Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/RoTtigifINsixxIV_70QGvQ5BxY.roa
File: RoTtigifINsixxIV_70QGvQ5BxY.roa (raw, json)
Hash identifier: plE7goAwFCfjJgbZot+4It6KwTroueBaFRIiGneV7rw=
Subject key identifier: 46:84:ED:8A:08:9F:20:DB:22:C7:12:15:FF:BD:10:1A:F4:39:07:16
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 01980DFB49235B9E535A2ED461FE5E0F1ACA
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/RoTtigifINsixxIV_70QGvQ5BxY.roa
Signing time: Tue 15 Jul 2025 12:07:08 +0000
ROA not before: Tue 15 Jul 2025 12:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.8.0/23 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.16.0/23 maxlen: 23
82.206.72.0/21 maxlen: 21
82.206.80.0/21 maxlen: 21
82.206.80.0/22 maxlen: 24
82.206.84.0/22 maxlen: 24
82.206.88.0/21 maxlen: 21
82.206.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:fb:49:23:5b:9e:53:5a:2e:d4:61:fe:5e:0f:1a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jul 15 12:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4684ed8a089f20db22c71215ffbd101af4390716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:a7:fc:bd:bc:c5:0b:07:39:03:f9:32:e8:
13:bd:6e:8e:c3:3d:cd:39:a6:e9:91:ad:f9:59:a8:
00:7e:a5:21:76:ac:bd:d6:6f:fd:51:3a:9f:f5:6e:
74:17:5b:61:28:a4:45:4c:16:47:55:e2:39:57:62:
48:a0:4a:96:e8:86:0c:3f:03:bc:5d:d3:af:c1:ba:
0d:4c:3b:2d:47:30:97:7e:66:7e:07:cb:16:27:9f:
51:c8:f7:84:fd:6b:60:11:f5:45:ca:ec:92:a7:66:
c2:8e:27:eb:e9:25:4d:00:4a:6e:24:00:c1:1a:35:
50:df:d8:a7:87:8f:30:65:df:32:c3:d5:79:28:a9:
c1:f9:1b:26:d9:64:3c:8a:9a:f7:23:c9:7b:32:66:
6c:13:d6:f1:f7:9e:f7:b5:7c:a1:e6:ba:42:5d:91:
c8:bc:d8:c2:cb:b8:75:ca:97:a7:0c:de:e9:ba:b4:
18:95:aa:2d:ac:2d:bc:5b:c1:3d:4e:84:c8:40:bc:
c5:62:5d:ec:b1:51:8f:7a:9c:3a:1d:0f:db:e8:98:
4a:64:d8:66:58:91:7c:2a:d6:c2:1e:a7:2a:9e:8c:
2c:0c:28:59:c8:51:2e:76:bf:50:67:3e:21:ed:9b:
6b:80:3c:ea:13:26:fc:95:bd:1b:68:fc:24:fa:52:
2a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:84:ED:8A:08:9F:20:DB:22:C7:12:15:FF:BD:10:1A:F4:39:07:16
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/RoTtigifINsixxIV_70QGvQ5BxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.9.255
82.206.16.0/22
82.206.72.0-82.206.111.255
Signature Algorithm: sha256WithRSAEncryption
73:07:05:9c:6f:eb:ec:db:d2:30:33:58:43:c6:dc:ac:35:e4:
9c:ed:c4:c0:7f:04:c1:ee:9b:5a:81:97:10:a1:66:a3:b9:26:
7e:23:28:05:d8:29:c2:3c:f2:05:67:3e:76:eb:d2:e4:0f:b8:
c8:75:c2:87:45:cb:8b:7e:fa:5f:85:23:7f:1b:16:b8:e0:cd:
d6:0a:ff:1b:5a:80:ae:ca:59:85:96:d3:6c:cd:a3:1c:f1:48:
7a:fb:37:5c:94:88:a2:cc:a7:82:cf:ee:ff:6f:fc:d8:a5:c2:
20:36:3f:ea:56:b5:9e:a8:b6:7f:68:e9:41:9a:9c:de:c2:47:
cd:12:34:68:96:8c:4f:6d:b0:aa:27:4b:cf:92:80:17:d0:df:
c0:c3:2e:3e:fe:48:6b:a0:14:ce:ef:d5:a5:a7:5d:5b:3d:9b:
22:24:38:91:b6:78:06:06:d5:b6:f3:aa:d7:ef:52:d0:e0:50:
d0:26:2c:3a:d7:1f:2a:6d:0a:03:82:0a:6b:c9:bb:89:42:e6:
37:1a:30:12:2f:22:24:5e:db:4e:ed:d8:f6:66:26:5f:65:f3:
8c:07:25:e1:ad:02:11:6b:1f:8d:47:97:f5:3c:b1:c3:33:b6:
53:65:b6:c0:5c:53:7f:b4:5d:9e:46:7f:a2:8c:de:ae:90:be:
5b:7d:e3:dd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZgN+0kjW55TWi7UYf5eDxrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwNzE1MTIwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg0ZWQ4YTA4OWYyMGRiMjJjNzEyMTVmZmJkMTAxYWY0MzkwNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq+n/L28xQsHOQP5MugTvW6Owz3N
Oabpka35WagAfqUhdqy91m/9UTqf9W50F1thKKRFTBZHVeI5V2JIoEqW6IYMPwO8
XdOvwboNTDstRzCXfmZ+B8sWJ59RyPeE/WtgEfVFyuySp2bCjifr6SVNAEpuJADB
GjVQ39inh48wZd8yw9V5KKnB+Rsm2WQ8ipr3I8l7MmZsE9bx9573tXyh5rpCXZHI
vNjCy7h1ypenDN7purQYlaotrC28W8E9ToTIQLzFYl3ssVGPepw6HQ/b6JhKZNhm
WJF8KtbCHqcqnowsDChZyFEudr9QZz4h7ZtrgDzqEyb8lb0baPwk+lIqewIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEaE7YoInyDbIscSFf+9EBr0OQcWMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvUm9UdGlnaWZJTnNpeHhJVl83MFFHdlE1QnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAFSzgID
BAFSzggDBAJSzhAwDAMEA1LOSAMEBFLOYDANBgkqhkiG9w0BAQsFAAOCAQEAcwcF
nG/r7NvSMDNYQ8bcrDXknO3EwH8Ewe6bWoGXEKFmo7kmfiMoBdgpwjzyBWc+duvS
5A+4yHXCh0XLi376X4UjfxsWuODN1gr/G1qArspZhZbTbM2jHPFIevs3XJSIosyn
gs/u/2/82KXCIDY/6la1nqi2f2jpQZqc3sJHzRI0aJaMT22wqidLz5KAF9DfwMMu
Pv5Ia6AUzu/VpaddWz2bIiQ4kbZ4BgbVtvOq1+9S0OBQ0CYsOtcfKm0KA4IKa8m7
iULmNxowEi8iJF7bTu3Y9mYmX2XzjAcl4a0CEWsfjUeX9TyxwzO2U2W2wFxTf7Rd
nkZ/oozerpC+W33j3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:18:27 2025 by rpki-client