Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBl5-It1tvEuwI_VBvJ2CKaOVAk.roa
File: CBl5-It1tvEuwI_VBvJ2CKaOVAk.roa (raw, json)
Hash identifier: hHtcRkIvI5vz1usQE8NSnM5D6yFBszZnoLmZ+eF9zUA=
Subject key identifier: 08:19:79:F8:8B:75:B6:F1:2E:C0:8F:D5:06:F2:76:08:A6:8E:54:09
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01995B7DCF6EE871D1F428F416599FC4FD49
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBl5-It1tvEuwI_VBvJ2CKaOVAk.roa
Signing time: Thu 18 Sep 2025 06:23:15 +0000
ROA not before: Thu 18 Sep 2025 06:23:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a10:4101::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:7d:cf:6e:e8:71:d1:f4:28:f4:16:59:9f:c4:fd:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 18 06:23:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=081979f88b75b6f12ec08fd506f27608a68e5409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:dd:9f:ef:b7:8f:45:fc:33:56:27:6c:5f:
51:c0:b2:18:ca:f7:6f:32:ad:cf:eb:68:88:16:4b:
27:4c:bb:f1:d7:79:78:a9:f3:3a:d3:2b:2f:a4:e8:
fa:73:d3:42:b8:16:30:36:5a:cc:a7:d0:62:48:a9:
72:68:33:78:78:f9:ca:42:29:6f:b3:5c:e6:42:d2:
c0:bd:3a:7f:eb:e7:78:61:32:8a:83:12:93:e7:b8:
a7:fe:b7:72:ea:db:45:33:94:81:b9:77:d7:88:4b:
24:e0:8a:34:9c:cd:51:a6:84:ae:01:c3:ba:3e:3f:
c0:7a:50:55:02:c5:98:1f:be:fc:4d:fc:41:0e:1d:
4b:a4:b1:ec:f1:fa:6a:b9:b0:28:89:ff:b2:fc:61:
bd:83:34:33:6b:e4:5c:0a:d1:4b:98:8c:3c:67:d5:
bd:df:f8:23:e7:77:a1:a3:10:6a:7e:e7:c7:d2:6e:
6f:78:71:24:22:ba:85:a0:67:1c:03:04:f3:df:43:
46:d3:da:33:de:68:0c:4d:36:dd:de:fd:0a:88:3c:
d6:ce:25:1a:6d:38:c8:7b:e4:c9:70:77:4b:98:e8:
50:f9:0a:36:38:df:5f:99:9b:26:7c:4b:d3:9e:14:
38:0a:ed:1b:73:af:b2:7f:a8:63:66:4e:19:b3:36:
c3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:19:79:F8:8B:75:B6:F1:2E:C0:8F:D5:06:F2:76:08:A6:8E:54:09
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBl5-It1tvEuwI_VBvJ2CKaOVAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4101::/32
Signature Algorithm: sha256WithRSAEncryption
ca:49:29:d0:58:4e:75:8a:48:5d:49:d5:9e:97:96:ab:44:06:
0d:00:64:54:c7:d8:39:fa:45:bc:a0:72:ca:49:d0:41:f8:52:
7a:df:cd:d3:45:a6:7e:04:2f:7a:2c:61:36:ad:e9:a0:9c:d5:
52:b3:2f:e9:d2:f9:e3:50:50:50:79:f0:a0:0f:52:f2:fe:c1:
99:23:95:87:bb:95:14:73:8d:0a:7d:dc:05:d3:17:44:82:6b:
11:9c:55:2a:33:64:1d:6c:b3:50:b0:66:91:92:97:87:1b:99:
87:f7:ee:71:1d:f0:3d:81:8a:67:d5:41:33:4e:e5:bc:6e:54:
78:55:85:1a:e7:55:d5:d1:24:22:69:a4:84:78:97:be:68:28:
40:28:58:3a:f0:ea:19:03:c5:ba:d5:b2:0b:e0:c1:be:32:2e:
c0:e2:41:95:9a:4e:19:b6:43:1a:a3:1a:c8:88:f5:7d:aa:21:
6b:4b:5d:a0:2d:c9:cd:38:74:a4:ea:04:81:48:c2:d5:f0:16:
e6:cd:05:58:28:1e:57:6c:4b:01:fb:c4:53:a5:4b:e9:d3:ca:
60:fd:bb:ea:b9:24:4c:9a:ec:4a:31:f1:a4:ed:b2:cb:a4:35:
59:65:ef:fb:60:bd:a9:98:ef:81:39:7a:15:9d:19:e0:47:9e:
f7:f9:a6:d8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZlbfc9u6HHR9Cj0FlmfxP1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTE4MDYyMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE5NzlmODhiNzViNmYxMmVjMDhmZDUwNmYyNzYwOGE2OGU1NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tTdn++3j0X8M1YnbF9RwLIYyvdv
Mq3P62iIFksnTLvx13l4qfM60ysvpOj6c9NCuBYwNlrMp9BiSKlyaDN4ePnKQilv
s1zmQtLAvTp/6+d4YTKKgxKT57in/rdy6ttFM5SBuXfXiEsk4Io0nM1RpoSuAcO6
Pj/AelBVAsWYH778TfxBDh1LpLHs8fpqubAoif+y/GG9gzQza+RcCtFLmIw8Z9W9
3/gj53ehoxBqfufH0m5veHEkIrqFoGccAwTz30NG09oz3mgMTTbd3v0KiDzWziUa
bTjIe+TJcHdLmOhQ+Qo2ON9fmZsmfEvTnhQ4Cu0bc6+yf6hjZk4ZszbDVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAgZefiLdbbxLsCP1QbydgimjlQJMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQ0JsNS1JdDF0dkV1d0lfVkJ2SjJDS2FPVkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBBATAN
BgkqhkiG9w0BAQsFAAOCAQEAykkp0FhOdYpIXUnVnpeWq0QGDQBkVMfYOfpFvKBy
yknQQfhSet/N00WmfgQveixhNq3poJzVUrMv6dL541BQUHnwoA9S8v7BmSOVh7uV
FHONCn3cBdMXRIJrEZxVKjNkHWyzULBmkZKXhxuZh/fucR3wPYGKZ9VBM07lvG5U
eFWFGudV1dEkImmkhHiXvmgoQChYOvDqGQPFutWyC+DBvjIuwOJBlZpOGbZDGqMa
yIj1faoha0tdoC3JzTh0pOoEgUjC1fAW5s0FWCgeV2xLAfvEU6VL6dPKYP276rkk
TJrsSjHxpO2yy6Q1WWXv+2C9qZjvgTl6FZ0Z4Eee9/mm2A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:01 2025 by rpki-client