Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/TOxCM6S_arlfToUA479zh5nkrJo.roa
File: TOxCM6S_arlfToUA479zh5nkrJo.roa (raw, json)
Hash identifier: vJ1XssSgRtqMk/Uwgd5Thnwzm2ARorFtzVtt1LqNVUg=
Subject key identifier: 4C:EC:42:33:A4:BF:6A:B9:5F:4E:85:00:E3:BF:73:87:99:E4:AC:9A
Certificate issuer: /CN=a6162102e5a3c0aeeab63c21ed92a805826db7aa
Certificate serial: 0197C72F1A9E7A466BE9F2E703093278782D
Authority key identifier: A6:16:21:02:E5:A3:C0:AE:EA:B6:3C:21:ED:92:A8:05:82:6D:B7:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/TOxCM6S_arlfToUA479zh5nkrJo.roa
Signing time: Tue 01 Jul 2025 18:10:42 +0000
ROA not before: Tue 01 Jul 2025 18:10:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 176.117.64.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:2f:1a:9e:7a:46:6b:e9:f2:e7:03:09:32:78:78:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6162102e5a3c0aeeab63c21ed92a805826db7aa
Validity
Not Before: Jul 1 18:10:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cec4233a4bf6ab95f4e8500e3bf738799e4ac9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:f6:c8:5a:7f:78:df:c3:4f:27:3e:58:63:
1c:be:18:e5:b0:c8:38:57:86:27:01:55:0f:93:15:
40:47:8e:35:81:07:9c:07:09:05:90:aa:a4:05:5b:
e9:ac:d8:20:b4:2c:30:80:e0:c1:cd:56:73:63:10:
09:fc:cc:57:19:a1:43:d4:cb:2a:62:6c:1d:24:12:
81:64:0e:e4:32:ef:59:b1:1b:6e:cb:63:2d:4d:a3:
a3:4d:36:30:e4:af:b8:04:d2:9c:83:9c:54:a1:ab:
0d:a3:41:f9:95:cf:fb:02:12:5c:db:1e:a4:61:42:
e0:5d:ba:4d:cf:1d:2f:ff:17:9f:e3:df:fe:07:c2:
30:7c:28:e4:47:5d:ae:3d:b8:bf:3a:09:61:03:cd:
99:b4:19:bc:b9:83:70:ab:1e:cd:36:96:d9:41:43:
10:fa:79:a0:03:8e:91:a4:bf:26:30:43:df:2a:35:
80:da:4f:cb:a6:50:fd:59:45:ac:91:0a:b8:32:21:
85:30:29:2c:2d:be:5a:c1:80:36:c9:39:9d:b7:3e:
60:42:c2:58:f5:00:d5:c6:60:70:c3:3b:14:f5:f4:
50:6a:64:16:96:aa:6e:20:5e:b0:b7:a7:a0:42:c0:
e0:b4:a8:62:91:81:87:ad:29:ba:0a:5a:96:13:dc:
62:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EC:42:33:A4:BF:6A:B9:5F:4E:85:00:E3:BF:73:87:99:E4:AC:9A
X509v3 Authority Key Identifier:
keyid:A6:16:21:02:E5:A3:C0:AE:EA:B6:3C:21:ED:92:A8:05:82:6D:B7:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/TOxCM6S_arlfToUA479zh5nkrJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/22
176.117.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:c6:87:c2:d9:96:fc:09:07:37:2d:f5:73:06:bb:34:27:a5:
8a:66:8b:d6:03:f7:76:59:17:50:2f:d4:e8:86:d5:af:46:c1:
