Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/G6DBS58R4lB1gVSF0weHB5o9JIE.roa
File: G6DBS58R4lB1gVSF0weHB5o9JIE.roa (raw, json)
Hash identifier: 6B7Fw5IHHF/AtNomDSwC/Q3ySaFpDb6ZUz4Kdfkl5nI=
Subject key identifier: 1B:A0:C1:4B:9F:11:E2:50:75:81:54:85:D3:07:87:07:9A:3D:24:81
Certificate issuer: /CN=6d5be666d804d0f8b387fc62209d13006c6644aa
Certificate serial: 0197CF5A2B6337E1CE6BF3DA4420B231D9E6
Authority key identifier: 6D:5B:E6:66:D8:04:D0:F8:B3:87:FC:62:20:9D:13:00:6C:66:44:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/G6DBS58R4lB1gVSF0weHB5o9JIE.roa
Signing time: Thu 03 Jul 2025 08:14:42 +0000
ROA not before: Thu 03 Jul 2025 08:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43442
IP address blocks: 185.224.188.0/22 maxlen: 22
185.224.190.0/24 maxlen: 24
2001:678:424::/48 maxlen: 48
2001:678:424:d0::/60 maxlen: 60
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.mft
rsync://rpki.ripe.net/repository/DEFAULT/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:5a:2b:63:37:e1:ce:6b:f3:da:44:20:b2:31:d9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d5be666d804d0f8b387fc62209d13006c6644aa
Validity
Not Before: Jul 3 08:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ba0c14b9f11e25075815485d30787079a3d2481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7c:28:93:28:99:8b:22:82:1e:3f:4b:83:fc:
57:b0:6f:34:8a:b8:cf:2d:45:ec:23:58:3f:7c:10:
3d:32:ea:62:ca:55:31:ac:00:73:88:7d:25:4b:4a:
3d:fc:52:ed:cd:db:95:9a:d3:46:9f:6b:77:f0:98:
d3:7f:df:21:e3:fe:fb:28:46:0e:b7:c2:c5:45:27:
88:89:cd:6b:7e:57:76:aa:6b:71:2e:e6:0f:ec:be:
f3:5d:f3:41:e3:8f:a8:1b:1d:53:90:a7:68:86:c1:
69:b0:87:96:55:7a:26:02:e6:f7:9f:34:84:c7:05:
21:ab:b7:bc:44:c3:2f:5c:18:4d:cd:cb:74:94:19:
79:71:07:80:a5:ce:1c:0c:4a:38:55:95:a3:ec:7e:
f9:c4:df:7b:20:ed:3d:7b:aa:1d:72:12:e0:c0:e4:
ba:5e:fa:da:0f:58:15:52:61:6f:95:6a:5d:06:14:
54:ea:0a:dd:58:87:77:2b:23:51:2f:8f:96:6f:8e:
cc:41:47:57:c7:7a:7f:d9:44:80:c7:7b:bc:2e:da:
35:1d:41:c5:79:15:d9:37:fd:a2:6a:80:0c:06:4b:
e9:ba:13:e0:fd:b3:2f:1c:26:56:9c:22:39:c2:d3:
07:36:a5:f8:aa:d0:70:3c:48:c7:75:a2:a9:44:b1:
f9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A0:C1:4B:9F:11:E2:50:75:81:54:85:D3:07:87:07:9A:3D:24:81
X509v3 Authority Key Identifier:
keyid:6D:5B:E6:66:D8:04:D0:F8:B3:87:FC:62:20:9D:13:00:6C:66:44:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/G6DBS58R4lB1gVSF0weHB5o9JIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.188.0/22
IPv6:
2001:678:424::/48
Signature Algorithm: sha256WithRSAEncryption
