Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/HcN2gdm9gOEIgcHPMP-W9ZnlcUw.roa
File: HcN2gdm9gOEIgcHPMP-W9ZnlcUw.roa (raw, json)
Hash identifier: N+CqOXxB6Ih/1s1CE254m5auzMH5uFnT/go6OIZT6TM=
Subject key identifier: 1D:C3:76:81:D9:BD:80:E1:08:81:C1:CF:30:FF:96:F5:99:E5:71:4C
Certificate issuer: /CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Certificate serial: 01977A18899DBC5D3525F9712FD9A8863506
Authority key identifier: 6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/HcN2gdm9gOEIgcHPMP-W9ZnlcUw.roa
Signing time: Mon 16 Jun 2025 18:55:17 +0000
ROA not before: Mon 16 Jun 2025 18:55:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21058
IP address blocks: 80.83.160.0/21 maxlen: 21
80.83.160.0/23 maxlen: 23
80.83.160.0/24 maxlen: 24
80.83.161.0/24 maxlen: 24
80.83.162.0/23 maxlen: 23
80.83.162.0/24 maxlen: 24
80.83.163.0/24 maxlen: 24
80.83.164.0/23 maxlen: 23
80.83.164.0/24 maxlen: 24
80.83.165.0/24 maxlen: 24
80.83.166.0/23 maxlen: 23
80.83.166.0/24 maxlen: 24
80.83.167.0/24 maxlen: 24
80.83.168.0/23 maxlen: 23
80.83.168.0/24 maxlen: 24
80.83.169.0/24 maxlen: 24
80.83.171.0/24 maxlen: 24
80.83.172.0/22 maxlen: 22
80.83.172.0/23 maxlen: 23
80.83.172.0/24 maxlen: 24
80.83.173.0/24 maxlen: 24
80.83.174.0/23 maxlen: 23
80.83.174.0/24 maxlen: 24
80.83.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7a:18:89:9d:bc:5d:35:25:f9:71:2f:d9:a8:86:35:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Validity
Not Before: Jun 16 18:55:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc37681d9bd80e10881c1cf30ff96f599e5714c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fb:e4:05:36:5a:d8:cb:27:79:0c:8e:e4:33:
22:4a:a1:c7:85:51:41:16:ca:a4:8c:ef:6b:c5:58:
d8:bf:ea:2e:80:1f:09:c0:43:dd:15:9f:71:f0:c4:
74:10:15:c0:97:2d:f9:7b:4c:cd:b8:3a:ad:e2:9f:
6b:da:f6:14:b7:97:aa:8f:2e:81:00:53:61:07:d3:
96:bb:12:10:44:d9:64:32:70:6a:d2:25:2f:8f:74:
46:32:d8:46:72:08:6e:4c:cc:ee:31:22:03:4a:28:
69:a8:cf:ea:e2:98:01:fe:6a:29:ae:4c:fd:97:e6:
15:20:d6:e2:38:ee:33:01:8e:51:f0:5c:4b:e3:b1:
41:9c:c0:ee:77:a0:5b:f7:ea:56:cb:fa:72:43:c8:
26:4c:88:7b:db:05:a9:0e:bb:03:5e:ab:db:5b:dd:
41:f9:2f:e1:67:f4:1a:47:7a:eb:72:1e:4c:93:df:
8e:71:69:7f:8d:d3:92:b4:8b:32:48:00:08:7c:fb:
f8:7f:aa:c0:7f:c5:c7:72:e8:a2:5f:84:34:b6:8f:
15:77:9e:42:66:55:94:60:e6:f2:56:55:f1:d8:83:
ab:7c:44:9b:91:87:0f:99:53:fb:23:6d:5e:d7:ad:
b1:f9:7b:e3:87:bd:fd:1e:11:27:7c:43:52:b9:a7:
52:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C3:76:81:D9:BD:80:E1:08:81:C1:CF:30:FF:96:F5:99:E5:71:4C
X509v3 Authority Key Identifier:
