Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/l2z6jen0BvB90JFFcv4xMvXKDU4.roa
File: l2z6jen0BvB90JFFcv4xMvXKDU4.roa (raw, json)
Hash identifier: 3LW90buItGbBk8vwyzdEvNmU4J6IAwriJoEjk0Q8hlI=
Subject key identifier: 97:6C:FA:8D:E9:F4:06:F0:7D:D0:91:45:72:FE:31:32:F5:CA:0D:4E
Certificate issuer: /CN=d031655023bd141731d56fb8453ff0514f728865
Certificate serial: 0196D9208962D215E64C7D754C58EB7ACF6B
Authority key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/l2z6jen0BvB90JFFcv4xMvXKDU4.roa
Signing time: Fri 16 May 2025 12:45:10 +0000
ROA not before: Fri 16 May 2025 12:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59862
IP address blocks: 84.247.36.0/22 maxlen: 22
85.8.172.0/22 maxlen: 22
85.204.172.0/22 maxlen: 22
85.204.172.0/24 maxlen: 24
85.204.173.0/24 maxlen: 24
85.204.174.0/24 maxlen: 24
85.204.175.0/24 maxlen: 24
93.119.20.0/23 maxlen: 23
93.119.20.0/24 maxlen: 24
93.119.21.0/24 maxlen: 24
93.119.22.0/24 maxlen: 24
153.92.176.0/22 maxlen: 22
153.92.176.0/24 maxlen: 24
153.92.177.0/24 maxlen: 24
153.92.178.0/24 maxlen: 24
153.92.179.0/24 maxlen: 24
176.223.88.0/21 maxlen: 21
176.223.88.0/22 maxlen: 22
176.223.92.0/22 maxlen: 22
185.63.88.0/22 maxlen: 22
185.63.88.0/24 maxlen: 24
185.63.89.0/24 maxlen: 24
185.63.90.0/24 maxlen: 24
185.63.91.0/24 maxlen: 24
185.195.4.0/22 maxlen: 22
188.215.20.0/22 maxlen: 22
188.215.20.0/24 maxlen: 24
188.215.21.0/24 maxlen: 24
188.215.22.0/24 maxlen: 24
188.215.23.0/24 maxlen: 24
2a03:a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d9:20:89:62:d2:15:e6:4c:7d:75:4c:58:eb:7a:cf:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d031655023bd141731d56fb8453ff0514f728865
Validity
Not Before: May 16 12:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=976cfa8de9f406f07dd0914572fe3132f5ca0d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:a4:ce:31:f8:6d:21:30:64:88:9b:53:c5:
42:4e:da:4c:fe:7e:d3:f4:86:26:c9:02:d4:cc:8c:
aa:4f:d3:48:3f:a4:a4:e3:c0:4d:cf:b9:fa:c9:9c:
e6:3b:fe:e3:b0:7a:11:b1:c7:66:df:4f:be:57:35:
fb:45:41:5d:fc:aa:66:8f:48:bb:64:af:4e:cf:f1:
af:6e:87:9c:e9:a5:8b:4f:dd:56:7e:65:9d:89:f0:
89:1c:af:ba:2f:25:ec:23:09:cc:e8:76:c8:17:66:
36:a7:92:33:f7:68:23:8e:10:62:b6:14:28:b0:32:
37:8b:30:e0:af:69:95:ca:b5:33:ff:38:fd:70:4a:
2b:03:55:e6:23:92:f0:e5:f6:d4:e1:48:23:d4:d7:
05:b3:f9:68:23:0d:2c:4b:56:46:fe:42:a7:6e:3e:
bd:c8:e4:53:02:86:bb:63:a7:d6:81:56:c1:82:6f:
4f:0b:64:19:af:46:63:c4:90:20:23:99:dd:aa:a8:
d8:19:0d:ae:ef:3d:df:e9:10:b1:81:89:4e:16:f4:
b3:d2:e8:0e:50:07:60:fd:9e:ac:0e:09:96:e3:28:
ac:0c:bd:d0:3d:cc:61:7d:03:08:e4:b6:b7:05:5b:
ef:23:fb:04:d5:be:b7:5e:b0:ed:7d:bb:3e:1c:5f:
46:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6C:FA:8D:E9:F4:06:F0:7D:D0:91:45:72:FE:31:32:F5:CA:0D:4E
X509v3 Authority Key Identifier:
