Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6KwSE8QkQg3m7FrJd72bbXrGNHo.roa
File: 6KwSE8QkQg3m7FrJd72bbXrGNHo.roa (raw, json)
Hash identifier: yb3V4cXzzG2sEML4r9rgXteobQz7t9Z3+ttDyOgOXco=
Subject key identifier: E8:AC:12:13:C4:24:42:0D:E6:EC:5A:C9:77:BD:9B:6D:7A:C6:34:7A
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0197F3060A0F21DAAA436F7F793C6129D54C
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6KwSE8QkQg3m7FrJd72bbXrGNHo.roa
Signing time: Thu 10 Jul 2025 06:29:08 +0000
ROA not before: Thu 10 Jul 2025 06:29:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34879
IP address blocks: 195.208.64.0/24 maxlen: 24
195.208.65.0/24 maxlen: 24
195.208.66.0/24 maxlen: 24
195.208.67.0/24 maxlen: 24
195.208.68.0/24 maxlen: 24
195.208.69.0/24 maxlen: 24
195.208.70.0/24 maxlen: 24
195.208.71.0/24 maxlen: 24
195.208.72.0/24 maxlen: 24
195.208.73.0/24 maxlen: 24
195.208.74.0/24 maxlen: 24
195.208.75.0/24 maxlen: 24
195.208.76.0/24 maxlen: 24
195.208.77.0/24 maxlen: 24
195.209.64.0/24 maxlen: 24
195.209.65.0/24 maxlen: 24
195.209.66.0/24 maxlen: 24
195.209.67.0/24 maxlen: 24
195.209.68.0/24 maxlen: 24
195.209.69.0/24 maxlen: 24
195.209.70.0/24 maxlen: 24
195.209.71.0/24 maxlen: 24
195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.75.0/24 maxlen: 24
195.209.76.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.78.0/24 maxlen: 24
195.209.79.0/24 maxlen: 24
195.209.80.0/24 maxlen: 24
195.209.81.0/24 maxlen: 24
195.209.82.0/24 maxlen: 24
195.209.83.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
195.209.85.0/24 maxlen: 24
195.209.86.0/24 maxlen: 24
195.209.87.0/24 maxlen: 24
195.209.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:06:0a:0f:21:da:aa:43:6f:7f:79:3c:61:29:d5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jul 10 06:29:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8ac1213c424420de6ec5ac977bd9b6d7ac6347a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b8:3e:4a:5b:36:b0:87:e0:b2:c3:c2:9a:a2:
e7:24:3d:3f:20:12:a1:8a:06:ce:ce:63:89:6d:84:
bd:fa:57:01:67:91:6d:db:e3:d4:9c:24:0f:71:c7:
fe:34:8c:55:50:f0:72:01:51:e3:60:2a:ec:67:b7:
1b:d9:d7:ed:0b:cd:14:0a:da:6e:29:35:1e:cd:8f:
d7:ef:b0:c9:b8:9a:71:49:a3:0a:db:d9:c1:40:58:
7b:9f:60:b7:3d:95:48:f0:26:1a:64:5e:e3:e3:01:
92:be:4b:85:e2:a6:17:38:a9:22:e9:8f:43:88:90:
6a:22:e5:52:1f:c6:4c:f4:b5:fa:e1:da:84:26:d5:
fc:bd:2a:ea:b7:39:2d:e4:b2:22:2f:9d:de:88:f3:
b0:03:55:e2:57:3d:91:42:00:0b:99:28:f8:17:a4:
30:36:1e:4a:8c:f1:a9:86:4e:93:75:21:c8:32:f2:
13:8d:b7:b4:c0:75:8d:48:1a:5e:3a:83:e3:e5:2f:
0d:32:9f:dd:4a:79:f8:3b:28:3f:6a:05:8e:8b:5c:
