Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O2VA2BZ6F3RJtY3AefLbDqbjATc.roa
File: O2VA2BZ6F3RJtY3AefLbDqbjATc.roa (raw, json)
Hash identifier: k12I4WD7YbIAGRU14UiZG26tiBA9XRNMqPcFVKP+8t0=
Subject key identifier: 3B:65:40:D8:16:7A:17:74:49:B5:8D:C0:79:F2:DB:0E:A6:E3:01:37
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0197A17358931C63287B8DD8CFF50D110AE4
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O2VA2BZ6F3RJtY3AefLbDqbjATc.roa
Signing time: Tue 24 Jun 2025 10:19:40 +0000
ROA not before: Tue 24 Jun 2025 10:19:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:6284::/32 maxlen: 32
2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a10:4104::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a13:93c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:73:58:93:1c:63:28:7b:8d:d8:cf:f5:0d:11:0a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 24 10:19:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b6540d8167a177449b58dc079f2db0ea6e30137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7a:40:0e:73:84:cc:68:92:6c:c0:10:9b:5c:
2f:de:da:a6:fe:8f:02:f6:28:8a:49:65:37:bb:b3:
c1:08:cc:16:ac:89:9d:e9:7b:9a:86:b7:b9:99:33:
7d:a0:5f:96:7d:58:94:03:af:d6:f4:d6:ed:30:29:
44:5f:cd:ee:1c:54:cd:6b:5f:4c:f6:7b:bd:54:30:
87:45:6d:bd:3f:7e:9b:d2:6f:10:aa:0b:aa:0d:df:
b8:18:99:c6:dc:c5:e3:5d:d8:71:ae:4a:71:61:bc:
9c:17:c6:b4:5a:2d:08:4e:db:e3:70:4f:4d:51:0d:
f4:c9:4e:4a:ce:32:59:92:d9:80:5e:4c:70:d8:cb:
01:1e:95:7e:de:6f:56:95:d6:f6:38:35:01:0e:7f:
69:a6:08:93:d2:b3:07:46:cd:78:8a:d8:a6:81:67:
86:7a:4a:6b:79:49:28:3b:33:fb:d5:f0:5a:6e:8d:
73:52:5a:d3:61:b8:e9:b9:1f:94:b1:6e:e3:1c:f6:
06:06:60:70:0e:d6:1e:75:0a:02:af:7e:36:4a:3c:
01:e1:c3:9b:72:be:64:c7:0a:b3:c6:05:6f:bf:bb:
de:47:1d:ff:de:ba:da:c7:19:87:e1:7b:27:a0:a4:
5f:bc:8e:d2:ee:14:73:f1:15:bb:b4:59:63:a7:e3:
bd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:65:40:D8:16:7A:17:74:49:B5:8D:C0:79:F2:DB:0E:A6:E3:01:37
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O2VA2BZ6F3RJtY3AefLbDqbjATc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6284::/32
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a10:4104::/32
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a13:93c3::/32
Signature Algorithm: sha256WithRSAEncryption
6d:37:c8:67:e7:89:c9:97:5e:ca:82:58:5a:01:9f:50:87:58:
18:6a:da:45:71:58:7b:15:26:67:38:cf:b7:a6:4a:dc:ef:bd:
08:e3:62:50:c1:96:71:c9:6e:5c:77:1a:8d:b0:6c:5e:71:ba:
a0:eb:46:9a:1f:41:59:a3:84:ca:dc:34:31:af:7e:a1:e2:d7:
76:ca:2d:6a:85:6f:07:89:62:e7:4a:66:74:ee:41:e4:78:a2:
f3:7b:09:b0:d9:ae:0f:ad:aa:8b:d8:f1:f6:46:17:f0:a6:82:
7b:58:03:77:e3:b7:93:8c:e0:9f:d0:8e:8a:37:87:e2:de:5d:
fd:d0:95:56:d4:b0:0f:6d:3c:84:bb:51:98:bf:c3:0a:81:b9:
4d:f6:2c:33:3e:d9:c3:68:a5:c8:c7:00:c3:1a:a9:4e:fb:e3:
85:6c:f5:d7:59:f6:41:1c:a3:e0:d1:ac:5e:84:a2:33:5a:21:
4c:8c:33:5a:35:d6:f2:85:e4:03:4a:51:41:38:12:69:6d:83:
94:a3:c6:06:99:35:62:ac:8f:2a:b0:49:77:5f:97:42:70:f6:
e8:e0:54:06:45:b5:73:9a:2e:05:4a:8f:26:5e:6d:19:ba:db:
59:0a:b1:5f:29:f5:01:09:7f:d8:0d:06:dc:25:17:40:f5:de:
c5:97:87:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZehc1iTHGMoe43Yz/UNEQrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNjI0MTAxOTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY1NDBkODE2N2ExNzc0NDliNThkYzA3OWYyZGIwZWE2ZTMwMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2npADnOEzGiSbMAQm1wv3tqm/o8C
9iiKSWU3u7PBCMwWrImd6Xuahre5mTN9oF+WfViUA6/W9NbtMClEX83uHFTNa19M
9nu9VDCHRW29P36b0m8QqguqDd+4GJnG3MXjXdhxrkpxYbycF8a0Wi0ITtvjcE9N
UQ30yU5KzjJZktmAXkxw2MsBHpV+3m9Wldb2ODUBDn9ppgiT0rMHRs14itimgWeG
ekpreUkoOzP71fBabo1zUlrTYbjpuR+UsW7jHPYGBmBwDtYedQoCr342SjwB4cOb
cr5kxwqzxgVvv7veRx3/3rraxxmH4XsnoKRfvI7S7hRz8RW7tFljp+O9sQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDtlQNgWehd0SbWNwHny2w6m4wE3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTzJWQTJCWjZGM1JKdFkzQWVmTGJEcWJqQVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8AwUAKglihDAO
AwUGKgnlwAMFACoJ5cYDBQMqDrFAAwUAKhBBBDAOAwUAKhKjQwMFACoSo0QDBQAq
E5PDMA0GCSqGSIb3DQEBCwUAA4IBAQBtN8hn54nJl17KglhaAZ9Qh1gYatpFcVh7
FSZnOM+3pkrc770I42JQwZZxyW5cdxqNsGxecbqg60aaH0FZo4TK3DQxr36h4td2
yi1qhW8HiWLnSmZ07kHkeKLzewmw2a4PraqL2PH2RhfwpoJ7WAN347eTjOCf0I6K
N4fi3l390JVW1LAPbTyEu1GYv8MKgblN9iwzPtnDaKXIxwDDGqlO++OFbPXXWfZB
HKPg0axehKIzWiFMjDNaNdbyheQDSlFBOBJpbYOUo8YGmTVirI8qsEl3X5dCcPbo
4FQGRbVzmi4FSo8mXm0ZuttZCrFfKfUBCX/YDQbcJRdA9d7Fl4e4
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:51:30 2025 by rpki-client