Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7LfZ34jkVj6-hsL2r7ECksqembM.roa
File: 7LfZ34jkVj6-hsL2r7ECksqembM.roa (raw, json)
Hash identifier: KK5qcoPr8RyUr7Oi3j2Zv7SSNXcoriOx3nxYfmh17TY=
Subject key identifier: EC:B7:D9:DF:88:E4:56:3E:BE:86:C2:F6:AF:B1:02:92:CA:9E:99:B3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0196C0410BF9EA100C1639D3B2877C96166C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7LfZ34jkVj6-hsL2r7ECksqembM.roa
Signing time: Sun 11 May 2025 16:50:10 +0000
ROA not before: Sun 11 May 2025 16:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
194.238.92.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:41:0b:f9:ea:10:0c:16:39:d3:b2:87:7c:96:16:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: May 11 16:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecb7d9df88e4563ebe86c2f6afb10292ca9e99b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:3b:e6:3d:a0:73:c4:2f:f5:c4:ae:21:ae:
e2:73:fd:18:52:66:38:4e:80:59:22:80:07:51:aa:
ab:c2:03:60:8a:50:0a:45:ad:5d:2e:56:fc:01:6d:
8d:b0:ae:01:6b:ec:80:32:ce:24:ea:80:1e:03:ae:
45:b1:c7:06:52:ed:16:48:12:3b:0f:01:80:3e:18:
57:82:f8:4c:d8:f5:a9:29:5b:49:6d:51:b2:d9:8a:
bf:e6:6d:9c:0e:85:37:00:b6:ec:25:7e:e1:76:d6:
51:c8:4e:d5:ca:ac:ad:f1:a0:8b:50:ca:cb:08:8f:
76:91:1e:b1:37:9c:f6:0f:18:d6:af:07:a4:0e:56:
0f:84:7e:1f:0e:40:b5:80:b5:66:10:34:af:76:0d:
6b:9a:48:b5:68:c6:62:7e:62:88:80:1f:95:52:bf:
33:73:3b:e4:58:e3:89:5e:93:42:49:97:b5:d1:30:
8b:78:67:d5:a8:40:e0:88:63:cb:1d:c8:e5:50:1d:
48:54:5f:66:d6:dd:8a:a0:70:db:6d:a5:50:c3:14:
fd:df:71:e5:87:ed:d0:42:2b:99:8c:52:db:6e:70:
7a:65:83:d1:4e:7a:d4:0a:5d:11:57:5d:12:f3:22:
19:70:a6:32:7b:c2:f6:10:5e:a1:fb:fe:1a:0b:34:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B7:D9:DF:88:E4:56:3E:BE:86:C2:F6:AF:B1:02:92:CA:9E:99:B3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7LfZ34jkVj6-hsL2r7ECksqembM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.80.0/20
213.18.192.0/22
Signature Algorithm: sha256WithRSAEncryption
40:8b:a1:b5:17:b5:42:f5:86:51:de:83:30:3c:63:d4:49:2d:
24:3e:1c:b4:df:6e:0b:b1:54:aa:2a:45:48:09:49:25:d8:3f:
86:ab:9c:7d:a8:4d:10:71:06:ed:39:59:68:95:25:8c:c7:b7:
c1:6a:f7:df:c0:50:ff:aa:2e:dd:0e:54:df:a1:59:c1:d2:cf:
57:c1:59:41:65:18:63:69:43:2a:b2:63:d4:ee:4b:db:ef:00:
b4:42:10:2f:58:82:d6:42:c1:63:ee:9f:f4:52:3c:1c:e2:62:
0d:d6:b2:ef:b5:a5:19:aa:e5:fe:06:39:5f:0a:66:54:5b:bd:
2c:ca:36:13:30:f3:41:7d:6b:ab:f4:01:0e:af:de:40:63:28:
24:30:08:48:70:0a:9c:30:fa:c9:e5:c7:be:eb:7c:8c:3d:d4:
61:9b:9b:8b:9e:d4:36:ac:c9:b0:11:8e:7f:4e:d5:45:0a:c4:
d0:c6:17:6f:43:0a:02:cf:96:8e:df:9f:0f:67:7c:fb:92:0d:
68:0e:4f:73:8b:69:45:f8:78:53:80:67:3a:58:a1:5b:44:15:
32:a2:0e:fe:ec:d7:35:3a:88:22:fc:81:99:d4:4d:15:49:a0:
82:c5:7f:44:6e:21:1a:a5:78:9a:d5:e9:3f:5b:47:89:91:19:
47:40:54:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbAQQv56hAMFjnTsod8lhZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNTExMTY1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I3ZDlkZjg4ZTQ1NjNlYmU4NmMyZjZhZmIxMDI5MmNhOWU5OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ475j2gc8Qv9cSuIa7ic/0YUmY4
ToBZIoAHUaqrwgNgilAKRa1dLlb8AW2NsK4Ba+yAMs4k6oAeA65FsccGUu0WSBI7
DwGAPhhXgvhM2PWpKVtJbVGy2Yq/5m2cDoU3ALbsJX7hdtZRyE7Vyqyt8aCLUMrL
CI92kR6xN5z2DxjWrwekDlYPhH4fDkC1gLVmEDSvdg1rmki1aMZifmKIgB+VUr8z
czvkWOOJXpNCSZe10TCLeGfVqEDgiGPLHcjlUB1IVF9m1t2KoHDbbaVQwxT933Hl
h+3QQiuZjFLbbnB6ZYPRTnrUCl0RV10S8yIZcKYye8L2EF6h+/4aCzQUSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOy32d+I5FY+vobC9q+xApLKnpmzMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvN0xmWjM0amtWajYtaHNMMnI3RUNrc3FlbWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEwu5QAwQC
1RLAMA0GCSqGSIb3DQEBCwUAA4IBAQBAi6G1F7VC9YZR3oMwPGPUSS0kPhy0324L
sVSqKkVICUkl2D+Gq5x9qE0QcQbtOVlolSWMx7fBavffwFD/qi7dDlTfoVnB0s9X
wVlBZRhjaUMqsmPU7kvb7wC0QhAvWILWQsFj7p/0Ujwc4mIN1rLvtaUZquX+Bjlf
CmZUW70syjYTMPNBfWur9AEOr95AYygkMAhIcAqcMPrJ5ce+63yMPdRhm5uLntQ2
rMmwEY5/TtVFCsTQxhdvQwoCz5aO358PZ3z7kg1oDk9zi2lF+HhTgGc6WKFbRBUy
og7+7Nc1Oogi/IGZ1E0VSaCCxX9EbiEapXia1ek/W0eJkRlHQFQa
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:35:21 2025 by rpki-client