keyid:D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/l2z6jen0BvB90JFFcv4xMvXKDU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.36.0/22
85.8.172.0/22
85.204.172.0/22
93.119.20.0-93.119.22.255
153.92.176.0/22
176.223.88.0/21
185.63.88.0/22
185.195.4.0/22
188.215.20.0/22
IPv6:
2a03:a60::/32
Signature Algorithm: sha256WithRSAEncryption
bb:62:97:d7:83:b8:0f:65:13:ea:c2:bc:fb:a2:f9:82:1e:ea:
8d:5e:8f:47:2b:ae:db:f8:a0:2c:92:40:89:4e:f2:32:55:2b:
14:76:a2:5e:3d:3f:d1:56:1d:68:8f:28:fe:1d:a0:95:ff:83:
e9:3e:e5:c5:98:e7:c6:df:b8:08:bd:8c:00:59:fc:8d:a7:9d:
9d:e7:e4:ac:81:e0:00:72:95:d6:0b:22:18:4b:2d:4c:8f:70:
5e:aa:ad:0f:74:84:51:b3:ea:4d:45:23:07:17:ab:41:4d:58:
8e:87:96:50:57:3c:dc:ac:d1:58:34:04:3d:5f:b6:30:10:b8:
a7:03:8d:f0:22:48:e7:f3:9d:75:08:df:5b:3a:f6:29:b4:59:
f6:19:94:92:20:38:66:d6:93:a5:19:e6:86:f7:49:17:e4:fe:
84:13:af:f8:c5:2c:e6:35:f6:59:77:0b:27:40:49:77:be:33:
bd:3e:0d:8f:aa:49:e3:d2:7a:1a:a8:b8:31:47:03:e1:cd:6f:
62:ce:0a:fb:2f:ef:94:ef:b0:f6:8d:bc:7c:14:e5:70:ae:22:
3a:dd:d6:38:8d:74:7a:ae:63:95:7e:56:8a:c6:cb:e0:3b:d3:
53:10:22:40:e3:32:5f:a1:b2:cc:4b:8d:0a:dd:89:bb:57:a1:
b0:fe:6d:96
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZbZIIli0hXmTH11TFjres9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzE2NTUwMjNiZDE0MTczMWQ1NmZiODQ1M2ZmMDUxNGY3
Mjg4NjUwHhcNMjUwNTE2MTI0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZjZmE4ZGU5ZjQwNmYwN2RkMDkxNDU3MmZlMzEzMmY1Y2EwZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph6kzjH4bSEwZIibU8VCTtpM/n7T
9IYmyQLUzIyqT9NIP6Sk48BNz7n6yZzmO/7jsHoRscdm30++VzX7RUFd/Kpmj0i7
ZK9Oz/Gvboec6aWLT91WfmWdifCJHK+6LyXsIwnM6HbIF2Y2p5Iz92gjjhBithQo
sDI3izDgr2mVyrUz/zj9cEorA1XmI5Lw5fbU4Ugj1NcFs/loIw0sS1ZG/kKnbj69
yORTAoa7Y6fWgVbBgm9PC2QZr0ZjxJAgI5ndqqjYGQ2u7z3f6RCxgYlOFvSz0ugO
UAdg/Z6sDgmW4yisDL3QPcxhfQMI5La3BVvvI/sE1b63XrDtfbs+HF9GhQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFJds+o3p9AbwfdCRRXL+MTL1yg1OMB8GA1UdIwQY
MBaAFNAxZVAjvRQXMdVvuEU/8FFPcohlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5Nzkt
ZDhiZDJmNTZiYzhjLzEvbDJ6NmplbjBCdkI5MEpGRmN2NHhNdlhLRFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5NzktZDhiZDJmNTZiYzhj
LzEvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCVPckAwQC
VQisAwQCVcysMAwDBAJddxQDBABddxYDBAKZXLADBAOw31gDBAK5P1gDBAK5wwQD
BAK81xQwDQQCAAIwBwMFACoDCmAwDQYJKoZIhvcNAQELBQADggEBALtil9eDuA9l
E+rCvPui+YIe6o1ej0crrtv4oCySQIlO8jJVKxR2ol49P9FWHWiPKP4doJX/g+k+
5cWY58bfuAi9jABZ/I2nnZ3n5KyB4AByldYLIhhLLUyPcF6qrQ90hFGz6k1FIwcX
q0FNWI6HllBXPNys0Vg0BD1ftjAQuKcDjfAiSOfznXUI31s69im0WfYZlJIgOGbW
k6UZ5ob3SRfk/oQTr/jFLOY19ll3CydASXe+M70+DY+qSePSehqouDFHA+HNb2LO
Cvsv75TvsPaNvHwU5XCuIjrd1jiNdHquY5V+VorGy+A701MQIkDjMl+hssxLjQrd
ibtXobD+bZY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:28:09 2025 by rpki-client