Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/C6sf2jiVxbNzIfbpV5ztuQ-pgtY.roa
File: C6sf2jiVxbNzIfbpV5ztuQ-pgtY.roa (raw, json)
Hash identifier: RYuv85n1C0I0qzjX9QXVVLpxViZ0GsxD40on7rp99Ew=
Subject key identifier: 0B:AB:1F:DA:38:95:C5:B3:73:21:F6:E9:57:9C:ED:B9:0F:A9:82:D6
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01981DE94E34F1C0D32B2D94C4F1C01EA891
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/C6sf2jiVxbNzIfbpV5ztuQ-pgtY.roa
Signing time: Fri 18 Jul 2025 14:21:25 +0000
ROA not before: Fri 18 Jul 2025 14:21:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207432
IP address blocks: 2a0f:5ec0::/29 maxlen: 36
2a0f:7fc0::/29 maxlen: 36
2a0f:edc0::/29 maxlen: 36
2a0f:fb40::/29 maxlen: 36
2a11:3a80::/29 maxlen: 37
2a11:6600::/29 maxlen: 36
2a11:6780::/29 maxlen: 37
2a11:6880::/29 maxlen: 37
2a11:6980::/29 maxlen: 37
2a11:6c00::/29 maxlen: 36
2a11:a680::/29 maxlen: 37
2a11:d400::/29 maxlen: 36
2a11:f080::/29 maxlen: 36
2a12:3c80::/29 maxlen: 36
2a12:e4c0::/29 maxlen: 36
2a13:3a80::/29 maxlen: 36
2a13:3e80::/29 maxlen: 36
2a13:4680::/29 maxlen: 36
2a13:64c0::/29 maxlen: 36
2a13:6540::/29 maxlen: 36
2a13:6840::/29 maxlen: 36
2a13:68c0::/29 maxlen: 36
2a13:69c0::/29 maxlen: 36
2a13:6a40::/29 maxlen: 36
2a13:6ac0::/29 maxlen: 36
2a13:6bc0::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:e9:4e:34:f1:c0:d3:2b:2d:94:c4:f1:c0:1e:a8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 18 14:21:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bab1fda3895c5b37321f6e9579cedb90fa982d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bb:47:e7:36:00:e0:28:4d:19:54:4c:ea:96:
2f:ea:6b:35:29:a2:38:16:ac:4a:23:e0:1c:f0:f2:
df:6f:b1:a7:9a:ad:20:b4:97:2c:69:45:d6:6d:e5:
4a:4d:82:47:2e:42:be:17:50:0b:58:c9:6e:aa:39:
a0:40:ef:b3:6f:3c:be:41:ad:7f:8c:cd:a1:48:2b:
e3:3b:1b:9c:18:2d:50:a3:f4:70:67:e5:cf:0e:b3:
88:30:6b:19:22:2c:c3:bf:66:79:4f:ed:0d:47:c1:
75:43:8e:89:e5:7a:e2:10:4e:f1:e2:e9:60:09:93:
15:62:1c:91:ea:cf:7b:8b:ef:72:8d:ff:67:e3:36:
e1:78:eb:5d:60:c3:95:43:4d:de:9c:e2:f7:27:89:
4d:c7:f6:02:10:8e:d3:4c:07:04:43:e1:ba:a1:cd:
37:df:1e:bc:5a:8f:85:b3:a7:1d:85:6d:23:ac:2e:
4b:43:5f:d2:f0:db:8c:fe:62:33:88:7d:d8:60:49:
b6:0c:54:70:8b:5c:82:1e:57:8a:7b:64:e4:e8:9f:
9f:18:a1:05:6b:b0:c1:51:fe:80:dd:36:07:74:9d:
9c:5c:5d:0e:db:15:7b:07:bf:c2:cb:9b:75:11:ee:
10:6b:a4:52:6d:6e:4f:a0:2e:d1:42:0f:8f:e5:99:
02:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AB:1F:DA:38:95:C5:B3:73:21:F6:E9:57:9C:ED:B9:0F:A9:82:D6
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/C6sf2jiVxbNzIfbpV5ztuQ-pgtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:3a80::/29
