Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VCP5vDDvYWubin6WJDYpagJmRiw.roa
File: VCP5vDDvYWubin6WJDYpagJmRiw.roa (raw, json)
Hash identifier: 9B5oRj1pv9qo68rIvOqwcjrCAe/U1vnkt510aYZtgu8=
Subject key identifier: 54:23:F9:BC:30:EF:61:6B:9B:8A:7E:96:24:36:29:6A:02:66:46:2C
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 0197A338883BE62D0DAD77B7A19B3B172C92
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VCP5vDDvYWubin6WJDYpagJmRiw.roa
Signing time: Tue 24 Jun 2025 18:34:40 +0000
ROA not before: Tue 24 Jun 2025 18:34:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a13:4a80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:38:88:3b:e6:2d:0d:ad:77:b7:a1:9b:3b:17:2c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Jun 24 18:34:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5423f9bc30ef616b9b8a7e962436296a0266462c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:74:2c:1e:1e:af:5d:52:df:d4:a3:9d:02:
9f:53:71:a7:bd:b4:18:62:e6:15:9f:9b:5d:21:6d:
03:d7:f7:53:93:32:a8:5b:f4:b2:78:b2:fd:7f:19:
4e:20:aa:2e:4a:02:a9:4b:a7:a2:80:c9:61:27:d6:
4f:69:20:c8:b8:a1:4b:7e:e1:91:8a:6b:98:4b:85:
50:f1:b4:d0:de:2e:c4:2d:cf:66:91:f8:c7:25:d8:
2e:1d:28:f1:1a:59:5d:ab:22:c6:a0:b1:38:db:f0:
85:37:ff:56:68:21:b7:3f:63:63:90:67:cd:6a:fc:
94:de:39:3f:7d:13:1b:ba:e6:f0:20:69:b6:ae:02:
ed:86:d3:ea:28:eb:6c:0e:c7:06:0c:39:5d:81:29:
88:ae:3b:08:63:d0:c8:ab:a4:0f:52:0f:49:e2:9d:
20:19:b4:ac:5c:8d:e5:e4:78:bc:8c:e8:17:a9:3b:
60:d2:5d:93:82:87:0d:df:1d:7b:a8:5b:62:97:04:
be:bf:d7:4b:55:de:90:8f:5c:b0:8c:9d:92:ea:eb:
6b:ed:04:f3:19:84:41:96:a0:be:32:08:3b:d3:1e:
82:a2:7a:06:ab:f8:6b:95:49:33:6c:a4:b8:13:7a:
07:e0:9a:2e:6d:c3:c3:64:87:de:9b:d4:ea:cc:bb:
37:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:23:F9:BC:30:EF:61:6B:9B:8A:7E:96:24:36:29:6A:02:66:46:2C
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VCP5vDDvYWubin6WJDYpagJmRiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4a80::/29
Signature Algorithm: sha256WithRSAEncryption
64:ff:dd:34:e6:42:58:a2:09:a2:c4:3f:7e:4c:aa:39:16:b4:
4a:ca:00:6a:68:43:58:1b:01:ce:5e:12:4a:4a:14:42:3f:f5:
1b:ef:4e:71:e5:67:d5:a0:65:c4:9c:f9:45:a9:3d:6a:c0:10:
b9:41:96:57:e8:20:69:b8:99:64:8c:a9:b8:d3:f8:b3:e9:8a:
50:20:12:17:2e:50:a7:15:8f:fe:3d:b9:7f:d7:c1:46:e5:c3:
94:94:84:95:f6:92:ad:0d:87:86:72:0d:e4:97:db:f0:b8:01:
86:0f:f8:23:94:47:0b:5e:b4:54:4d:cf:3a:72:2f:3f:f8:d5:
26:dd:7c:46:ca:47:cf:0f:e2:ea:6f:f6:7d:12:12:5e:69:c5:
94:2d:96:73:84:e0:29:01:47:43:42:ba:22:ea:40:b7:b3:87:
91:8a:4a:6a:57:cf:78:f4:c7:a3:af:8a:d1:2d:07:dc:3d:16:
cc:87:04:a8:4c:85:38:21:40:07:a1:50:6a:ef:7f:aa:9d:4b:
73:cd:cf:8a:fb:11:f1:b0:bd:7d:a8:a9:6f:70:87:33:34:3b:
71:1b:61:98:b6:6d:54:80:4e:15:48:bc:31:d6:22:36:a2:cb:
05:0f:dc:15:4d:df:85:0c:19:98:a8:77:f9:b3:bc:fd:65:83:
d0:e9:bd:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZejOIg75i0NrXe3oZs7FyySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjUwNjI0MTgzNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDIzZjliYzMwZWY2MTZiOWI4YTdlOTYyNDM2Mjk2YTAyNjY0NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocR0LB4er11S39SjnQKfU3GnvbQY
YuYVn5tdIW0D1/dTkzKoW/SyeLL9fxlOIKouSgKpS6eigMlhJ9ZPaSDIuKFLfuGR
imuYS4VQ8bTQ3i7ELc9mkfjHJdguHSjxGlldqyLGoLE42/CFN/9WaCG3P2NjkGfN
avyU3jk/fRMbuubwIGm2rgLthtPqKOtsDscGDDldgSmIrjsIY9DIq6QPUg9J4p0g
GbSsXI3l5Hi8jOgXqTtg0l2TgocN3x17qFtilwS+v9dLVd6Qj1ywjJ2S6utr7QTz
GYRBlqC+Mgg70x6ConoGq/hrlUkzbKS4E3oH4JoubcPDZIfem9TqzLs3uwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFQj+bww72Frm4p+liQ2KWoCZkYsMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvVkNQNXZERHZZV3ViaW42V0pEWXBhZ0ptUml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNKgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZP/dNOZCWKIJosQ/fkyqORa0SsoAamhDWBsBzl4S
SkoUQj/1G+9OceVn1aBlxJz5Rak9asAQuUGWV+ggabiZZIypuNP4s+mKUCASFy5Q
pxWP/j25f9fBRuXDlJSElfaSrQ2HhnIN5Jfb8LgBhg/4I5RHC160VE3POnIvP/jV
Jt18RspHzw/i6m/2fRISXmnFlC2Wc4TgKQFHQ0K6IupAt7OHkYpKalfPePTHo6+K
0S0H3D0WzIcEqEyFOCFAB6FQau9/qp1Lc83PivsR8bC9faipb3CHMzQ7cRthmLZt
VIBOFUi8MdYiNqLLBQ/cFU3fhQwZmKh3+bO8/WWD0Om9BA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:09:46 2025 by rpki-client