Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/S7m9vNahUOOZ_HH4EOue0mD6ojQ.roa
File: S7m9vNahUOOZ_HH4EOue0mD6ojQ.roa (raw, json)
Hash identifier: iuC6c5kNWQOil5E1FXRPC8YmUg8D3YuPN+o4r0R3VQc=
Subject key identifier: 4B:B9:BD:BC:D6:A1:50:E3:99:FC:71:F8:10:EB:9E:D2:60:FA:A2:34
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0196FC502C7BD58083EB2AE0CABE586C287D
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/S7m9vNahUOOZ_HH4EOue0mD6ojQ.roa
Signing time: Fri 23 May 2025 08:43:54 +0000
ROA not before: Fri 23 May 2025 08:43:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.8.0/23 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.72.0/21 maxlen: 21
82.206.80.0/21 maxlen: 21
82.206.80.0/22 maxlen: 24
82.206.84.0/22 maxlen: 24
82.206.88.0/21 maxlen: 21
82.206.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:50:2c:7b:d5:80:83:eb:2a:e0:ca:be:58:6c:28:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: May 23 08:43:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bb9bdbcd6a150e399fc71f810eb9ed260faa234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a4:15:f9:2f:a0:7e:05:89:5d:f0:e8:7d:aa:
a2:af:0a:b4:a8:23:3e:c2:05:23:1f:e8:8b:67:b1:
f7:aa:5e:80:11:aa:d7:66:f9:64:32:84:83:96:5a:
a7:b7:59:f3:5d:1b:dc:98:38:80:59:5d:22:1b:69:
d2:6b:70:b5:c4:27:78:f1:2c:b2:9c:24:67:78:75:
96:e6:41:90:90:b7:ca:cc:cd:55:24:f4:06:34:5b:
2e:18:d8:c1:5b:48:58:f9:2b:b0:51:07:5e:bf:2e:
ab:1a:80:1c:52:43:4e:fb:51:0d:73:f4:a8:53:49:
a5:5f:e6:37:b4:7f:2b:4d:41:6d:9d:9c:d1:57:c1:
65:56:e5:d4:99:f6:0c:06:1c:1b:e5:cd:08:b7:a5:
80:9d:1d:a8:23:59:63:b3:dd:cc:42:68:09:94:e6:
88:e3:0f:de:1d:48:3a:93:fb:05:d3:5e:71:dc:fd:
e3:7d:ff:51:ca:b6:8b:bb:5a:08:a1:b2:d3:cd:6f:
f1:ae:77:c0:66:f3:43:36:1f:bb:bc:c5:f2:ef:c9:
30:52:cc:1a:4b:23:31:16:36:54:cc:24:57:92:54:
94:3f:c0:9e:01:0c:81:ce:e0:7f:89:99:2b:9b:a8:
87:d4:13:d4:98:07:06:bf:d8:d4:4d:10:89:dc:18:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B9:BD:BC:D6:A1:50:E3:99:FC:71:F8:10:EB:9E:D2:60:FA:A2:34
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/S7m9vNahUOOZ_HH4EOue0mD6ojQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.9.255
82.206.16.0/22
82.206.72.0-82.206.111.255
Signature Algorithm: sha256WithRSAEncryption
87:f6:3b:dc:da:0f:3b:db:94:91:17:c5:a6:33:e3:fc:d5:70:
f0:a5:41:c5:f3:8f:2b:4d:5f:60:c4:fb:7d:f0:e2:ef:b0:7b:
69:c3:b2:97:17:48:a4:41:6d:64:6a:2b:aa:c4:a4:3f:ad:66:
b1:cc:80:31:e5:88:8a:8d:01:79:dc:6f:5f:19:66:08:c3:9a:
3e:26:86:62:90:30:73:9c:0c:c2:22:17:ee:b1:d0:c8:72:a6:
23:d2:f7:8e:7b:b5:2e:d1:ac:e5:e9:26:72:c7:30:26:85:75:
e9:f4:dc:ef:bf:e3:5a:da:c9:a0:a2:6b:08:24:76:71:6f:bb:
fb:b9:cc:56:6a:f8:a5:bb:eb:88:2e:53:c0:a6:04:36:bb:98:
01:fe:35:5a:d4:8d:26:37:14:e9:7a:fe:2a:3b:6d:31:c5:f7:
2c:f1:d9:f8:25:47:60:e8:8e:c0:54:8c:9e:c1:99:b7:c2:64:
76:ff:48:79:6c:79:ae:04:69:ef:0a:ac:5a:f2:26:7c:cc:68:
5b:b8:72:9d:2a:b1:89:ab:81:0f:6f:92:a0:f8:99:1e:26:72:
ed:e8:8d:15:44:84:b1:34:4b:c0:44:2e:dc:1f:ec:ca:7a:90:
ec:d2:8f:94:25:7c:04:06:65:48:ce:63:76:fb:4b:6d:2e:74:
8a:c6:73:23
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZb8UCx71YCD6yrgyr5YbCh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwNTIzMDg0MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI5YmRiY2Q2YTE1MGUzOTlmYzcxZjgxMGViOWVkMjYwZmFhMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aQV+S+gfgWJXfDofaqirwq0qCM+
wgUjH+iLZ7H3ql6AEarXZvlkMoSDllqnt1nzXRvcmDiAWV0iG2nSa3C1xCd48Syy
nCRneHWW5kGQkLfKzM1VJPQGNFsuGNjBW0hY+SuwUQdevy6rGoAcUkNO+1ENc/So
U0mlX+Y3tH8rTUFtnZzRV8FlVuXUmfYMBhwb5c0It6WAnR2oI1ljs93MQmgJlOaI
4w/eHUg6k/sF015x3P3jff9RyraLu1oIobLTzW/xrnfAZvNDNh+7vMXy78kwUswa
SyMxFjZUzCRXklSUP8CeAQyBzuB/iZkrm6iH1BPUmAcGv9jUTRCJ3BiatwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEu5vbzWoVDjmfxx+BDrntJg+qI0MB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvUzdtOXZOYWhVT09aX0hINEVPdWUwbUQ2b2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAFSzgID
BAFSzggDBAJSzhAwDAMEA1LOSAMEBFLOYDANBgkqhkiG9w0BAQsFAAOCAQEAh/Y7
3NoPO9uUkRfFpjPj/NVw8KVBxfOPK01fYMT7ffDi77B7acOylxdIpEFtZGorqsSk
P61mscyAMeWIio0BedxvXxlmCMOaPiaGYpAwc5wMwiIX7rHQyHKmI9L3jnu1LtGs
5ekmcscwJoV16fTc77/jWtrJoKJrCCR2cW+7+7nMVmr4pbvriC5TwKYENruYAf41
WtSNJjcU6Xr+KjttMcX3LPHZ+CVHYOiOwFSMnsGZt8Jkdv9IeWx5rgRp7wqsWvIm
fMxoW7hynSqxiauBD2+SoPiZHiZy7eiNFUSEsTRLwEQu3B/synqQ7NKPlCV8BAZl
SM5jdvtLbS50isZzIw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:00:50 2025 by rpki-client