Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/r7o6ijFUqvnND24Y52_4OtsxwMQ.roa
File: r7o6ijFUqvnND24Y52_4OtsxwMQ.roa (raw, json)
Hash identifier: S7atgaEzVYEGYQ85XqqlANoBvn9y4bSJMzdlTZhhid0=
Subject key identifier: AF:BA:3A:8A:31:54:AA:F9:CD:0F:6E:18:E7:6F:F8:3A:DB:31:C0:C4
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01979E3E782BC4092C380FAA27551CE31B14
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/r7o6ijFUqvnND24Y52_4OtsxwMQ.roa
Signing time: Mon 23 Jun 2025 19:23:03 +0000
ROA not before: Mon 23 Jun 2025 19:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:f04::/32 maxlen: 32
2a0e:f07::/32 maxlen: 32
2a0e:67c5::/32 maxlen: 32
2a11:15c1::/32 maxlen: 32
2a11:15c6::/32 maxlen: 32
2a11:3180::/32 maxlen: 32
2a11:4a04::/32 maxlen: 32
2a11:4a07::/32 maxlen: 32
2a11:7883::/32 maxlen: 32
2a11:8500::/32 maxlen: 32
2a11:8507::/32 maxlen: 32
2a12:4144::/32 maxlen: 32
2a12:4147::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:3e:78:2b:c4:09:2c:38:0f:aa:27:55:1c:e3:1b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 23 19:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afba3a8a3154aaf9cd0f6e18e76ff83adb31c0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:31:ed:fc:56:24:12:92:08:f2:c4:34:be:9a:
d7:9f:3a:3a:63:17:70:e8:89:bb:09:41:72:bb:33:
d4:3c:a6:6d:dc:33:a8:4f:eb:ff:79:ff:f9:33:c5:
93:1c:8a:31:e1:bc:23:eb:4b:f5:4a:eb:d5:cb:3f:
e1:28:29:c4:97:4d:3d:a8:7e:dc:a7:85:d8:96:c0:
7f:9b:5a:76:d2:f4:d6:20:16:f3:14:2d:29:9d:f1:
90:07:2b:a6:b4:34:d8:f8:6e:79:3d:6f:ed:9c:5e:
40:09:39:91:b9:83:82:3e:b2:9f:61:79:cd:9a:b6:
1b:1b:31:24:2f:30:7b:09:02:e5:a5:b7:3a:9a:b3:
cd:da:24:e8:4f:f2:da:4a:e9:b8:d1:cf:3e:75:b4:
d4:3e:3c:90:d0:d3:43:5d:ca:bc:7d:fb:4b:8b:5a:
40:25:c7:59:6b:2c:c0:df:d0:d1:1f:49:6b:3a:25:
9b:31:ed:4a:9e:92:d1:ca:d6:f0:8e:14:48:31:2d:
0a:f8:0b:44:42:63:9f:8d:58:98:fb:b6:57:0e:90:
b7:b9:30:1d:e9:9e:91:2d:a5:d9:52:2a:6e:4a:a3:
a5:e7:56:5b:ba:92:3e:44:0c:aa:f4:d1:51:da:fd:
bf:48:f5:bd:13:13:af:eb:f2:bc:70:c9:0d:01:83:
32:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BA:3A:8A:31:54:AA:F9:CD:0F:6E:18:E7:6F:F8:3A:DB:31:C0:C4
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/r7o6ijFUqvnND24Y52_4OtsxwMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f04::/32
2a0e:f07::/32
2a0e:67c5::/32
2a11:15c1::/32
2a11:15c6::/32
2a11:3180::/32
2a11:4a04::/32
2a11:4a07::/32
