Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l5eVEzNjzW3_os8yZlGEjZfz_cE.roa
File: l5eVEzNjzW3_os8yZlGEjZfz_cE.roa (raw, json)
Hash identifier: BVR/Q6GqH0ZQNXkAgvPrEuEB4GMZxu+FJ12HAakU494=
Subject key identifier: 97:97:95:13:33:63:CD:6D:FF:A2:CF:32:66:51:84:8D:97:F3:FD:C1
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0198D2A41162CD551916D0DB498A3845F299
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l5eVEzNjzW3_os8yZlGEjZfz_cE.roa
Signing time: Fri 22 Aug 2025 16:37:04 +0000
ROA not before: Fri 22 Aug 2025 16:37:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213505
IP address blocks: 2a10:4107::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:a4:11:62:cd:55:19:16:d0:db:49:8a:38:45:f2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 22 16:37:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=979795133363cd6dffa2cf326651848d97f3fdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:a8:ab:27:a3:7a:0d:47:ba:63:32:1c:0b:
3f:7a:ca:41:2b:ad:f6:32:e6:70:86:e6:7e:b6:24:
e1:45:4c:c5:0b:63:2c:b8:24:5e:ee:d7:65:8b:d8:
d2:97:3d:7f:f2:54:62:c5:c1:ff:4e:5d:f1:a7:dc:
22:51:ac:f1:86:82:1c:f3:fd:ce:ac:5c:ef:bc:83:
40:07:18:86:0a:c9:1b:24:90:b3:43:98:78:72:fb:
2c:b0:e5:a2:8a:37:50:3a:83:50:3b:a6:17:bc:0f:
65:0a:38:9a:ea:8f:e4:48:ef:c4:b9:f6:ca:f6:c4:
27:d5:71:c7:4e:05:71:4c:44:6f:b5:89:c5:ad:3c:
b8:ff:f2:18:6d:75:96:18:24:55:b7:7b:d9:c7:af:
23:28:eb:c4:67:da:d0:1a:47:6f:dc:f7:28:59:d8:
e1:ca:c9:2f:dd:9d:71:2e:b0:da:a0:43:fa:ba:b2:
8b:98:8a:53:54:bd:3e:d8:d4:cc:5b:73:eb:54:40:
a3:36:fb:43:21:a3:c8:11:90:12:c5:3c:df:ef:ce:
b1:3b:39:19:81:68:9a:d7:30:e8:15:8e:08:9a:8a:
30:b5:df:4d:5c:67:3f:4e:94:29:d1:9e:d3:96:0b:
e9:71:c5:64:fb:be:40:bf:0f:cd:d6:df:e1:99:00:
b0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:97:95:13:33:63:CD:6D:FF:A2:CF:32:66:51:84:8D:97:F3:FD:C1
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l5eVEzNjzW3_os8yZlGEjZfz_cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4107::/32
Signature Algorithm: sha256WithRSAEncryption
c1:d2:fa:e9:e4:10:82:a1:e2:26:40:d6:4d:6d:c1:5d:7a:b6:
94:72:9f:c3:20:a0:65:1f:7d:d6:31:52:19:36:f5:c5:f4:73:
66:3c:0c:de:26:3a:11:b2:19:97:dc:c3:24:43:de:f0:eb:e8:
9d:60:27:49:bf:b2:67:e6:8b:27:ad:c8:c4:2c:21:21:3e:e0:
1f:49:4c:bb:94:fe:b4:09:ea:72:a2:79:af:51:8b:e1:67:9e:
f2:98:70:34:f3:03:e9:bf:05:05:e8:f6:15:f1:87:02:3e:c9:
0f:10:58:c2:9e:66:0f:e7:c7:45:6d:47:1b:2e:b0:b9:bc:31:
4a:8a:51:0e:8c:69:8b:89:c8:18:52:04:27:97:88:ca:c2:f5:
af:75:58:34:a6:72:d5:85:d8:fa:67:5a:e9:b8:35:a1:88:0d:
22:42:44:3d:e8:df:27:96:36:77:50:41:25:f5:49:f2:99:8c:
50:52:69:8f:98:c0:7a:00:65:9d:29:f3:15:81:2f:a5:59:b4:
02:3b:48:7b:64:0e:9b:73:57:66:f6:aa:89:bf:59:1e:a0:87:
85:e0:31:3d:9d:db:a3:21:10:dc:f9:24:b9:3c:ba:83:b4:a5:
00:78:85:3e:d9:77:85:d2:f7:ed:f8:20:1d:6d:45:e4:8d:d2:
85:1b:ae:b7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjSpBFizVUZFtDbSYo4RfKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwODIyMTYzNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk3OTUxMzMzNjNjZDZkZmZhMmNmMzI2NjUxODQ4ZDk3ZjNmZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApraoqyejeg1HumMyHAs/espBK632
MuZwhuZ+tiThRUzFC2MsuCRe7tdli9jSlz1/8lRixcH/Tl3xp9wiUazxhoIc8/3O
rFzvvINABxiGCskbJJCzQ5h4cvsssOWiijdQOoNQO6YXvA9lCjia6o/kSO/EufbK
9sQn1XHHTgVxTERvtYnFrTy4//IYbXWWGCRVt3vZx68jKOvEZ9rQGkdv3PcoWdjh
yskv3Z1xLrDaoEP6urKLmIpTVL0+2NTMW3PrVECjNvtDIaPIEZASxTzf786xOzkZ
gWia1zDoFY4Imoowtd9NXGc/TpQp0Z7TlgvpccVk+75Avw/N1t/hmQCwsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJeXlRMzY81t/6LPMmZRhI2X8/3BMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbDVlVkV6Tmp6VzNfb3M4eVpsR0VqWmZ6X2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBBBzAN
BgkqhkiG9w0BAQsFAAOCAQEAwdL66eQQgqHiJkDWTW3BXXq2lHKfwyCgZR991jFS
GTb1xfRzZjwM3iY6EbIZl9zDJEPe8OvonWAnSb+yZ+aLJ63IxCwhIT7gH0lMu5T+
tAnqcqJ5r1GL4Wee8phwNPMD6b8FBej2FfGHAj7JDxBYwp5mD+fHRW1HGy6wubwx
SopRDoxpi4nIGFIEJ5eIysL1r3VYNKZy1YXY+mda6bg1oYgNIkJEPejfJ5Y2d1BB
JfVJ8pmMUFJpj5jAegBlnSnzFYEvpVm0AjtIe2QOm3NXZvaqib9ZHqCHheAxPZ3b
oyEQ3PkkuTy6g7SlAHiFPtl3hdL37fggHW1F5I3ShRuutw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:48:27 2025 by rpki-client