a2:87:ee:20:6e:ba:42:e6:c0:9f:76:0d:47:ad:2e:ff:ab:f3:
82:de:bf:71:fb:7a:91:53:08:42:59:b0:c8:5a:46:9a:55:5b:
88:9b:a1:f1:b8:ea:51:2f:a8:78:08:83:32:6e:89:e1:3c:d1:
e2:16:96:33:d8:85:c3:8a:cd:85:71:d0:92:1a:f6:e7:4e:c5:
e2:e4:e6:34:5e:3f:d6:1b:02:8e:f6:2b:dd:d8:f1:8d:8e:0b:
1c:92:2c:15:1b:1c:56:c4:16:02:01:0d:d2:76:9f:f5:b6:6d:
be:fd:0e:db:2a:c0:e3:98:b6:bb:4b:5c:bc:f9:86:3c:cd:83:
72:af:b8:23:a1:31:04:3d:46:b6:fb:3d:75:3b:88:c2:1b:4f:
79:99:c4:7c:96:74:e2:09:a7:93:be:3f:8f:29:e9:a3:b4:44:
8a:64:06:8b:82:87:b2:b8:ea:8d:c7:af:62:51:17:bf:b5:f9:
83:62:0c:9d:de:6a:59:72:c4:87:66:fd:06:a7:bf:05:76:0c:
70:ff:40:90:d6:9b:0a:c0:b0:ab:c1:67:58:2e:e2:4c:db:27:
71:fc:06:2c:8b:a7:ed:aa:dc:bc:e9:21:dc:bc:a1:e8:2d:a6:
bc:4f:1d:d4:6a:57:e6:0a:67:a2:5d:cf:37:be:25:2f:89:88:
66:3f:c4:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZfPWitjN+HOa/PaRCCyMdnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNWJlNjY2ZDgwNGQwZjhiMzg3ZmM2MjIwOWQxMzAwNmM2
NjQ0YWEwHhcNMjUwNzAzMDgxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmEwYzE0YjlmMTFlMjUwNzU4MTU0ODVkMzA3ODcwNzlhM2QyNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnwokyiZiyKCHj9Lg/xXsG80irjP
LUXsI1g/fBA9MupiylUxrABziH0lS0o9/FLtzduVmtNGn2t38JjTf98h4/77KEYO
t8LFRSeIic1rfld2qmtxLuYP7L7zXfNB44+oGx1TkKdohsFpsIeWVXomAub3nzSE
xwUhq7e8RMMvXBhNzct0lBl5cQeApc4cDEo4VZWj7H75xN97IO09e6odchLgwOS6
XvraD1gVUmFvlWpdBhRU6grdWId3KyNRL4+Wb47MQUdXx3p/2USAx3u8Lto1HUHF
eRXZN/2iaoAMBkvpuhPg/bMvHCZWnCI5wtMHNqX4qtBwPEjHdaKpRLH55QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBugwUufEeJQdYFUhdMHhweaPSSBMB8GA1UdIwQY
MBaAFG1b5mbYBND4s4f8YiCdEwBsZkSqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZ2bVp0Z0UwUGl6aF94aUlKMFRBR3htUktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81MjNlZjYtMjc0My00MTNkLWI0MWQt
NmFmNjU1YTU0OTRiLzEvRzZEQlM1OFI0bEIxZ1ZTRjB3ZUhCNW85SklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81MjNlZjYtMjc0My00MTNkLWI0MWQtNmFmNjU1YTU0OTRi
LzEvYlZ2bVp0Z0UwUGl6aF94aUlKMFRBR3htUktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCueC8MA8E
AgACMAkDBwAgAQZ4BCQwDQYJKoZIhvcNAQELBQADggEBAKKH7iBuukLmwJ92DUet
Lv+r84Lev3H7epFTCEJZsMhaRppVW4ibofG46lEvqHgIgzJuieE80eIWljPYhcOK
zYVx0JIa9udOxeLk5jReP9YbAo72K93Y8Y2OCxySLBUbHFbEFgIBDdJ2n/W2bb79
DtsqwOOYtrtLXLz5hjzNg3KvuCOhMQQ9Rrb7PXU7iMIbT3mZxHyWdOIJp5O+P48p
6aO0RIpkBouCh7K46o3Hr2JRF7+1+YNiDJ3eallyxIdm/QanvwV2DHD/QJDWmwrA
sKvBZ1gu4kzbJ3H8BiyLp+2q3LzpIdy8oegtprxPHdRqV+YKZ6Jdzze+JS+JiGY/
xNk=
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:15:18 2025 by rpki-client