Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dTYCoTQrpAObMIbOwsLVJmMx6rY.roa
File: dTYCoTQrpAObMIbOwsLVJmMx6rY.roa (raw, json)
Hash identifier: 9yb4uggEoUymdz1SvMBf6ArQMZjuY5TSJvqDudZ2L3o=
Subject key identifier: 75:36:02:A1:34:2B:A4:03:9B:30:86:CE:C2:C2:D5:26:63:31:EA:B6
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01972F6C3AB250F95F07A23F944E14F956BC
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dTYCoTQrpAObMIbOwsLVJmMx6rY.roa
Signing time: Mon 02 Jun 2025 06:55:11 +0000
ROA not before: Mon 02 Jun 2025 06:55:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8362
IP address blocks: 80.10.40.0/24 maxlen: 24
92.179.0.0/16 maxlen: 20
92.188.0.0/16 maxlen: 24
194.51.85.0/24 maxlen: 24
194.206.79.0/24 maxlen: 24
194.206.126.0/24 maxlen: 24
195.6.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:6c:3a:b2:50:f9:5f:07:a2:3f:94:4e:14:f9:56:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jun 2 06:55:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753602a1342ba4039b3086cec2c2d5266331eab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:e2:54:0a:59:fb:80:35:2c:a2:ec:f7:41:
4c:31:00:f5:44:1b:1f:5e:8c:ca:ad:71:43:e2:03:
86:22:73:48:17:b2:4d:ae:ac:d7:f4:75:3d:6b:3b:
6f:c6:40:86:96:f7:17:0e:9b:81:50:8d:c2:96:d3:
9e:aa:f1:32:6c:4a:97:7a:4d:f8:d8:c3:9e:2f:22:
bb:2e:3d:1f:cc:9d:06:f1:6c:19:69:b6:6e:f3:2c:
4e:c6:c1:e6:66:81:18:5c:8e:ce:dc:b9:8d:99:de:
1e:35:cd:00:fe:4a:4e:8f:71:05:73:c4:a6:86:ed:
c3:ae:8b:f8:3f:fe:21:59:4f:00:4e:2e:19:59:e1:
af:b1:36:b2:49:2a:fb:e5:1e:c3:79:cd:3e:06:64:
28:9b:0c:18:1c:12:9e:3c:c9:98:59:70:e6:69:f9:
d1:a1:a9:c4:6b:40:ba:a9:be:17:a6:c5:ce:60:af:
53:aa:e6:0b:27:18:6a:4a:95:47:12:e6:1b:f3:d8:
a9:cd:80:38:46:12:af:61:f8:41:64:6f:6a:9e:23:
18:98:1e:ed:51:69:a8:30:80:3a:86:9f:e0:d4:ce:
fc:e8:51:29:20:98:2e:c2:0d:7b:fb:1f:cb:f4:f7:
13:c9:7a:eb:f1:b6:b2:20:bc:a6:c8:57:c7:01:3a:
28:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:36:02:A1:34:2B:A4:03:9B:30:86:CE:C2:C2:D5:26:63:31:EA:B6
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dTYCoTQrpAObMIbOwsLVJmMx6rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.10.40.0/24
92.179.0.0/16
92.188.0.0/16
194.51.85.0/24
194.206.79.0/24
194.206.126.0/24
195.6.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:d8:d6:bc:bc:0d:8b:66:02:72:16:b3:3a:26:13:da:78:8e:
92:25:12:de:e7:b3:32:1d:40:8a:4c:13:ae:df:d6:8c:bb:54:
96:68:b2:24:a8:9f:e6:7b:49:9c:83:31:8e:09:ed:85:86:5a:
33:a1:cf:b4:2f:ba:67:af:fc:57:f2:05:9d:e2:3d:4f:3f:c0:
24:f9:a5:2b:d7:78:80:95:0c:7e:1d:33:b1:5b:aa:1d:c7:e7:
42:a9:99:60:b0:c1:40:4c:ec:bb:ce:3b:11:aa:79:cd:9a:fe:
03:ec:fb:36:df:6d:20:ce:a4:93:5e:1e:e4:56:59:dc:73:00:
ec:24:9e:53:d0:97:71:5d:d4:c6:29:e6:69:3c:6d:47:f6:23:
d0:d9:86:2b:e6:69:25:19:02:b7:ba:26:d3:36:ba:cf:ad:0f:
4e:83:19:31:81:ff:cf:85:a0:4a:51:29:43:63:4d:06:68:9e:
77:aa:f6:b8:a0:a9:4e:fe:3a:63:94:db:f7:80:57:8d:85:ae:
00:6b:94:99:07:a5:73:31:80:b3:df:bb:31:d6:a6:c7:15:4b:
ee:24:fd:fe:e4:3b:96:95:c7:a0:30:d0:a6:48:0c:d3:24:18:
ae:47:99:94:60:dc:b8:29:8e:55:ad:0d:38:a0:48:f6:a8:53:
82:eb:5e:a0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZcvbDqyUPlfB6I/lE4U+Va8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwNjAyMDY1NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM2MDJhMTM0MmJhNDAzOWIzMDg2Y2VjMmMyZDUyNjYzMzFlYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKjiVApZ+4A1LKLs90FMMQD1RBsf
XozKrXFD4gOGInNIF7JNrqzX9HU9aztvxkCGlvcXDpuBUI3CltOeqvEybEqXek34
2MOeLyK7Lj0fzJ0G8WwZabZu8yxOxsHmZoEYXI7O3LmNmd4eNc0A/kpOj3EFc8Sm
hu3Drov4P/4hWU8ATi4ZWeGvsTaySSr75R7Dec0+BmQomwwYHBKePMmYWXDmafnR
oanEa0C6qb4XpsXOYK9TquYLJxhqSpVHEuYb89ipzYA4RhKvYfhBZG9qniMYmB7t
UWmoMIA6hp/g1M786FEpIJguwg17+x/L9PcTyXrr8bayILymyFfHAToo9wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHU2AqE0K6QDmzCGzsLC1SZjMeq2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZFRZQ29UUXJwQU9iTUliT3dzTFZKbU14NnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAUAooAwMA
XLMDAwBcvAMEAMIzVQMEAMLOTwMEAMLOfgMEAsMG9DANBgkqhkiG9w0BAQsFAAOC
AQEAHdjWvLwNi2YCchazOiYT2niOkiUS3uezMh1AikwTrt/WjLtUlmiyJKif5ntJ
nIMxjgnthYZaM6HPtC+6Z6/8V/IFneI9Tz/AJPmlK9d4gJUMfh0zsVuqHcfnQqmZ
YLDBQEzsu847Eap5zZr+A+z7Nt9tIM6kk14e5FZZ3HMA7CSeU9CXcV3UxinmaTxt
R/Yj0NmGK+ZpJRkCt7om0za6z60PToMZMYH/z4WgSlEpQ2NNBmied6r2uKCpTv46
Y5Tb94BXjYWuAGuUmQelczGAs9+7MdamxxVL7iT9/uQ7lpXHoDDQpkgM0yQYrkeZ
lGDcuCmOVa0NOKBI9qhTguteoA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:14:03 2025 by rpki-client