
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8EKc5hUahN_d6c6PznxuNrKg9tI.roa
File: 8EKc5hUahN_d6c6PznxuNrKg9tI.roa (raw, json)
Hash identifier: b3TAMpPmh1LeZMUPJrskhZjvWeWGSWUlQR6rEcVzaks=
Subject key identifier: F0:42:9C:E6:15:1A:84:DF:DD:E9:CE:8F:CE:7C:6E:36:B2:A0:F6:D2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01995C9C7E58C649CBF0467E2DD01437E43B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8EKc5hUahN_d6c6PznxuNrKg9tI.roa
Signing time: Thu 18 Sep 2025 11:36:23 +0000
ROA not before: Thu 18 Sep 2025 11:36:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a12:a343::/32 maxlen: 32
2a13:93c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:9c:7e:58:c6:49:cb:f0:46:7e:2d:d0:14:37:e4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 18 11:36:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0429ce6151a84dfdde9ce8fce7c6e36b2a0f6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:09:1e:da:d4:e2:e9:6a:3b:82:1e:14:11:a1:
53:0e:b5:d1:b0:35:07:71:6d:18:68:45:c3:db:17:
ed:f6:a6:80:a2:0a:22:37:41:0b:84:16:64:b2:18:
cb:f6:f8:00:fe:51:99:21:6b:b1:6f:4e:d3:c9:a8:
a7:52:fe:ac:be:6c:95:7c:b4:10:f6:83:0c:36:89:
39:10:96:67:35:f4:6d:ce:1d:cc:19:ed:1e:e1:23:
ed:3f:d9:60:73:30:54:64:cc:f8:fb:ac:a5:21:d2:
9f:02:c1:40:a0:d0:9a:4b:23:7a:06:0f:37:bd:5a:
00:6d:d1:76:db:42:5d:68:5d:15:fa:5c:26:ba:39:
25:a7:63:db:da:b5:a3:66:62:7c:08:10:a3:9b:97:
59:40:5a:45:a9:7a:12:f8:29:ec:61:df:5a:54:1d:
1b:dd:30:4c:50:ee:ff:60:f2:bb:db:25:1f:20:3a:
28:a5:aa:19:55:e4:1d:a3:42:ac:c9:76:dd:85:d3:
7b:87:e2:c5:aa:c0:bd:cd:14:0c:86:07:c3:d9:d1:
59:55:16:72:c1:57:4c:31:5a:6c:e5:c5:38:41:18:
d1:09:5c:a9:dd:b5:ed:c5:ae:ec:2d:cb:34:5c:b3:
d1:1a:93:f7:37:8c:3f:b3:cc:d4:3f:36:d4:b3:15:
ec:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:42:9C:E6:15:1A:84:DF:DD:E9:CE:8F:CE:7C:6E:36:B2:A0:F6:D2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8EKc5hUahN_d6c6PznxuNrKg9tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a343::/32
2a13:93c3::/32
Signature Algorithm: sha256WithRSAEncryption
3f:e2:53:e2:87:d1:12:ad:d7:3c:49:4c:46:e2:0b:4b:00:01:
c3:10:36:74:c6:aa:f3:4e:54:33:84:66:e3:1b:52:12:8e:a3:
e4:bd:d4:2a:38:25:98:a3:cf:26:0d:56:80:cd:90:d1:14:b8:
09:eb:8f:29:ad:8b:00:ed:f2:a2:14:87:4b:79:f0:08:e5:18:
ed:24:51:8e:14:35:af:1a:79:d8:39:ef:e4:c6:25:a1:ce:c7:
3f:b4:7b:2f:ac:48:24:bf:8e:2e:45:91:6f:42:76:42:6e:e7:
a7:d0:68:9a:54:4f:36:ac:99:8d:7a:b7:3c:2c:3f:75:9b:5f:
69:5d:36:75:89:37:3d:05:bf:76:de:1b:19:1e:1c:2f:7c:c9:
63:1a:f7:bd:88:61:d7:72:8d:c3:cd:5d:bb:ea:f1:07:9f:69:
6c:14:11:11:0c:a9:23:7b:8b:09:75:1b:79:ad:a5:57:cd:02:
44:4c:1b:61:80:59:6f:f8:7b:f2:9d:45:a7:38:d9:89:6d:f8:
93:b3:80:7b:d3:39:ef:cb:cb:b6:76:1b:45:a0:cf:21:b2:95:
84:70:77:10:f7:eb:69:06:f4:50:f0:32:ad:ca:43:e2:06:06:
85:d8:70:46:43:60:fc:b1:cb:c3:7c:e8:6e:d5:a3:aa:8b:45:
29:5f:2c:65
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZlcnH5YxknL8EZ+LdAUN+Q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTE4MTEzNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQyOWNlNjE1MWE4NGRmZGRlOWNlOGZjZTdjNmUzNmIyYTBmNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQke2tTi6Wo7gh4UEaFTDrXRsDUH
cW0YaEXD2xft9qaAogoiN0ELhBZkshjL9vgA/lGZIWuxb07TyainUv6svmyVfLQQ
9oMMNok5EJZnNfRtzh3MGe0e4SPtP9lgczBUZMz4+6ylIdKfAsFAoNCaSyN6Bg83
vVoAbdF220JdaF0V+lwmujklp2Pb2rWjZmJ8CBCjm5dZQFpFqXoS+CnsYd9aVB0b
3TBMUO7/YPK72yUfIDoopaoZVeQdo0KsyXbdhdN7h+LFqsC9zRQMhgfD2dFZVRZy
wVdMMVps5cU4QRjRCVyp3bXtxa7sLcs0XLPRGpP3N4w/s8zUPzbUsxXseQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPBCnOYVGoTf3enOj858bjayoPbSMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOEVLYzVoVWFoTl9kNmM2UHpueHVOcktnOXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhKjQwMF
ACoTk8MwDQYJKoZIhvcNAQELBQADggEBAD/iU+KH0RKt1zxJTEbiC0sAAcMQNnTG
qvNOVDOEZuMbUhKOo+S91Co4JZijzyYNVoDNkNEUuAnrjymtiwDt8qIUh0t58Ajl
GO0kUY4UNa8aedg57+TGJaHOxz+0ey+sSCS/ji5FkW9CdkJu56fQaJpUTzasmY16
tzwsP3WbX2ldNnWJNz0Fv3beGxkeHC98yWMa972IYddyjcPNXbvq8QefaWwUEREM
qSN7iwl1G3mtpVfNAkRMG2GAWW/4e/KdRac42Ylt+JOzgHvTOe/Ly7Z2G0WgzyGy
lYRwdxD362kG9FDwMq3KQ+IGBoXYcEZDYPyxy8N86G7Vo6qLRSlfLGU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:50 2025 by rpki-client