keyid:6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/HcN2gdm9gOEIgcHPMP-W9ZnlcUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.160.0-80.83.169.255
80.83.171.0-80.83.175.255
Signature Algorithm: sha256WithRSAEncryption
63:56:fa:f0:ce:26:d9:44:94:59:bc:d6:f8:63:4e:04:06:c2:
86:d1:41:ed:3e:00:d5:bd:6c:3f:f6:ad:97:45:a7:15:51:0b:
ce:75:b3:f2:6e:32:2b:21:0e:f9:9f:d7:e9:be:c1:dc:99:63:
0f:d2:95:a8:78:a9:47:0b:02:88:13:e5:4b:c0:9f:99:e1:66:
e9:02:68:00:4e:78:43:c2:99:1f:7e:e5:11:19:e8:ae:63:3b:
1d:23:df:4f:12:7f:10:26:91:4c:17:77:66:4c:08:9f:04:f0:
55:5f:b7:66:5c:e3:1a:a4:f8:7f:42:8c:33:b8:3b:33:91:b6:
f7:64:35:0a:5f:c8:7b:cb:00:44:b5:f6:7d:d4:bb:bd:06:05:
4f:54:4c:01:d5:a0:8b:b5:10:4d:7f:69:44:57:84:fe:04:6a:
4d:10:73:45:0a:bf:7c:71:08:50:34:ac:99:e0:17:a3:4b:1c:
7e:76:b6:e4:4f:c4:7a:aa:8d:e0:ec:96:d9:5d:ae:c9:42:10:
ff:f8:05:2c:8d:4d:f9:c7:a1:03:3b:1e:b7:81:b3:4c:a7:89:
d6:61:11:0a:3f:39:e4:0a:f3:24:6d:2f:12:35:9b:b1:26:fe:
c7:89:54:90:3a:e9:a7:66:21:85:89:db:29:0f:53:d4:0f:80:
f6:90:84:94
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZd6GImdvF01JflxL9mohjUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZDcwZWYyNWU1MjJjMGQyNmU5NzdhMWQyNGZmNzdlYWQz
YWRhMTkwHhcNMjUwNjE2MTg1NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMzNzY4MWQ5YmQ4MGUxMDg4MWMxY2YzMGZmOTZmNTk5ZTU3MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfvkBTZa2MsneQyO5DMiSqHHhVFB
FsqkjO9rxVjYv+ougB8JwEPdFZ9x8MR0EBXAly35e0zNuDqt4p9r2vYUt5eqjy6B
AFNhB9OWuxIQRNlkMnBq0iUvj3RGMthGcghuTMzuMSIDSihpqM/q4pgB/moprkz9
l+YVINbiOO4zAY5R8FxL47FBnMDud6Bb9+pWy/pyQ8gmTIh72wWpDrsDXqvbW91B
+S/hZ/QaR3rrch5Mk9+OcWl/jdOStIsySAAIfPv4f6rAf8XHcuiiX4Q0to8Vd55C
ZlWUYObyVlXx2IOrfESbkYcPmVP7I21e162x+Xvjh739HhEnfENSuadS5wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB3DdoHZvYDhCIHBzzD/lvWZ5XFMMB8GA1UdIwQY
MBaAFGrXDvJeUiwNJul3odJP936tOtoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYt
OTQwNGUxNzcyMDBlLzEvSGNOMmdkbTlnT0VJZ2NIUE1QLVc5Wm5sY1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYtOTQwNGUxNzcyMDBl
LzEvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAVQU6AD
BAFQU6gwDAMEAFBTqwMEBFBToDANBgkqhkiG9w0BAQsFAAOCAQEAY1b68M4m2USU
WbzW+GNOBAbChtFB7T4A1b1sP/atl0WnFVELznWz8m4yKyEO+Z/X6b7B3JljD9KV
qHipRwsCiBPlS8CfmeFm6QJoAE54Q8KZH37lERnormM7HSPfTxJ/ECaRTBd3ZkwI
nwTwVV+3ZlzjGqT4f0KMM7g7M5G292Q1Cl/Ie8sARLX2fdS7vQYFT1RMAdWgi7UQ
TX9pRFeE/gRqTRBzRQq/fHEIUDSsmeAXo0scfna25E/EeqqN4OyW2V2uyUIQ//gF
LI1N+cehAzset4GzTKeJ1mERCj855ArzJG0vEjWbsSb+x4lUkDrpp2YhhYnbKQ9T
1A+A9pCElA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 03:27:37 2025 by rpki-client