bd:71:41:eb:3c:d8:cd:4e:7b:
c9:43:05:88:5b:e4:17:3f:bf:6a:d5:a6:b5:ab:22:7c:8f:90:
fe:b6:47:63:f0:e1:44:06:4d:f6:08:e7:0e:0d:e2:36:89:d9:
af:80:29:7a:41:02:23:df:d3:3c:a1:d3:9e:7d:fb:f0:6a:b4:
65:79:81:26:de:78:50:02:4a:83:c2:55:58:62:e0:bb:a3:e6:
b7:53:30:67:a0:67:a4:c5:48:58:8f:db:56:a1:5f:9f:1b:93:
6d:77:97:88:39:8a:6c:e6:b6:22:af:de:9f:30:54:61:17:6f:
6e:5a:3b:4d:fc:e7:2d:8a:e5:3f:e9:3f:80:02:cc:76:b1:ea:
3f:63:22:aa:34:0e:8b:b4:e2:2e:db:84:ee:87:b3:e3:7b:ad:
79:20:70:87:27:2f:1f:51:57:ce:97:08:91:ac:31:b6:e9:bf:
a7:a6:18:23:89:0f:cf:71:65:18:8f:50:d8:12:85:6c:cf:c8:
f6:02:6f:b1:27:4c:9c:29:b2:12:c4:fe:22:2d:8e:ea:4d:8e:
88:fd:cf:67:e9:e0:68:d6:80:2d:c5:17:a9:f5:23:fa:2d:d5:
8a:cf:3a:65:12:e1:a5:ce:b2:f2:80:ad:3b:1c:d5:05:b7:28:
1c:9b:82:f2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZjD8T8xWfydE0sYn+GnKxZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwODE5MjAwNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFmNmQ0OGUzNDU5ZjE1MWY4ZTZhYzVmMThmY2Y0YTg4ODRhODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwGKECsp2TRlxAc+GWHLIPcVJymb
yBe3q7gGmOcHPyfBX2Almjv5jthCvTFHw05jqqCjrZeNLM++sRrZ3m+Bre5r2aCb
2PgmMHXIpXparZGU5HTMA+GmL3sA4phRk6HZLmvJ5dSXqKik9bNOVT1jVCoscYFG
/phgI0Si36EJEaBk6VhSQKSS7RQuFUBOXSDBW17tSOjJ/pqkxD51+1g+zM+zhVKC
Jh9WvWoaflmXRWZEnU63H9iFxUXiOMhYLP49I2k5/w6NatPBO3/TrVpR0q5VDrMa
WvLvTWuIRtbyUOAshoAzymj16zrLPfdr7X7u0Ecsno0PBg99qicrJzEgnwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIWvbUjjRZ8VH45qxfGPz0qIhKh8MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvaGE5dFNPTkZueFVmam1yRjhZX1BTb2lFcUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgmLgQMF
ACoOZ0cDBQAqDsRGAwUAKhI8wjANBgkqhkiG9w0BAQsFAAOCAQEAtHSzbD8yY1sh
vXFB6zzYzU57yUMFiFvkFz+/atWmtasifI+Q/rZHY/DhRAZN9gjnDg3iNonZr4Ap
ekECI9/TPKHTnn378Gq0ZXmBJt54UAJKg8JVWGLgu6Pmt1MwZ6BnpMVIWI/bVqFf
nxuTbXeXiDmKbOa2Iq/enzBUYRdvblo7TfznLYrlP+k/gALMdrHqP2MiqjQOi7Ti
LtuE7oez43uteSBwhycvH1FXzpcIkawxtum/p6YYI4kPz3FlGI9Q2BKFbM/I9gJv
sSdMnCmyEsT+Ii2O6k2OiP3PZ+ngaNaALcUXqfUj+i3Vis86ZRLhpc6y8oCtOxzV
BbcoHJuC8g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:07:01 2025 by rpki-client