Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-luQCemy9M0kSM82355mkXHaPrY.roa
File: 1-luQCemy9M0kSM82355mkXHaPrY.roa (raw, json)
Hash identifier: Rn84NCkprXkTvclrJBulTbz1nE42Wu3XaN57zLtdGo0=
Subject key identifier: FA:5B:90:09:E9:B2:F4:CD:24:48:CF:36:DF:9E:66:91:71:DA:3E:B6
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01979E3466B0BB09EE51EA8351BDFC3E1051
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-luQCemy9M0kSM82355mkXHaPrY.roa
Signing time: Mon 23 Jun 2025 19:12:03 +0000
ROA not before: Mon 23 Jun 2025 19:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200993
IP address blocks: 2a12:4141::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 07:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:34:66:b0:bb:09:ee:51:ea:83:51:bd:fc:3e:10:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 23 19:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5b9009e9b2f4cd2448cf36df9e669171da3eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:71:2f:81:84:1b:df:d6:bb:f9:65:ff:e8:e8:
96:86:f6:a6:c6:89:c0:42:e8:24:a2:a4:53:c7:a8:
8a:a7:59:58:3d:ac:99:b4:9b:f7:97:40:0b:92:04:
8c:b8:83:f7:fa:26:52:1d:7a:54:82:99:1c:df:84:
bd:ba:fc:9f:70:95:15:ac:27:ea:47:d0:7d:65:28:
bf:56:d0:e1:64:03:2b:f3:55:06:fa:ee:b1:54:0b:
af:89:1e:c6:70:ec:21:a6:a9:e2:83:97:69:13:6e:
2e:3a:87:b4:dc:63:15:16:c5:21:70:e4:f5:94:47:
ad:d9:38:b1:63:64:fc:bb:4e:81:30:80:27:2d:16:
e3:3f:42:39:4d:04:59:8e:b4:9e:27:74:58:0d:c1:
92:c4:06:63:96:17:f3:d9:8c:b1:e4:8a:3a:ce:13:
91:4b:6f:ff:8b:ff:49:60:54:4e:1b:60:fb:c6:fe:
3b:15:7a:c8:92:59:d3:18:10:c3:29:47:47:63:3b:
ae:78:2d:4e:61:78:61:a3:e8:c5:8f:c2:1f:40:2d:
f9:f1:62:13:1a:15:eb:f6:5f:fb:9e:af:b6:58:a4:
15:2b:71:69:30:35:b9:8c:0d:4d:49:41:f6:25:82:
aa:8b:18:9b:f5:24:e2:64:d6:eb:17:28:27:6d:e5:
de:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5B:90:09:E9:B2:F4:CD:24:48:CF:36:DF:9E:66:91:71:DA:3E:B6
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-luQCemy9M0kSM82355mkXHaPrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4141::/32
Signature Algorithm: sha256WithRSAEncryption
7b:2d:0e:8f:9f:6b:3b:3d:23:10:e6:d2:91:a7:f4:42:cf:ea:
eb:10:4d:52:83:99:be:c9:7e:d1:72:6a:c6:b8:2d:3a:08:bb:
3a:96:bb:b4:4b:ca:57:91:12:1a:9e:09:02:27:5b:65:6b:ed:
26:75:16:cf:d0:47:1e:26:77:50:ca:45:a3:64:c7:2c:bf:96:
11:0c:36:a1:34:7a:bb:7b:d4:a9:e7:24:23:01:31:ba:57:ad:
3a:bd:ae:22:2f:f0:1b:6c:cf:45:f9:6b:82:b4:a2:0a:a9:f4:
7a:86:8f:e0:6b:38:bf:e2:1e:b8:d1:2e:43:e1:88:53:60:f5:
5b:02:8a:67:76:44:61:33:21:7c:c3:54:b9:80:31:57:16:12:
6a:fd:91:15:f1:a3:02:dc:64:ad:ec:39:2e:28:0c:ef:13:fa:
c3:ce:c5:73:43:2b:13:57:2e:99:85:b8:22:55:c7:3a:e4:2b:
71:a5:d0:0c:15:c5:3e:4d:8d:f6:b0:e8:c6:8c:65:4e:e5:cf:
ca:74:1c:b5:f1:ea:53:c0:8f:e8:df:bf:1c:e4:54:b8:aa:e8:
d6:19:ff:4a:ca:56:1f:bb:54:e9:e1:98:62:de:3e:f1:f7:38:
c5:5e:0c:a7:de:df:0a:17:bb:94:aa:4b:b9:10:82:a6:89:a0:
59:33:46:6f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZeeNGawuwnuUeqDUb38PhBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjIzMTkxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTViOTAwOWU5YjJmNGNkMjQ0OGNmMzZkZjllNjY5MTcxZGEzZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXEvgYQb39a7+WX/6OiWhvamxonA
QugkoqRTx6iKp1lYPayZtJv3l0ALkgSMuIP3+iZSHXpUgpkc34S9uvyfcJUVrCfq
R9B9ZSi/VtDhZAMr81UG+u6xVAuviR7GcOwhpqnig5dpE24uOoe03GMVFsUhcOT1
lEet2TixY2T8u06BMIAnLRbjP0I5TQRZjrSeJ3RYDcGSxAZjlhfz2Yyx5Io6zhOR
S2//i/9JYFROG2D7xv47FXrIklnTGBDDKUdHYzuueC1OYXhho+jFj8IfQC358WIT
GhXr9l/7nq+2WKQVK3FpMDW5jA1NSUH2JYKqixib9STiZNbrFygnbeXeGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPpbkAnpsvTNJEjPNt+eZpFx2j62MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvMS1sdVFDZW15OU0wa1NNODIzNTVta1hIYVByWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvODk3NDQ5LWU5Y2YtNGE3OS04OWNmLTQxYmIyMWFjMjgw
MS8xL3c0S0F4VEFMZElpS3gtdEwtbVFYMmFMbnNMNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoSQUEw
DQYJKoZIhvcNAQELBQADggEBAHstDo+fazs9IxDm0pGn9ELP6usQTVKDmb7JftFy
asa4LToIuzqWu7RLyleREhqeCQInW2Vr7SZ1Fs/QRx4md1DKRaNkxyy/lhEMNqE0
ert71KnnJCMBMbpXrTq9riIv8Btsz0X5a4K0ogqp9HqGj+BrOL/iHrjRLkPhiFNg
9VsCimd2RGEzIXzDVLmAMVcWEmr9kRXxowLcZK3sOS4oDO8T+sPOxXNDKxNXLpmF
uCJVxzrkK3Gl0AwVxT5Njfaw6MaMZU7lz8p0HLXx6lPAj+jfvxzkVLiq6NYZ/0rK
Vh+7VOnhmGLePvH3OMVeDKfe3woXu5SqS7kQgqaJoFkzRm8=
-----END CERTIFICATE-----
Generated at Tue Jul 1 10:07:49 2025 by rpki-client