2a11:7883::/32
2a11:8500::/32
2a11:8507::/32
2a12:4144::/32
2a12:4147::/32
Signature Algorithm: sha256WithRSAEncryption
3f:08:dd:f4:4d:c9:cb:15:d4:18:6a:fd:23:1a:79:e2:00:ec:
d0:13:8d:ec:7d:50:e2:ef:a0:99:99:d6:a6:9b:be:96:cf:45:
65:24:b2:11:02:9c:c3:19:0e:29:22:6c:2d:86:f0:ed:e0:68:
7f:89:26:21:cb:8e:c4:d6:6a:f3:a7:70:bb:91:dd:52:b6:6b:
48:8a:6c:cd:96:3e:e9:d7:fd:f2:a0:21:d1:da:fb:2c:fa:cc:
02:8b:28:fa:f5:05:34:1e:35:4a:f0:00:41:cb:4b:f9:65:0f:
82:cc:b1:48:e2:fb:46:4e:68:d6:17:86:73:9b:82:49:d1:21:
61:93:dc:2e:3f:30:05:f5:36:4c:3e:27:fc:a6:f8:aa:cc:03:
bd:d2:27:ab:af:cc:6f:9a:1b:c5:1b:c3:1a:36:e3:91:36:ae:
3e:6a:e0:e4:ff:21:c9:62:76:33:77:f8:1b:ff:34:5e:40:86:
3f:58:4d:18:55:76:24:7b:a0:97:0f:06:aa:37:7e:79:34:6b:
ee:3b:38:fb:2a:93:37:8e:47:53:74:ee:a5:23:18:f6:3b:27:
1e:2c:29:f4:d3:d7:19:d0:89:a9:d7:1a:f4:7f:55:5a:4d:11:
5b:25:06:d3:26:fe:48:17:22:dc:be:9b:15:c3:e3:b9:bd:97:
d7:c9:de:db
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZeePngrxAksOA+qJ1Uc4xsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjIzMTkyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJhM2E4YTMxNTRhYWY5Y2QwZjZlMThlNzZmZjgzYWRiMzFjMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjHt/FYkEpII8sQ0vprXnzo6Yxdw
6Im7CUFyuzPUPKZt3DOoT+v/ef/5M8WTHIox4bwj60v1SuvVyz/hKCnEl009qH7c
p4XYlsB/m1p20vTWIBbzFC0pnfGQByumtDTY+G55PW/tnF5ACTmRuYOCPrKfYXnN
mrYbGzEkLzB7CQLlpbc6mrPN2iToT/LaSum40c8+dbTUPjyQ0NNDXcq8fftLi1pA
JcdZayzA39DRH0lrOiWbMe1KnpLRytbwjhRIMS0K+AtEQmOfjViY+7ZXDpC3uTAd
6Z6RLaXZUipuSqOl51ZbupI+RAyq9NFR2v2/SPW9ExOv6/K8cMkNAYMy1QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFK+6OooxVKr5zQ9uGOdv+DrbMcDEMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvcjdvNmlqRlVxdm5ORDI0WTUyXzRPdHN4d01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUAKg4PBAMF
ACoODwcDBQAqDmfFAwUAKhEVwQMFACoRFcYDBQAqETGAAwUAKhFKBAMFACoRSgcD
BQAqEXiDAwUAKhGFAAMFACoRhQcDBQAqEkFEAwUAKhJBRzANBgkqhkiG9w0BAQsF
AAOCAQEAPwjd9E3JyxXUGGr9Ixp54gDs0BON7H1Q4u+gmZnWppu+ls9FZSSyEQKc
wxkOKSJsLYbw7eBof4kmIcuOxNZq86dwu5HdUrZrSIpszZY+6df98qAh0dr7LPrM
Aoso+vUFNB41SvAAQctL+WUPgsyxSOL7Rk5o1heGc5uCSdEhYZPcLj8wBfU2TD4n
/Kb4qswDvdInq6/Mb5obxRvDGjbjkTauPmrg5P8hyWJ2M3f4G/80XkCGP1hNGFV2
JHuglw8Gqjd+eTRr7js4+yqTN45HU3TupSMY9jsnHiwp9NPXGdCJqdca9H9VWk0R
WyUG0yb+SBci3L6bFcPjub2X18ne2w==
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:06:25 2025 by rpki-client