2a11:6600::/29
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:6c00::/29
2a11:a680::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
98:ff:e7:0e:1e:61:84:eb:72:62:a4:fe:d8:cc:b8:ac:7a:1a:
33:76:01:30:7a:9b:41:ed:d8:44:1f:87:aa:10:98:56:83:6e:
81:56:c1:7d:79:86:63:f5:67:cc:de:22:a5:63:25:7a:25:18:
00:54:bb:c3:99:7a:31:b0:f7:6c:e5:32:bd:44:ce:bb:37:c0:
fe:ad:a3:29:34:70:e7:48:89:c2:da:32:d5:c8:95:47:9c:d8:
14:7e:fa:a5:06:99:6e:cc:9d:06:26:ee:b7:54:c1:fb:17:de:
63:9e:ed:1e:3d:48:d4:e7:a6:5a:df:f4:9d:5b:40:89:5c:b6:
2e:a3:55:22:c0:ed:fe:95:40:0c:cf:d6:84:02:f8:e4:a5:92:
6c:ba:36:41:3d:f8:2d:4f:0e:9b:e8:ee:3a:23:e2:cc:8e:5c:
83:17:e7:ed:0a:90:6c:48:f0:2e:7e:9e:9d:46:ad:3e:cf:5b:
00:a5:ea:c3:8f:b8:f9:7c:fa:d5:85:41:17:45:e8:72:80:44:
d2:3a:29:2f:21:7d:5c:8d:cb:c4:69:13:6b:6e:bb:2a:d1:c8:
9b:36:36:35:91:f2:6f:02:96:6e:da:01:32:ca:96:3c:c1:cf:
cf:ce:dc:55:5b:f3:ec:a4:6b:6a:e1:fc:09:e8:72:0f:e8:f2:
09:97:24:7a
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZgd6U408cDTKy2UxPHAHqiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNzE4MTQyMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmFiMWZkYTM4OTVjNWIzNzMyMWY2ZTk1NzljZWRiOTBmYTk4MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbtH5zYA4ChNGVRM6pYv6ms1KaI4
FqxKI+Ac8PLfb7Gnmq0gtJcsaUXWbeVKTYJHLkK+F1ALWMluqjmgQO+zbzy+Qa1/
jM2hSCvjOxucGC1Qo/RwZ+XPDrOIMGsZIizDv2Z5T+0NR8F1Q46J5XriEE7x4ulg
CZMVYhyR6s97i+9yjf9n4zbheOtdYMOVQ03enOL3J4lNx/YCEI7TTAcEQ+G6oc03
3x68Wo+Fs6cdhW0jrC5LQ1/S8NuM/mIziH3YYEm2DFRwi1yCHleKe2Tk6J+fGKEF
a7DBUf6A3TYHdJ2cXF0O2xV7B7/Cy5t1Ee4Qa6RSbW5PoC7RQg+P5ZkC5wIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFAurH9o4lcWzcyH26Vec7bkPqYLWMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQzZzZjJqaVZ4Yk56SWZicFY1enR1US1wZ3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAIwgbYDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhE6gAMFAyoRZgADBQMqEWeAAwUD
KhFogAMFAyoRaYADBQMqEWwAAwUDKhGmgAMFAyoR1AADBQMqEfCAAwUDKhI8gAMF
AyoS5MADBQMqEzqAAwUDKhM+gAMFAyoTRoADBQMqE2TAAwUDKhNlQAMFAyoTaEAD
BQMqE2jAAwUDKhNpwAMFAyoTakADBQMqE2rAAwUDKhNrwDANBgkqhkiG9w0BAQsF
AAOCAQEAmP/nDh5hhOtyYqT+2My4rHoaM3YBMHqbQe3YRB+HqhCYVoNugVbBfXmG
Y/VnzN4ipWMleiUYAFS7w5l6MbD3bOUyvUTOuzfA/q2jKTRw50iJwtoy1ciVR5zY
FH76pQaZbsydBibut1TB+xfeY57tHj1I1OemWt/0nVtAiVy2LqNVIsDt/pVADM/W
hAL45KWSbLo2QT34LU8Om+juOiPizI5cgxfn7QqQbEjwLn6enUatPs9bAKXqw4+4
+Xz61YVBF0XocoBE0jopLyF9XI3LxGkTa267KtHImzY2NZHybwKWbtoBMsqWPMHP
z87cVVvz7KRrauH8CehyD+jyCZckeg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:47:03 2025 by rpki-client