Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxDCjm6wjynMra5WGkzJGoCPrhs.roa
File: VxDCjm6wjynMra5WGkzJGoCPrhs.roa (raw, json)
Hash identifier: 6jDW1q/fW7zMLlE0XVbr19PIoHkbmzCNYkeTGYpRMW4=
Subject key identifier: 57:10:C2:8E:6E:B0:8F:29:CC:AD:AE:56:1A:4C:C9:1A:80:8F:AE:1B
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197A845414814857FD41D8155644A6E9DA5
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxDCjm6wjynMra5WGkzJGoCPrhs.roa
Signing time: Wed 25 Jun 2025 18:06:40 +0000
ROA not before: Wed 25 Jun 2025 18:06:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211852
IP address blocks: 2a11:15c7::/32 maxlen: 32
2a11:4a02::/32 maxlen: 32
2a11:8506::/32 maxlen: 32
2a12:4146::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:45:41:48:14:85:7f:d4:1d:81:55:64:4a:6e:9d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 25 18:06:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5710c28e6eb08f29ccadae561a4cc91a808fae1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:48:0d:4d:ba:09:0f:7a:88:62:c1:1b:f9:
bc:76:cf:03:30:30:2f:59:fc:f5:03:97:fb:c7:16:
05:d6:54:0a:e1:bd:7a:7e:78:13:dd:11:3a:61:a8:
64:a8:20:8c:16:46:9e:a4:5e:46:77:8f:94:96:5f:
68:f0:49:1a:1b:f2:03:3e:a7:9f:b3:27:0c:49:2d:
9d:ad:08:1a:79:40:8b:83:af:2d:0d:78:b5:5f:1d:
29:b9:fe:3e:de:de:f3:e8:57:78:31:09:f2:2b:d1:
73:51:d1:e8:d1:ef:ae:b1:bc:a1:14:55:9a:eb:ba:
88:63:f4:7c:85:31:4e:0c:53:95:af:2f:0d:84:9c:
fd:da:4c:0d:df:e5:a4:ac:11:22:3f:47:48:27:c1:
d3:5a:69:09:40:9b:88:01:fc:2c:22:28:d0:9f:5c:
18:9f:c8:99:4b:e2:d4:2e:8e:81:2a:9b:c3:99:b7:
36:b4:8c:60:85:e6:d0:46:05:d1:58:db:85:9a:21:
ae:47:9c:0b:bc:16:3c:4b:fb:df:c4:b1:7b:cf:f7:
b0:63:20:f6:6f:2f:d3:09:a4:2a:6a:c0:48:90:b1:
e0:2d:54:c0:35:31:69:db:c4:00:e6:2d:ab:3f:dc:
68:2e:3a:10:c6:5c:34:43:4e:ea:bf:61:94:9f:95:
0e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:10:C2:8E:6E:B0:8F:29:CC:AD:AE:56:1A:4C:C9:1A:80:8F:AE:1B
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxDCjm6wjynMra5WGkzJGoCPrhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:15c7::/32
2a11:4a02::/32
2a11:8506::/32
2a12:4146::/32
Signature Algorithm: sha256WithRSAEncryption
9e:4e:f9:d4:15:e7:a9:93:bf:d1:13:7d:5b:b1:4c:14:6b:dd:
16:6a:b1:13:82:e4:d5:89:07:58:ec:42:c1:16:77:11:f7:e0:
93:53:31:65:58:88:86:cc:e5:ab:e0:ca:ee:c2:6d:46:41:fc:
0a:85:19:4d:e4:89:ad:6d:42:b7:6f:b4:b6:29:fa:ae:5e:2a:
76:6f:c7:03:d2:4f:31:0b:0e:db:14:55:3c:b3:48:ab:92:9c:
77:82:ef:ed:ef:60:9f:27:dc:59:6d:f3:b4:33:f5:1c:ad:a8:
11:8e:0e:a3:b7:79:0d:c3:f8:b5:fd:ed:5b:eb:c7:dd:d3:94:
3a:9c:83:b9:7d:37:bf:ef:05:5d:a6:33:2d:56:b8:da:db:53:
8f:2d:fa:d1:cf:9c:f7:9e:30:9c:71:37:5a:24:2e:87:38:c8:
3a:36:37:bc:b2:a7:4b:02:87:3c:64:0f:ac:1e:43:7a:f0:cd:
fd:6e:35:84:e5:c7:fd:08:0c:11:6d:01:8a:af:83:80:59:d3:
5e:69:ac:cb:1a:c6:a9:52:8d:ea:d8:cb:f9:a8:78:d8:dc:f3:
78:92:c1:4b:16:cf:41:eb:fb:51:a7:9d:b7:99:f1:37:0f:d2:
93:8b:9b:29:42:4f:cf:0f:d6:3a:7f:02:10:6d:37:2a:27:49:
01:20:f6:ef
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZeoRUFIFIV/1B2BVWRKbp2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjI1MTgwNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzEwYzI4ZTZlYjA4ZjI5Y2NhZGFlNTYxYTRjYzkxYTgwOGZhZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4dIDU26CQ96iGLBG/m8ds8DMDAv
Wfz1A5f7xxYF1lQK4b16fngT3RE6YahkqCCMFkaepF5Gd4+Ull9o8EkaG/IDPqef
sycMSS2drQgaeUCLg68tDXi1Xx0puf4+3t7z6Fd4MQnyK9FzUdHo0e+usbyhFFWa
67qIY/R8hTFODFOVry8NhJz92kwN3+WkrBEiP0dIJ8HTWmkJQJuIAfwsIijQn1wY
n8iZS+LULo6BKpvDmbc2tIxghebQRgXRWNuFmiGuR5wLvBY8S/vfxLF7z/ewYyD2
by/TCaQqasBIkLHgLVTANTFp28QA5i2rP9xoLjoQxlw0Q07qv2GUn5UO4wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFcQwo5usI8pzK2uVhpMyRqAj64bMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvVnhEQ2ptNndqeW5NcmE1V0drekpHb0NQcmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEVxwMF
ACoRSgIDBQAqEYUGAwUAKhJBRjANBgkqhkiG9w0BAQsFAAOCAQEAnk751BXnqZO/
0RN9W7FMFGvdFmqxE4Lk1YkHWOxCwRZ3Effgk1MxZViIhszlq+DK7sJtRkH8CoUZ
TeSJrW1Ct2+0tin6rl4qdm/HA9JPMQsO2xRVPLNIq5Kcd4Lv7e9gnyfcWW3ztDP1
HK2oEY4Oo7d5DcP4tf3tW+vH3dOUOpyDuX03v+8FXaYzLVa42ttTjy360c+c954w
nHE3WiQuhzjIOjY3vLKnSwKHPGQPrB5DevDN/W41hOXH/QgMEW0Biq+DgFnTXmms
yxrGqVKN6tjL+ah42NzzeJLBSxbPQev7Uaedt5nxNw/Sk4ubKUJPzw/WOn8CEG03
KidJASD27w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:49:30 2025 by rpki-client