Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-AIi-_fQE9Zw_jzdXpZvHAJNInk.roa
File: 1-AIi-_fQE9Zw_jzdXpZvHAJNInk.roa (raw, json)
Hash identifier: S7DskItYnL/F5vv4ZlExJfBZqUHm9HZ4XrNRyYZBlGQ=
Subject key identifier: F8:02:22:FB:F7:D0:13:D6:70:FE:3C:DD:5E:96:6F:1C:02:4D:22:79
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01976CF7A2E7A030B8F4928A2AC0C20266DC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-AIi-_fQE9Zw_jzdXpZvHAJNInk.roa
Signing time: Sat 14 Jun 2025 05:44:17 +0000
ROA not before: Sat 14 Jun 2025 05:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29226
IP address blocks: 2a09:6286::/32 maxlen: 32
2a10:4100::/32 maxlen: 32
2a10:4105::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
2a13:3c80::/30 maxlen: 30
2a13:3c84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:f7:a2:e7:a0:30:b8:f4:92:8a:2a:c0:c2:02:66:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 14 05:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f80222fbf7d013d670fe3cdd5e966f1c024d2279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:32:8a:2e:f7:e1:20:4c:30:34:da:be:de:53:
94:2a:93:91:04:af:b1:ce:ae:cc:de:6f:7c:cf:ee:
94:28:03:76:c1:7b:46:5b:9b:df:1c:a7:72:fb:bb:
4e:f2:76:bf:22:93:f8:9c:35:6a:38:e8:35:6e:af:
20:9c:d9:3c:c3:7e:5b:71:07:79:06:7a:33:cc:a7:
93:d1:9b:dc:ad:46:07:06:0a:86:a4:c6:be:4d:d0:
cf:25:ad:c0:81:81:cd:54:fd:e2:29:6f:63:d5:31:
d9:0b:29:5b:93:62:45:cd:f4:94:c0:39:9b:f5:bb:
7d:f8:7c:a7:06:17:f1:86:b0:a7:f1:14:17:fa:bc:
1a:92:fa:4f:ac:83:b3:af:22:2a:c0:38:93:f0:9e:
e4:90:f1:2e:2a:fd:b4:df:e9:da:b9:76:4c:84:a6:
05:20:60:e4:db:78:3c:36:5f:d1:d1:8f:f1:73:89:
42:c8:5c:c8:5f:e0:2c:bd:59:1f:7e:fa:e6:f7:39:
93:8c:6e:ff:27:dd:32:d4:d0:80:e9:1c:05:4d:0c:
f7:7e:ca:a1:18:7b:34:05:f9:2e:b0:50:8b:0b:f1:
ed:5c:fb:cf:df:98:07:2b:9a:da:26:91:12:23:b4:
fb:07:4d:cd:01:13:dd:26:bd:99:2a:3e:f6:3e:af:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:02:22:FB:F7:D0:13:D6:70:FE:3C:DD:5E:96:6F:1C:02:4D:22:79
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-AIi-_fQE9Zw_jzdXpZvHAJNInk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6286::/32
2a10:4100::/32
2a10:4105::/32
2a11:4b44::/32
2a12:a347::/32
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
05:0f:90:87:45:e4:d2:cb:92:4d:3a:9f:97:7a:e7:d8:9d:4a:
d8:1b:4c:53:14:55:74:c0:56:02:b5:8f:a2:b0:a7:8c:5e:f5:
0e:71:f4:1e:45:2f:17:30:31:fe:b9:51:d5:0b:92:d0:28:29:
08:58:f5:46:2c:7b:61:0a:1a:3b:3f:5d:f6:69:6f:74:fb:24:
08:e7:ef:ff:c1:33:7a:f6:27:a4:ae:65:b0:50:f7:ad:88:e2:
16:21:79:c6:48:30:50:08:15:05:64:b3:14:2c:10:a0:b3:34:
ae:ab:f7:69:b7:80:d3:42:50:79:33:04:b2:de:94:d5:ea:21:
4d:f8:a2:0e:67:b5:0a:78:6d:bf:56:ae:f1:88:e4:a3:ca:f0:
08:8c:a5:1c:f9:d8:99:87:0d:33:51:dd:e4:03:e4:31:06:c5:
b2:9e:12:a5:b8:4f:76:8e:05:40:29:24:89:8e:64:f8:09:fd:
30:01:ca:ae:f9:ff:79:e9:bc:15:71:5e:1e:6a:58:b0:42:e5:
28:a0:e9:f6:d1:1c:b1:2e:25:9a:63:6b:2c:40:b2:68:77:40:
ed:3b:9f:ca:43:2d:bb:6e:df:bb:bf:5b:a6:c0:d0:9e:e5:dc:
ad:06:61:89:18:44:cf:3e:68:8d:d0:4a:c5:14:ca:e3:8f:d2:
d7:ef:03:bb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZds96LnoDC49JKKKsDCAmbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNjE0MDU0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAyMjJmYmY3ZDAxM2Q2NzBmZTNjZGQ1ZTk2NmYxYzAyNGQyMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jKKLvfhIEwwNNq+3lOUKpORBK+x
zq7M3m98z+6UKAN2wXtGW5vfHKdy+7tO8na/IpP4nDVqOOg1bq8gnNk8w35bcQd5
BnozzKeT0ZvcrUYHBgqGpMa+TdDPJa3AgYHNVP3iKW9j1THZCylbk2JFzfSUwDmb
9bt9+HynBhfxhrCn8RQX+rwakvpPrIOzryIqwDiT8J7kkPEuKv203+nauXZMhKYF
IGDk23g8Nl/R0Y/xc4lCyFzIX+AsvVkffvrm9zmTjG7/J90y1NCA6RwFTQz3fsqh
GHs0BfkusFCLC/HtXPvP35gHK5raJpESI7T7B03NARPdJr2ZKj72Pq9k6QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPgCIvv30BPWcP483V6WbxwCTSJ5MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMS1BSWktX2ZRRTlad19qemRYcFp2SEFKTkluay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMWZhNmEzLThkYzUtNGMzNS1hNDliLTE3MWMzNjdiZTc4
Mi8xL2RRaEhYX0RZN0pZRE5nRnVEZ1FpR3BqbDdQSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAIwKgMFACoJYoYD
BQAqEEEAAwUAKhBBBQMFACoRS0QDBQAqEqNHAwUDKhM8gDANBgkqhkiG9w0BAQsF
AAOCAQEABQ+Qh0Xk0suSTTqfl3rn2J1K2BtMUxRVdMBWArWPorCnjF71DnH0HkUv
FzAx/rlR1QuS0CgpCFj1Rix7YQoaOz9d9mlvdPskCOfv/8EzevYnpK5lsFD3rYji
FiF5xkgwUAgVBWSzFCwQoLM0rqv3abeA00JQeTMEst6U1eohTfiiDme1Cnhtv1au
8Yjko8rwCIylHPnYmYcNM1Hd5APkMQbFsp4SpbhPdo4FQCkkiY5k+An9MAHKrvn/
eem8FXFeHmpYsELlKKDp9tEcsS4lmmNrLECyaHdA7TufykMtu27fu79bpsDQnuXc
rQZhiRhEzz5ojdBKxRTK44/S1+8Duw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:21:27 2025 by rpki-client