Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/xEp6XmkmNbTybu1XUwMmDt6_9jE.roa
File: xEp6XmkmNbTybu1XUwMmDt6_9jE.roa (raw, json)
Hash identifier: cZqbPTueBj9vCDYnLlC1UgUveS09KimRo59Frnm2fPQ=
Subject key identifier: C4:4A:7A:5E:69:26:35:B4:F2:6E:ED:57:53:03:26:0E:DE:BF:F6:31
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 01982CD04DD12C5C4017BE4D16DAB18924EF
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/xEp6XmkmNbTybu1XUwMmDt6_9jE.roa
Signing time: Mon 21 Jul 2025 11:48:25 +0000
ROA not before: Mon 21 Jul 2025 11:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
89.63.32.0/24 maxlen: 24
89.63.240.0/20 maxlen: 20
185.35.12.0/22 maxlen: 24
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:d0:4d:d1:2c:5c:40:17:be:4d:16:da:b1:89:24:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Jul 21 11:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c44a7a5e692635b4f26eed575303260edebff631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:8e:53:9b:f0:72:e4:8a:7e:75:a6:89:c6:
e1:a0:09:57:c8:83:a5:e4:cb:63:a8:fe:a3:8f:d1:
f3:17:db:12:98:a7:56:bf:20:27:dd:d2:0a:c7:8e:
db:71:4f:e6:b4:7b:13:f2:2a:c8:f1:cc:c2:ea:49:
ad:6c:78:71:9f:8e:9e:fd:fd:99:75:7b:28:12:88:
ac:a8:c5:eb:5a:11:98:33:80:6a:9a:53:0b:e3:d5:
b2:5d:11:70:c2:cf:a3:99:0c:45:f4:4b:f8:ac:22:
1a:95:64:cd:02:5c:6c:08:25:33:76:87:d8:0e:46:
0d:fa:1c:cb:e8:c7:04:2f:75:9d:d6:19:66:43:a3:
7a:06:df:16:33:94:00:79:bc:cc:19:d3:7d:85:7f:
bb:77:c9:7c:e5:4a:fa:2b:03:94:3a:16:c3:3b:44:
e3:00:41:b8:8c:db:6d:64:e3:6a:d0:1c:82:99:e1:
44:b9:67:c3:68:e1:ad:28:55:9f:1c:0f:34:c7:20:
ff:bf:2b:4f:af:3d:c2:96:b6:96:c4:a9:d4:38:6e:
fd:2f:54:ba:96:11:8a:58:f7:e1:a1:13:61:49:f5:
cb:65:be:23:c2:f5:0d:cf:a5:b6:d3:ac:43:37:7e:
c8:44:33:13:1c:1f:e6:2d:36:a8:1e:b5:65:1e:4c:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4A:7A:5E:69:26:35:B4:F2:6E:ED:57:53:03:26:0E:DE:BF:F6:31
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/xEp6XmkmNbTybu1XUwMmDt6_9jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0-89.63.32.255
89.63.240.0/20
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
bd:4d:f0:31:a8:69:52:8e:94:50:f0:ff:e9:f9:67:31:52:f3:
8a:8c:2b:1d:2c:4a:fa:ac:12:4a:b0:88:34:86:d0:23:63:18:
6f:57:6c:bf:32:d7:a0:31:22:1e:a1:ad:d2:7e:69:39:34:a8:
e5:e5:b5:f0:02:a1:b7:35:75:4b:71:c5:27:11:07:ce:9f:62:
91:2c:e3:5b:46:be:94:62:da:34:99:e7:49:d6:2f:ee:85:f6:
0c:21:56:ae:6c:6a:cb:bb:77:77:8d:e7:74:fe:46:f0:e1:0c:
56:dd:0f:cf:b1:39:ef:2d:e9:3b:55:00:65:eb:d1:db:f6:92:
2e:4c:b2:ed:a8:15:55:f4:65:7f:85:c8:39:b8:73:34:eb:e0:
c6:54:d6:a6:f9:22:4a:2d:26:60:ca:c9:85:47:ed:d9:ae:cf:
3b:86:6e:84:51:1d:c0:c7:0f:10:dc:f9:d1:7c:2c:2f:b5:c1:
ac:40:af:5e:a2:e2:43:87:70:6e:b0:19:67:95:5e:91:a2:e5:
57:0d:a3:f0:b5:e6:e7:8b:5b:e9:2b:76:93:a2:33:51:f5:61:
aa:3d:63:5c:01:10:36:ae:24:6c:4d:fc:77:47:f3:b6:60:b0:
dc:9b:a4:9e:b0:bb:45:c1:ec:bb:ab:60:1e:b9:1f:7d:06:59:
fa:62:11:fe
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZgs0E3RLFxAF75NFtqxiSTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjUwNzIxMTE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRhN2E1ZTY5MjYzNWI0ZjI2ZWVkNTc1MzAzMjYwZWRlYmZmNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8qOU5vwcuSKfnWmicbhoAlXyIOl
5MtjqP6jj9HzF9sSmKdWvyAn3dIKx47bcU/mtHsT8irI8czC6kmtbHhxn46e/f2Z
dXsoEoisqMXrWhGYM4BqmlML49WyXRFwws+jmQxF9Ev4rCIalWTNAlxsCCUzdofY
DkYN+hzL6McEL3Wd1hlmQ6N6Bt8WM5QAebzMGdN9hX+7d8l85Ur6KwOUOhbDO0Tj
AEG4jNttZONq0ByCmeFEuWfDaOGtKFWfHA80xyD/vytPrz3ClraWxKnUOG79L1S6
lhGKWPfhoRNhSfXLZb4jwvUNz6W206xDN37IRDMTHB/mLTaoHrVlHky2ewIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMRKel5pJjW08m7tV1MDJg7ev/YxMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEveEVwNlhta21OYlR5YnUxWFV3TW1EdDZfOWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA7BAIAATA1MAsDAwBZPwME
AFk/IAMEBFk/8AMEArkjDDAMAwQHwwSAAwQEwwSgMAwDBAPDBLgDBAPDBNAwDQQC
AAIwBwMFAyoA3KAwDQYJKoZIhvcNAQELBQADggEBAL1N8DGoaVKOlFDw/+n5ZzFS
84qMKx0sSvqsEkqwiDSG0CNjGG9XbL8y16AxIh6hrdJ+aTk0qOXltfACobc1dUtx
xScRB86fYpEs41tGvpRi2jSZ50nWL+6F9gwhVq5sasu7d3eN53T+RvDhDFbdD8+x
Oe8t6TtVAGXr0dv2ki5Msu2oFVX0ZX+FyDm4czTr4MZU1qb5IkotJmDKyYVH7dmu
zzuGboRRHcDHDxDc+dF8LC+1waxAr16i4kOHcG6wGWeVXpGi5VcNo/C15ueLW+kr
dpOiM1H1Yao9Y1wBEDauJGxN/HdH87ZgsNybpJ6wu0XB7LurYB65H30GWfpiEf4=
-----END CERTIFICATE-----
Generated at Tue Jul 29 02:22:57 2025 by rpki-client