Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/piLj0xqhOh5drHad0DaJGgWpfjk.roa
File: piLj0xqhOh5drHad0DaJGgWpfjk.roa (raw, json)
Hash identifier: XuvfIDV13nXMNzILPh7FLTbHrVCgobckkWNosNAYbgY=
Subject key identifier: A6:22:E3:D3:1A:A1:3A:1E:5D:AC:76:9D:D0:36:89:1A:05:A9:7E:39
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197ADD5D95E923F4CFA205209B23398FD4C
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/piLj0xqhOh5drHad0DaJGgWpfjk.roa
Signing time: Thu 26 Jun 2025 20:02:42 +0000
ROA not before: Thu 26 Jun 2025 20:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:15c0::/32 maxlen: 32
2a11:4a06::/32 maxlen: 32
2a11:b682::/32 maxlen: 32
2a12:4145::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:d5:d9:5e:92:3f:4c:fa:20:52:09:b2:33:98:fd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 26 20:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a622e3d31aa13a1e5dac769dd036891a05a97e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:43:1e:f3:9e:ab:5a:dc:03:64:99:a0:86:a7:
29:ef:18:0e:c2:c3:c0:77:2c:99:97:13:49:27:96:
5d:61:cc:9e:92:69:ba:c0:a0:7d:89:03:cd:3c:ba:
04:c7:e3:6a:21:6e:1c:22:c0:12:89:bf:84:23:ed:
a1:2d:1a:8e:f0:2b:9d:a7:c1:5d:44:d6:71:b4:18:
38:87:cc:55:c2:11:95:ae:e5:a0:de:08:12:4f:8c:
cd:fd:55:51:5b:40:03:90:34:bb:bf:30:0f:08:d7:
26:2d:fb:4f:dc:d4:ad:a0:47:ed:fe:93:09:e1:9a:
5e:b2:85:97:d0:f4:79:14:ca:3a:5f:0b:e1:ad:48:
06:6d:2b:c2:16:b2:cb:1d:51:19:43:c0:43:aa:40:
ff:02:73:1f:01:b6:66:0a:1b:a5:81:bb:58:82:c0:
3c:9f:7d:c5:04:23:82:77:32:70:15:df:23:97:82:
67:6b:44:1c:ff:75:d4:58:d2:0e:d4:4a:06:c0:b6:
dc:be:e1:22:c2:f0:2a:86:50:73:c3:23:65:e0:94:
c7:0f:0c:71:ae:49:db:89:48:18:88:f1:ba:87:a0:
6b:fa:6f:20:c0:47:4e:35:61:2a:62:45:4f:be:63:
07:f4:40:7f:04:43:8c:55:9b:1f:fc:11:e1:2d:fc:
86:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:22:E3:D3:1A:A1:3A:1E:5D:AC:76:9D:D0:36:89:1A:05:A9:7E:39
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/piLj0xqhOh5drHad0DaJGgWpfjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:15c0::/32
2a11:4a06::/32
2a11:b682::/32
2a12:4145::/32
Signature Algorithm: sha256WithRSAEncryption
30:2f:11:21:63:d2:2b:c2:13:98:bf:84:0b:6e:71:ab:0f:6a:
41:5a:07:77:13:58:c7:10:96:42:1b:6c:d3:a2:6a:4d:8a:a4:
e9:b9:ce:79:1b:ab:62:48:08:d4:81:0b:c2:ad:90:72:86:ff:
db:18:2f:13:e1:b8:d6:80:e8:ce:93:b8:a9:b5:55:12:d8:ae:
34:44:70:8c:66:85:e5:01:17:cf:58:7f:36:df:67:d6:e2:a5:
8b:06:15:60:dd:0f:27:ff:8d:c3:8c:50:18:da:a5:2d:f6:0d:
ea:14:e8:7f:00:da:83:80:46:39:a2:0d:04:1d:20:23:43:ca:
9d:07:db:ab:b8:3f:bc:be:96:de:35:3f:14:00:a6:07:c7:34:
1e:11:f5:3e:fd:fe:6c:3d:70:e3:76:b7:88:00:b0:b6:2e:e5:
e2:a9:76:f4:27:ba:fe:91:80:92:10:3b:b3:a9:68:e0:c1:3e:
1e:1e:7e:b7:29:26:7b:90:c9:af:8a:b1:63:a9:15:9c:26:d8:
0d:6a:d6:fe:78:92:c2:92:15:a8:00:5d:51:36:3b:20:3f:94:
5f:00:86:2a:cc:b4:df:51:ec:13:6b:60:6b:31:d3:44:50:37:
21:95:66:5e:29:0b:8e:58:45:6e:64:a4:fc:30:96:8d:af:43:
bb:a2:87:d2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZet1dlekj9M+iBSCbIzmP1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjI2MjAwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjIyZTNkMzFhYTEzYTFlNWRhYzc2OWRkMDM2ODkxYTA1YTk3ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40Me856rWtwDZJmghqcp7xgOwsPA
dyyZlxNJJ5ZdYcyekmm6wKB9iQPNPLoEx+NqIW4cIsASib+EI+2hLRqO8Cudp8Fd
RNZxtBg4h8xVwhGVruWg3ggST4zN/VVRW0ADkDS7vzAPCNcmLftP3NStoEft/pMJ
4ZpesoWX0PR5FMo6XwvhrUgGbSvCFrLLHVEZQ8BDqkD/AnMfAbZmChulgbtYgsA8
n33FBCOCdzJwFd8jl4Jna0Qc/3XUWNIO1EoGwLbcvuEiwvAqhlBzwyNl4JTHDwxx
rknbiUgYiPG6h6Br+m8gwEdONWEqYkVPvmMH9EB/BEOMVZsf/BHhLfyGtwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKYi49MaoToeXax2ndA2iRoFqX45MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvcGlMajB4cWhPaDVkckhhZDBEYUpHZ1dwZmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEVwAMF
ACoRSgYDBQAqEbaCAwUAKhJBRTANBgkqhkiG9w0BAQsFAAOCAQEAMC8RIWPSK8IT
mL+EC25xqw9qQVoHdxNYxxCWQhts06JqTYqk6bnOeRurYkgI1IELwq2Qcob/2xgv
E+G41oDozpO4qbVVEtiuNERwjGaF5QEXz1h/Nt9n1uKliwYVYN0PJ/+Nw4xQGNql
LfYN6hTofwDag4BGOaINBB0gI0PKnQfbq7g/vL6W3jU/FACmB8c0HhH1Pv3+bD1w
43a3iACwti7l4ql29Ce6/pGAkhA7s6lo4ME+Hh5+tykme5DJr4qxY6kVnCbYDWrW
/niSwpIVqABdUTY7ID+UXwCGKsy031HsE2tgazHTRFA3IZVmXikLjlhFbmSk/DCW
ja9Du6KH0g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:47:48 2025 by rpki-client