fd:fa:fa:c5:8b:de:72:3e:4b:73:80:ab:88:58:e6:
cf:f8:8f:81:76:99:81:6e:84:ba:57:7f:ed:60:b7:
a8:09:fb:57:98:89:40:62:88:e4:6a:75:e3:b7:0c:
d2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AC:12:13:C4:24:42:0D:E6:EC:5A:C9:77:BD:9B:6D:7A:C6:34:7A
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6KwSE8QkQg3m7FrJd72bbXrGNHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.64.0-195.208.77.255
195.209.64.0/19
Signature Algorithm: sha256WithRSAEncryption
25:e0:76:6d:e4:9c:1b:1d:a5:6a:9b:66:12:c4:46:49:c2:75:
e2:90:54:57:95:46:6a:8b:35:bc:63:72:64:e8:ac:99:90:14:
e4:f6:07:aa:36:24:74:c1:46:00:fb:eb:f4:57:73:07:72:b0:
37:a7:be:07:5c:ae:b4:17:8f:13:6c:52:49:4b:93:5b:af:33:
d1:9f:7b:5d:cc:06:5f:a5:f8:f0:bb:da:5b:75:61:9c:cb:6b:
40:de:d3:63:ee:a7:be:3d:87:3a:95:d9:d3:5e:fe:a5:e2:c9:
e0:25:09:10:03:de:16:cb:89:23:d1:4b:5a:ff:d2:2c:ea:06:
a6:eb:73:82:69:69:d1:a2:5f:04:32:58:9f:a2:2a:b5:dc:cf:
d0:f8:be:74:56:21:f6:13:a9:40:0d:7e:78:b5:0a:bb:34:14:
ed:e7:10:78:77:ad:a9:aa:8b:16:ed:e4:08:f6:ed:59:25:78:
d7:fe:1d:4b:d2:97:f2:1e:a1:4e:be:4e:ac:57:40:52:ff:d5:
d8:21:3e:2a:7b:41:b6:ac:57:6e:a2:37:f3:26:e3:0a:e7:59:
3b:40:8a:d7:2d:66:ed:43:03:23:da:71:e1:62:ff:02:8e:08:
04:fb:5b:43:f2:fe:29:62:48:e5:07:44:20:e6:76:b3:6b:f6:
c8:03:3b:d5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZfzBgoPIdqqQ29/eTxhKdVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNzEwMDYyOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFjMTIxM2M0MjQ0MjBkZTZlYzVhYzk3N2JkOWI2ZDdhYzYzNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubg+Sls2sIfgssPCmqLnJD0/IBKh
igbOzmOJbYS9+lcBZ5Ft2+PUnCQPccf+NIxVUPByAVHjYCrsZ7cb2dftC80UCtpu
KTUezY/X77DJuJpxSaMK29nBQFh7n2C3PZVI8CYaZF7j4wGSvkuF4qYXOKki6Y9D
iJBqIuVSH8ZM9LX64dqEJtX8vSrqtzkt5LIiL53eiPOwA1XiVz2RQgALmSj4F6Qw
Nh5KjPGphk6TdSHIMvITjbe0wHWNSBpeOoPj5S8NMp/dSnn4Oyg/agWOi1z9+vrF
i95yPktzgKuIWObP+I+BdpmBboS6V3/tYLeoCftXmIlAYojkanXjtwzSnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOisEhPEJEIN5uxayXe9m216xjR6MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvNkt3U0U4UWtRZzNtN0ZySmQ3MmJiWHJHTkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAbD0EAD
BAHD0EwDBAXD0UAwDQYJKoZIhvcNAQELBQADggEBACXgdm3knBsdpWqbZhLERknC
deKQVFeVRmqLNbxjcmTorJmQFOT2B6o2JHTBRgD76/RXcwdysDenvgdcrrQXjxNs
UklLk1uvM9Gfe13MBl+l+PC72lt1YZzLa0De02Pup749hzqV2dNe/qXiyeAlCRAD
3hbLiSPRS1r/0izqBqbrc4JpadGiXwQyWJ+iKrXcz9D4vnRWIfYTqUANfni1Crs0
FO3nEHh3ramqixbt5Aj27VkleNf+HUvSl/IeoU6+TqxXQFL/1dghPip7QbasV26i
N/Mm4wrnWTtAitctZu1DAyPaceFi/wKOCAT7W0Py/iliSOUHRCDmdrNr9sgDO9U=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:03:25 2025 by rpki-client