78:d4:9f:04:b9:8d:44:0d:d6:60:5d:7b:c8:e4:0e:d2:45:ff:
90:0c:72:fe:69:20:92:8b:d2:5b:32:7e:a7:8a:04:e4:a8:41:
73:59:c1:0b:64:c6:3e:3d:f3:e2:58:8c:33:56:98:03:8e:85:
88:a0:b7:d7:1e:48:54:33:72:55:1f:51:b5:ff:f5:ab:0c:68:
f1:19:aa:f3:4f:be:ab:62:c8:9f:75:ee:fe:28:b5:ed:35:e7:
39:61:26:14:0e:51:57:f5:b8:ad:97:40:32:81:b7:a8:40:5b:
72:fc:f3:5e:6e:2e:67:13:77:7c:0d:06:49:8f:2f:ea:0a:e8:
43:f0:cb:28:3e:90:04:d1:fb:43:04:3d:62:2f:c6:7f:50:c8:
a1:95:6c:af:13:6b:2f:eb:de:63:e8:79:a9:7e:28:3b:ba:80:
be:15:e9:cc:71:ad:38:e1:d7:d3:ee:61:8f:d7:bb:f2:f3:8c:
ba:4e:c6:81:56:ac:5e:78:cc:4c:85:1d:66:25:de:d2:30:34:
22:86:ec:e7:87:70:66:f0:21:d5:7f:0a:9b:20:df:db:e4:8b:
4c:0a:b5:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfHLxqeekZr6fLnAwkyeHgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MTYyMTAyZTVhM2MwYWVlYWI2M2MyMWVkOTJhODA1ODI2
ZGI3YWEwHhcNMjUwNzAxMTgxMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2VjNDIzM2E0YmY2YWI5NWY0ZTg1MDBlM2JmNzM4Nzk5ZTRhYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvb2yFp/eN/DTyc+WGMcvhjlsMg4
V4YnAVUPkxVAR441gQecBwkFkKqkBVvprNggtCwwgODBzVZzYxAJ/MxXGaFD1Msq
YmwdJBKBZA7kMu9ZsRtuy2MtTaOjTTYw5K+4BNKcg5xUoasNo0H5lc/7AhJc2x6k
YULgXbpNzx0v/xef49/+B8IwfCjkR12uPbi/OglhA82ZtBm8uYNwqx7NNpbZQUMQ
+nmgA46RpL8mMEPfKjWA2k/LplD9WUWskQq4MiGFMCksLb5awYA2yTmdtz5gQsJY
9QDVxmBwwzsU9fRQamQWlqpuIF6wt6egQsDgtKhikYGHrSm6ClqWE9xiJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEzsQjOkv2q5X06FAOO/c4eZ5KyaMB8GA1UdIwQY
MBaAFKYWIQLlo8Cu6rY8Ie2SqAWCbbeqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhZaEF1V2p3SzdxdGp3aDdaS29CWUp0dDZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83ZGQyNWQtYTUyMS00NzljLTk4OGIt
OWNlZTc3YmM1MjIyLzEvVE94Q002U19hcmxmVG9VQTQ3OXpoNW5rckpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83ZGQyNWQtYTUyMS00NzljLTk4OGItOWNlZTc3YmM1MjIy
LzEvcGhZaEF1V2p3SzdxdGp3aDdaS29CWUp0dDZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVAAwQC
sHVQMA0GCSqGSIb3DQEBCwUAA4IBAQB7xofC2Zb8CQc3LfVzBrs0J6WKZovWA/d2
WRdQL9TohtWvRsF41J8EuY1EDdZgXXvI5A7SRf+QDHL+aSCSi9JbMn6nigTkqEFz
WcELZMY+PfPiWIwzVpgDjoWIoLfXHkhUM3JVH1G1//WrDGjxGarzT76rYsifde7+
KLXtNec5YSYUDlFX9bitl0AygbeoQFty/PNebi5nE3d8DQZJjy/qCuhD8MsoPpAE
0ftDBD1iL8Z/UMihlWyvE2sv695j6Hmpfig7uoC+FenMca044dfT7mGP17vy84y6
TsaBVqxeeMxMhR1mJd7SMDQihuznh3Bm8CHVfwqbIN/b5ItMCrWW
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:50:13 2025 by rpki-client