Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/6fJ4zkF0Wp752Gh82PiGV0cycFs.roa
File: 6fJ4zkF0Wp752Gh82PiGV0cycFs.roa (raw, json)
Hash identifier: zmN/ZdPf9fmMKW0I3LZoD4w3jrap740/mP6rHx2Dkzc=
Subject key identifier: E9:F2:78:CE:41:74:5A:9E:F9:D8:68:7C:D8:F8:86:57:47:32:70:5B
Certificate issuer: /CN=aac6af0c29bebc7c485cf8001da9f19930ace45d
Certificate serial: 019836414C55C69156F1B131122E600FDE60
Authority key identifier: AA:C6:AF:0C:29:BE:BC:7C:48:5C:F8:00:1D:A9:F1:99:30:AC:E4:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsavDCm-vHxIXPgAHanxmTCs5F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/6fJ4zkF0Wp752Gh82PiGV0cycFs.roa
Signing time: Wed 23 Jul 2025 07:48:25 +0000
ROA not before: Wed 23 Jul 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199290
IP address blocks: 5.180.248.0/22 maxlen: 22
5.180.248.0/23 maxlen: 23
5.180.248.0/24 maxlen: 24
5.180.249.0/24 maxlen: 24
5.180.250.0/24 maxlen: 24
5.180.251.0/24 maxlen: 24
45.8.64.0/22 maxlen: 22
45.8.64.0/23 maxlen: 23
45.8.64.0/24 maxlen: 24
45.8.65.0/24 maxlen: 24
45.8.66.0/23 maxlen: 23
45.8.66.0/24 maxlen: 24
45.8.67.0/24 maxlen: 24
185.79.4.0/22 maxlen: 24
185.196.16.0/22 maxlen: 24
185.241.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/qsavDCm-vHxIXPgAHanxmTCs5F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/qsavDCm-vHxIXPgAHanxmTCs5F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qsavDCm-vHxIXPgAHanxmTCs5F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:41:4c:55:c6:91:56:f1:b1:31:12:2e:60:0f:de:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac6af0c29bebc7c485cf8001da9f19930ace45d
Validity
Not Before: Jul 23 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9f278ce41745a9ef9d8687cd8f886574732705b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:5f:ba:cf:f8:b6:1c:80:c8:a8:bf:b2:a9:
3e:ea:b7:28:42:c2:a1:b4:be:e9:04:93:4c:1f:30:
dc:df:f1:0b:75:ad:e7:1a:cb:fa:c5:2d:ad:b6:09:
09:c5:f5:96:2b:0a:76:98:14:f5:ef:a6:1f:57:93:
79:80:8c:b9:c4:28:b3:e4:df:c4:4b:2b:5b:45:5d:
c3:12:fa:5d:4b:63:60:17:8e:d1:db:c5:8f:4e:1b:
dd:bc:3f:15:2d:36:97:a2:1b:95:af:01:b9:f7:79:
7e:db:8d:a4:1d:94:08:d8:4e:4d:13:86:a5:20:94:
b0:c5:73:ee:24:24:75:f1:9d:19:23:6b:0a:bb:64:
5b:4f:e6:4c:4c:5a:07:e7:c1:6c:59:d4:34:96:20:
e9:9e:7b:58:48:b0:a2:46:84:24:a4:04:b7:d7:94:
c1:07:28:94:12:d2:55:f8:12:d4:6d:43:bc:1f:ab:
1c:f5:31:9c:87:d0:c2:bf:72:10:11:be:6a:6a:4a:
fe:bf:2f:8b:32:fc:d4:ef:26:6a:a8:5d:84:02:e1:
de:f3:d0:67:7d:78:c1:b0:01:4c:10:e8:20:d9:7b:
30:fe:90:66:38:9f:e3:ad:3b:b5:3a:17:85:39:f2:
4c:62:10:a9:26:0d:bf:0a:29:03:cb:35:3a:57:35:
c7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F2:78:CE:41:74:5A:9E:F9:D8:68:7C:D8:F8:86:57:47:32:70:5B
X509v3 Authority Key Identifier:
keyid:AA:C6:AF:0C:29:BE:BC:7C:48:5C:F8:00:1D:A9:F1:99:30:AC:E4:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsavDCm-vHxIXPgAHanxmTCs5F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/6fJ4zkF0Wp752Gh82PiGV0cycFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f8c445-0aab-4087-a0d3-9347591910a8/1/qsavDCm-vHxIXPgAHanxmTCs5F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.248.0/22
45.8.64.0/22
185.79.4.0/22
185.196.16.0/22
185.241.28.0/22
Signature Algorithm: sha256WithRSAEncryption
43:20:dd:79:24:61:26:b5:21:d8:c9:e9:03:76:8f:e5:e1:c8:
eb:f4:8d:c6:23:9f:55:ce:e9:11:c8:9d:85:a3:dd:23:25:7b:
00:cf:05:fe:ba:3b:08:38:5b:50:b6:59:64:3d:e8:19:05:0f:
5f:39:32:be:82:be:3c:44:d2:96:09:5c:06:5c:65:e6:32:80:
3b:ab:2c:0f:56:d3:e8:bb:0a:a5:b3:f2:d2:41:78:13:59:a3:
93:c5:83:4c:cd:86:41:2e:e2:e5:36:79:22:a2:94:c1:b3:3a:
9c:1a:32:90:c1:64:a7:30:47:85:46:34:99:5d:24:1b:0e:2f:
d4:e9:49:81:55:91:82:fe:79:9b:0f:8d:40:7f:70:25:29:4c:
83:26:63:3d:fd:b7:62:a6:83:7d:2f:2c:e4:1c:01:58:a9:22:
15:16:4e:91:e3:df:b2:8c:90:b2:c5:bd:48:a9:67:2c:31:48:
4e:02:78:93:f2:85:c5:25:ce:3c:ef:85:d1:17:cc:9c:f5:09:
f6:fb:0e:bc:d5:26:5e:e6:33:d4:40:45:35:47:44:1f:0e:9f:
d3:38:3f:ea:19:35:81:57:69:4e:65:01:b9:82:7e:c8:4e:b8:
7b:2f:4f:33:a4:da:9b:16:f9:4d:40:d1:18:98:89:65:1b:8a:
8c:3c:c2:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZg2QUxVxpFW8bExEi5gD95gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzZhZjBjMjliZWJjN2M0ODVjZjgwMDFkYTlmMTk5MzBh
Y2U0NWQwHhcNMjUwNzIzMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWYyNzhjZTQxNzQ1YTllZjlkODY4N2NkOGY4ODY1NzQ3MzI3MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto9fus/4thyAyKi/sqk+6rcoQsKh
tL7pBJNMHzDc3/ELda3nGsv6xS2ttgkJxfWWKwp2mBT176YfV5N5gIy5xCiz5N/E
SytbRV3DEvpdS2NgF47R28WPThvdvD8VLTaXohuVrwG593l+242kHZQI2E5NE4al
IJSwxXPuJCR18Z0ZI2sKu2RbT+ZMTFoH58FsWdQ0liDpnntYSLCiRoQkpAS315TB
ByiUEtJV+BLUbUO8H6sc9TGch9DCv3IQEb5qakr+vy+LMvzU7yZqqF2EAuHe89Bn
fXjBsAFMEOgg2Xsw/pBmOJ/jrTu1OheFOfJMYhCpJg2/CikDyzU6VzXHPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOnyeM5BdFqe+dhofNj4hldHMnBbMB8GA1UdIwQY
MBaAFKrGrwwpvrx8SFz4AB2p8ZkwrORdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNhdkRDbS12SHhJWFBnQUhhbnhtVENzNUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mOGM0NDUtMGFhYi00MDg3LWEwZDMt
OTM0NzU5MTkxMGE4LzEvNmZKNHprRjBXcDc1MkdoODJQaUdWMGN5Y0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mOGM0NDUtMGFhYi00MDg3LWEwZDMtOTM0NzU5MTkxMGE4
LzEvcXNhdkRDbS12SHhJWFBnQUhhbnhtVENzNUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBbT4AwQC
LQhAAwQCuU8EAwQCucQQAwQCufEcMA0GCSqGSIb3DQEBCwUAA4IBAQBDIN15JGEm
tSHYyekDdo/l4cjr9I3GI59VzukRyJ2Fo90jJXsAzwX+ujsIOFtQtllkPegZBQ9f
OTK+gr48RNKWCVwGXGXmMoA7qywPVtPouwqls/LSQXgTWaOTxYNMzYZBLuLlNnki
opTBszqcGjKQwWSnMEeFRjSZXSQbDi/U6UmBVZGC/nmbD41Af3AlKUyDJmM9/bdi
poN9LyzkHAFYqSIVFk6R49+yjJCyxb1IqWcsMUhOAniT8oXFJc4874XRF8yc9Qn2
+w681SZe5jPUQEU1R0QfDp/TOD/qGTWBV2lOZQG5gn7ITrh7L08zpNqbFvlNQNEY
mIllG4qMPMKP
-----END CERTIFICATE-----
Generated at Sun Jul 27 03:06:46 2025 by rpki-client