Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6onl_NOMtaQboSHgVscT09XqK3M.roa
File: 6onl_NOMtaQboSHgVscT09XqK3M.roa (raw, json)
Hash identifier: pERQqyxT7W2VuQxLb5oH11/aVNUBq1fHo/5UiIpRRos=
Subject key identifier: EA:89:E5:FC:D3:8C:B5:A4:1B:A1:21:E0:56:C7:13:D3:D5:EA:2B:73
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01982C26058150FB1DECDAFA37D841656618
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6onl_NOMtaQboSHgVscT09XqK3M.roa
Signing time: Mon 21 Jul 2025 08:42:25 +0000
ROA not before: Mon 21 Jul 2025 08:42:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50716
IP address blocks: 93.171.72.0/22 maxlen: 24
93.171.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:26:05:81:50:fb:1d:ec:da:fa:37:d8:41:65:66:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 21 08:42:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea89e5fcd38cb5a41ba121e056c713d3d5ea2b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:eb:dd:9e:9d:7d:44:a6:08:86:15:0b:df:
c3:fd:4b:bd:3c:aa:cb:85:bc:94:5b:0c:ba:54:1b:
bb:bf:00:a7:56:9a:9e:d0:48:dd:c6:16:db:00:d8:
b9:53:b2:09:65:cf:83:4f:3e:89:96:56:e4:a3:60:
43:1f:42:00:55:21:25:f7:7f:76:36:8a:9a:e7:0a:
9c:fa:29:61:1b:cb:4a:a6:19:17:ae:b2:2f:4c:5c:
54:5a:4e:c1:7e:ad:2b:0b:07:42:40:44:3c:ff:56:
13:e6:09:6a:da:82:0a:21:73:db:47:18:5e:5c:b2:
c5:2f:12:f6:4d:64:29:d3:7e:90:a1:57:69:48:0e:
39:81:02:3c:5d:a2:7a:76:14:23:9e:78:b7:1b:df:
c3:77:ac:4a:09:1a:46:e0:f7:b4:19:c1:b3:50:c6:
b0:db:de:6b:f6:18:16:49:ba:a3:43:dc:91:d2:af:
b9:72:96:b3:56:72:ce:d3:f1:58:ce:85:85:9c:27:
bb:8d:0f:56:32:0c:91:68:01:a0:c8:ed:0c:89:58:
1a:7d:3d:37:cb:3d:9a:75:df:9d:db:4f:f7:43:e5:
31:aa:3d:55:24:78:e7:d7:9e:34:fa:15:64:26:1c:
9d:eb:39:c1:46:d8:b3:57:3c:3b:82:c3:64:52:bc:
89:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:89:E5:FC:D3:8C:B5:A4:1B:A1:21:E0:56:C7:13:D3:D5:EA:2B:73
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6onl_NOMtaQboSHgVscT09XqK3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.72.0/22
93.171.104.0/21
Signature Algorithm: sha256WithRSAEncryption
67:f8:68:ee:99:d1:3f:1d:f4:44:99:d3:38:0d:fa:c9:73:09:
e5:b9:87:23:5f:51:0b:eb:d1:24:09:f8:8a:fc:b3:92:b7:88:
5b:d8:16:ae:1d:a7:bc:a4:54:e5:d0:38:18:c7:2a:5a:e4:8a:
b5:0f:1f:a1:01:71:b6:af:d0:ca:4b:15:16:0e:b6:cd:30:a7:
5a:5b:4a:99:1d:ae:e5:4e:64:c5:7a:40:83:f5:06:27:2c:43:
56:c0:f3:b3:ae:f7:10:1b:a7:0e:df:f6:85:69:f6:10:94:b6:
a2:d3:75:e1:0f:6f:8d:04:71:2f:65:8d:d4:db:15:c8:98:ef:
09:de:2f:be:b9:18:7c:ac:c9:94:c1:42:bf:cb:21:01:2b:38:
9d:0b:f5:0a:79:cd:c2:67:86:3e:12:8b:c2:65:52:9a:54:07:
dc:56:77:51:1f:74:2c:93:dc:e5:82:80:20:a5:df:9d:da:7f:
16:06:0f:40:d6:d4:a0:fb:e3:e7:1d:02:33:26:34:3f:9a:07:
0a:c5:84:63:d0:f3:35:8b:66:2c:1c:5f:b8:e1:4f:b8:18:f7:
7f:50:00:0b:ab:bd:c7:54:80:13:68:61:32:d6:ec:f4:81:e8:
41:0e:99:1a:48:4c:b0:ed:8f:11:9f:9c:11:6a:9e:71:e7:c4:
a5:b8:20:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgsJgWBUPsd7Nr6N9hBZWYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNzIxMDg0MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTg5ZTVmY2QzOGNiNWE0MWJhMTIxZTA1NmM3MTNkM2Q1ZWEyYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbXr3Z6dfUSmCIYVC9/D/Uu9PKrL
hbyUWwy6VBu7vwCnVpqe0EjdxhbbANi5U7IJZc+DTz6Jllbko2BDH0IAVSEl9392
Noqa5wqc+ilhG8tKphkXrrIvTFxUWk7Bfq0rCwdCQEQ8/1YT5glq2oIKIXPbRxhe
XLLFLxL2TWQp036QoVdpSA45gQI8XaJ6dhQjnni3G9/Dd6xKCRpG4Pe0GcGzUMaw
295r9hgWSbqjQ9yR0q+5cpazVnLO0/FYzoWFnCe7jQ9WMgyRaAGgyO0MiVgafT03
yz2add+d20/3Q+Uxqj1VJHjn1540+hVkJhyd6znBRtizVzw7gsNkUryJYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOqJ5fzTjLWkG6Eh4FbHE9PV6itzMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNm9ubF9OT010YVFib1NIZ1ZzY1QwOVhxSzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXatIAwQD
XatoMA0GCSqGSIb3DQEBCwUAA4IBAQBn+GjumdE/HfREmdM4DfrJcwnluYcjX1EL
69EkCfiK/LOSt4hb2BauHae8pFTl0DgYxypa5Iq1Dx+hAXG2r9DKSxUWDrbNMKda
W0qZHa7lTmTFekCD9QYnLENWwPOzrvcQG6cO3/aFafYQlLai03XhD2+NBHEvZY3U
2xXImO8J3i++uRh8rMmUwUK/yyEBKzidC/UKec3CZ4Y+EovCZVKaVAfcVndRH3Qs
k9zlgoAgpd+d2n8WBg9A1tSg++PnHQIzJjQ/mgcKxYRj0PM1i2YsHF+44U+4GPd/
UAALq73HVIATaGEy1uz0gehBDpkaSEyw7Y8Rn5wRap5x58SluCA7
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:36:07 2025 by rpki-client