Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/A3WhCggzu4rYOo1yOfgZK9-xHYQ.roa
File: A3WhCggzu4rYOo1yOfgZK9-xHYQ.roa (raw, json)
Hash identifier: 6lM2sKn0Kt/HS6iHxtxrLQeD9LqB5QoOTReZqqvo3Jc=
Subject key identifier: 03:75:A1:0A:08:33:BB:8A:D8:3A:8D:72:39:F8:19:2B:DF:B1:1D:84
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 0197A29BF95542A62F51388E2BA826C92B55
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/A3WhCggzu4rYOo1yOfgZK9-xHYQ.roa
Signing time: Tue 24 Jun 2025 15:43:40 +0000
ROA not before: Tue 24 Jun 2025 15:43:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:2880::/29 maxlen: 29
2a13:d3c0::/29 maxlen: 29
2a13:dec0::/29 maxlen: 29
2a14:1300::/29 maxlen: 29
2a14:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:9b:f9:55:42:a6:2f:51:38:8e:2b:a8:26:c9:2b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Jun 24 15:43:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0375a10a0833bb8ad83a8d7239f8192bdfb11d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:af:4d:e1:64:02:86:4e:fd:8e:f5:fc:40:df:
9a:d3:79:8b:48:e3:c8:a2:68:df:96:9c:7d:b1:fe:
6d:a8:70:84:77:9e:c8:31:d1:48:39:5a:8b:c3:29:
04:d9:68:66:fe:7b:b8:43:de:19:a2:84:2e:20:7e:
d7:6b:ae:85:f9:16:59:e1:66:e6:cf:a4:c5:f4:60:
b1:bb:6e:68:4d:de:2c:1a:7e:72:f4:a4:69:90:f3:
4a:90:4d:af:b5:86:5d:9b:cb:42:99:91:51:ae:32:
fd:1f:65:1c:d2:4c:65:b4:e9:60:16:2e:e1:c7:1f:
de:dc:ff:35:31:f4:b8:fb:2b:20:89:af:df:47:d9:
3d:e5:78:c7:82:be:6c:53:3b:e8:7f:30:97:7d:fc:
a3:4b:f3:93:6b:95:8e:6d:44:c9:7b:d0:9c:8a:f9:
e8:cc:22:23:37:54:82:1c:53:0a:87:fd:49:f6:7d:
8e:ef:af:44:d5:44:9e:9a:6b:07:36:e7:90:34:ef:
c6:de:2e:2e:ee:a0:85:8a:f7:97:01:c6:75:f7:88:
0a:20:e2:3a:9b:3c:3c:c2:13:27:08:3a:06:d3:ac:
f1:b3:b0:97:2c:2d:ea:12:7f:43:07:71:86:56:2e:
7a:2b:02:71:84:bd:ef:9b:d8:54:b8:91:a8:8f:c5:
a3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:75:A1:0A:08:33:BB:8A:D8:3A:8D:72:39:F8:19:2B:DF:B1:1D:84
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/A3WhCggzu4rYOo1yOfgZK9-xHYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2880::/29
2a13:d3c0::/29
2a13:dec0::/29
2a14:1300::/29
2a14:1500::/29
Signature Algorithm: sha256WithRSAEncryption
07:c5:63:05:84:ee:2a:82:f3:48:e7:ba:ea:4c:d8:f7:6e:be:
d0:2a:7e:48:e8:eb:df:35:1f:cb:36:f4:e1:9d:60:19:73:21:
11:58:ad:b2:e8:0a:0e:79:ed:ec:cf:7d:e7:51:79:a3:4d:0d:
78:4c:21:e7:16:5c:89:54:7e:00:fb:ad:ac:4c:d8:f4:e4:57:
60:cc:58:e4:de:03:e6:de:fd:1a:e8:74:28:26:15:4c:ab:7c:
b0:ab:b5:7e:96:8e:21:3a:f4:3f:5d:3d:bb:fc:21:03:ad:1b:
29:2c:7e:61:a1:6a:c1:bb:b9:57:72:3a:eb:75:d9:e1:99:5d:
5d:f0:bf:35:2f:d3:22:6b:e0:52:39:91:41:84:ae:95:e0:3a:
04:58:d8:76:2f:9f:d4:43:b1:fe:49:ae:04:72:4a:d9:55:d6:
4f:bc:8b:27:5a:5a:ac:a4:1d:46:6a:ef:c4:88:f7:b3:6c:4b:
e4:9a:93:35:95:71:0d:07:c3:33:2a:7d:82:10:67:11:5f:75:
a1:20:88:c3:56:b8:5e:b5:f5:c6:42:98:5b:3b:1a:d0:76:3b:
52:c7:e3:90:6a:79:d2:cf:9e:93:aa:5e:54:fd:7d:32:3e:92:
d2:c5:77:aa:fb:07:40:b0:6c:a3:c6:e4:6f:e3:6b:b1:7c:1f:
d1:d4:da:14
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZeim/lVQqYvUTiOK6gmyStVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjUwNjI0MTU0MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc1YTEwYTA4MzNiYjhhZDgzYThkNzIzOWY4MTkyYmRmYjExZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma9N4WQChk79jvX8QN+a03mLSOPI
omjflpx9sf5tqHCEd57IMdFIOVqLwykE2Whm/nu4Q94ZooQuIH7Xa66F+RZZ4Wbm
z6TF9GCxu25oTd4sGn5y9KRpkPNKkE2vtYZdm8tCmZFRrjL9H2Uc0kxltOlgFi7h
xx/e3P81MfS4+ysgia/fR9k95XjHgr5sUzvofzCXffyjS/OTa5WObUTJe9Ccivno
zCIjN1SCHFMKh/1J9n2O769E1USemmsHNueQNO/G3i4u7qCFiveXAcZ194gKIOI6
mzw8whMnCDoG06zxs7CXLC3qEn9DB3GGVi56KwJxhL3vm9hUuJGoj8Wj/wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAN1oQoIM7uK2DqNcjn4GSvfsR2EMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvQTNXaENnZ3p1NHJZT28xeU9mZ1pLOS14SFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhMogAMF
AyoT08ADBQMqE97AAwUDKhQTAAMFAyoUFQAwDQYJKoZIhvcNAQELBQADggEBAAfF
YwWE7iqC80jnuupM2PduvtAqfkjo6981H8s29OGdYBlzIRFYrbLoCg557ezPfedR
eaNNDXhMIecWXIlUfgD7raxM2PTkV2DMWOTeA+be/RrodCgmFUyrfLCrtX6WjiE6
9D9dPbv8IQOtGyksfmGhasG7uVdyOut12eGZXV3wvzUv0yJr4FI5kUGErpXgOgRY
2HYvn9RDsf5JrgRyStlV1k+8iydaWqykHUZq78SI97NsS+SakzWVcQ0HwzMqfYIQ
ZxFfdaEgiMNWuF619cZCmFs7GtB2O1LH45BqedLPnpOqXlT9fTI+ktLFd6r7B0Cw
bKPG5G/ja7F8H9HU2hQ=
-----END CERTIFICATE-----
Generated at Thu Jul 3 03:08:16 2025 by rpki-client