Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/CR0O9THgDf2yJ1WJ8M9CFBS09z8.roa
File: CR0O9THgDf2yJ1WJ8M9CFBS09z8.roa (raw, json)
Hash identifier: W2U6i/eYQeAI+L7j5m9zsl4/fNZAaj//uliYO7ujUKE=
Subject key identifier: 09:1D:0E:F5:31:E0:0D:FD:B2:27:55:89:F0:CF:42:14:14:B4:F7:3F
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0197F3EAA934F7B718E11A82E246B46A5E61
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/CR0O9THgDf2yJ1WJ8M9CFBS09z8.roa
Signing time: Thu 10 Jul 2025 10:38:51 +0000
ROA not before: Thu 10 Jul 2025 10:38:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:ea:a9:34:f7:b7:18:e1:1a:82:e2:46:b4:6a:5e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 10 10:38:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=091d0ef531e00dfdb2275589f0cf421414b4f73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:68:23:26:5b:58:7f:cb:4d:5f:64:da:37:
73:1f:b4:92:26:ec:f6:33:a9:5e:c3:0a:8f:09:5e:
f4:69:1e:59:b2:65:53:e2:f0:f9:ef:5e:53:5c:ab:
34:39:bd:8a:e9:ca:e8:80:5f:78:e1:35:18:af:cc:
68:fa:a7:67:32:cb:e0:2c:bd:19:78:8f:90:79:48:
88:95:fb:43:2e:00:50:02:2b:c2:ef:39:2a:8c:44:
6b:dd:27:46:40:54:db:29:9a:84:51:f7:ed:93:68:
17:05:48:16:6c:6b:f4:23:15:37:d4:a7:72:09:8e:
96:84:12:06:61:5b:14:fd:39:98:83:42:20:1f:79:
88:af:c3:5e:dd:58:65:de:e6:f9:47:2a:33:89:2a:
c5:64:89:db:d7:87:97:83:ea:ff:33:d3:a8:ee:af:
cb:7e:bd:aa:a7:f9:83:ec:b3:b1:c4:34:91:5a:f6:
51:70:d0:ba:7c:cc:c5:26:a7:7a:aa:0d:bd:4b:6e:
e7:01:52:a8:45:43:51:f8:24:55:79:b0:76:db:bc:
b2:60:45:95:41:c7:c7:2a:fe:e8:a0:22:0d:3f:ed:
dc:f7:ef:fb:d7:a6:07:a3:5a:cb:fc:2e:11:a9:b3:
96:ee:b3:ca:a7:4e:a5:33:0e:07:0b:a9:e1:53:39:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1D:0E:F5:31:E0:0D:FD:B2:27:55:89:F0:CF:42:14:14:B4:F7:3F
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/CR0O9THgDf2yJ1WJ8M9CFBS09z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
195.214.212.0/22
IPv6:
2a01:d0:303::/48
2a01:d0:305::/48
2a01:d0:308::/48
2a01:d0:317::/48
2a01:d0:31d::/48
2a01:d0:333::/48
2a01:d0:962::/48
2a01:d0:1657::/48
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:3a:e8:ad:e2:11:36:d9:49:a5:11:77:5a:ee:cd:00:d0:59:
47:f4:55:69:62:3d:e2:e4:b7:08:2c:9a:c3:2d:17:46:62:94:
39:d4:8e:e2:f1:e0:84:5a:03:c1:e2:8b:d0:4d:41:a2:53:0d:
82:9a:cd:77:60:97:cf:81:22:a0:57:ce:74:60:40:5e:ac:ff:
53:ae:f7:6a:52:14:25:d7:e3:94:96:df:97:21:35:80:f8:e2:
0a:d6:39:2d:b4:1c:15:15:85:f4:ce:25:e0:64:65:01:8a:02:
56:04:9b:18:a0:e0:31:d3:d4:b7:ba:25:bb:57:96:f4:60:53:
8b:4f:d3:17:35:89:24:4e:93:4e:1c:c4:f5:23:85:cd:99:c2:
6c:f2:21:a3:47:3c:eb:13:70:f3:37:d6:75:67:d7:e0:e5:68:
f8:ff:1a:de:b5:2e:97:47:f9:23:64:22:56:d6:51:19:b0:7c:
cb:1a:e5:52:60:d3:1e:d9:32:7d:88:b1:06:ec:6d:b2:11:f9:
80:8f:1d:84:37:51:77:07:ae:01:89:11:fb:91:5b:a7:a7:e7:
63:aa:e8:21:9b:a2:12:71:83:be:02:48:28:b4:4f:10:5b:fd:
4e:ea:f9:37:cb:b2:6c:84:fe:69:8c:37:9c:60:fd:2d:0c:1e:
14:f4:ca:48
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZfz6qk097cY4RqC4ka0al5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNzEwMTAzODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFkMGVmNTMxZTAwZGZkYjIyNzU1ODlmMGNmNDIxNDE0YjRmNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsVoIyZbWH/LTV9k2jdzH7SSJuz2
M6lewwqPCV70aR5ZsmVT4vD5715TXKs0Ob2K6crogF944TUYr8xo+qdnMsvgLL0Z
eI+QeUiIlftDLgBQAivC7zkqjERr3SdGQFTbKZqEUfftk2gXBUgWbGv0IxU31Kdy
CY6WhBIGYVsU/TmYg0IgH3mIr8Ne3Vhl3ub5RyoziSrFZInb14eXg+r/M9Oo7q/L
fr2qp/mD7LOxxDSRWvZRcNC6fMzFJqd6qg29S27nAVKoRUNR+CRVebB227yyYEWV
QcfHKv7ooCINP+3c9+/716YHo1rL/C4RqbOW7rPKp06lMw4HC6nhUzkrvwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFAkdDvUx4A39sidVifDPQhQUtPc/MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvQ1IwTzlUSGdEZjJ5SjFXSjhNOUNGQlMwOXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDAkBAIAATAeAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQCw9bUMGAEAgACMFoDBwAqAQDQAwMDBwAqAQDQ
AwUDBwAqAQDQAwgDBwAqAQDQAxcDBwAqAQDQAx0DBwAqAQDQAzMDBwAqAQDQCWID
BwAqAQDQFlcwEAMHACoBANB//wMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAF46
6K3iETbZSaURd1ruzQDQWUf0VWliPeLktwgsmsMtF0ZilDnUjuLx4IRaA8Hii9BN
QaJTDYKazXdgl8+BIqBXznRgQF6s/1Ou92pSFCXX45SW35chNYD44grWOS20HBUV
hfTOJeBkZQGKAlYEmxig4DHT1Le6JbtXlvRgU4tP0xc1iSROk04cxPUjhc2Zwmzy
IaNHPOsTcPM31nVn1+DlaPj/Gt61LpdH+SNkIlbWURmwfMsa5VJg0x7ZMn2IsQbs
bbIR+YCPHYQ3UXcHrgGJEfuRW6en52Oq6CGbohJxg74CSCi0TxBb/U7q+TfLsmyE
/mmMN5xg/S0MHhT0ykg=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:11:06 2025 by rpki-client