Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/c4vYqF1tYFnE7ufF7Vande4OrQk.roa
File: c4vYqF1tYFnE7ufF7Vande4OrQk.roa (raw, json)
Hash identifier: SGC5C7DpLVwd//1nD74m+Qyq9Cj3MluNv7n0feydZ0c=
Subject key identifier: 73:8B:D8:A8:5D:6D:60:59:C4:EE:E7:C5:ED:56:A7:75:EE:0E:AD:09
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0196C0410BC337FA0A03F9461A1C6B955D56
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/c4vYqF1tYFnE7ufF7Vande4OrQk.roa
Signing time: Sun 11 May 2025 16:50:10 +0000
ROA not before: Sun 11 May 2025 16:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
194.238.92.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:41:0b:c3:37:fa:0a:03:f9:46:1a:1c:6b:95:5d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: May 11 16:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=738bd8a85d6d6059c4eee7c5ed56a775ee0ead09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8a:17:1b:fb:04:ba:a1:92:c1:99:39:0d:9f:
ce:59:cb:0a:4a:a0:b7:68:13:e5:b6:60:62:9e:3d:
25:46:1f:bd:66:84:31:26:54:55:74:68:7c:bb:85:
d8:b9:f0:03:57:14:90:f1:a5:28:98:14:3c:4f:10:
b6:83:a0:e5:5a:a7:b6:c6:7f:7d:5c:72:6e:23:92:
3e:4d:05:9f:e9:e1:fb:29:39:79:4e:aa:fc:74:f9:
0b:67:67:f9:83:ed:eb:94:ac:1a:79:51:0d:fd:e5:
20:53:c3:15:16:2c:92:04:bb:72:f1:4e:d9:67:42:
ee:f5:b7:83:20:ab:0e:97:3a:4f:f1:26:ed:4e:75:
67:dd:f1:ef:4c:dc:d3:12:2d:7f:18:9c:cb:df:4d:
3d:85:11:36:5c:93:94:4b:99:6b:41:b3:75:55:ae:
69:0c:ee:22:ea:65:d8:88:b9:9d:9b:00:7b:d8:c5:
4f:ca:5f:50:ea:31:0a:7a:9f:9f:cd:2c:0a:bc:53:
66:8e:38:a1:39:6d:f0:d9:ad:4c:16:d5:42:b5:99:
3b:e3:aa:fd:42:c3:ca:69:87:61:74:9a:bc:ac:9d:
1a:21:12:c0:30:aa:5d:53:4b:f6:a2:f8:d2:6b:9b:
4c:f6:85:1a:11:6e:8c:09:5f:e7:84:f6:6c:0a:80:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8B:D8:A8:5D:6D:60:59:C4:EE:E7:C5:ED:56:A7:75:EE:0E:AD:09
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/c4vYqF1tYFnE7ufF7Vande4OrQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0/20
213.18.192.0/22
213.18.216.0/22
217.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:67:d4:a3:23:d1:4f:9a:07:0c:f7:45:f8:01:a9:53:ec:87:
ff:7d:ab:c3:36:75:fe:98:fe:b3:c0:90:8a:e3:a8:91:87:f3:
68:c0:04:29:b6:bf:8b:f9:86:cd:0f:16:84:0e:dc:18:00:81:
b5:c7:b4:18:56:59:ff:3d:82:40:09:5f:e1:d4:29:b3:67:3b:
72:6c:f0:90:41:b9:6c:02:0a:4c:7f:d3:b0:58:66:e2:b4:f2:
bc:d2:a9:f2:d7:01:61:00:85:37:79:10:90:81:3e:36:3b:48:
91:05:59:04:07:28:53:e8:bd:70:83:c1:c5:b2:73:40:1c:ea:
9f:9c:18:f7:28:a9:c6:42:60:3a:5d:06:5d:c0:d8:d2:de:62:
79:2c:03:b0:2a:fa:a0:b7:6d:a2:94:8f:75:49:12:fa:3b:e6:
85:2b:6b:0c:e9:fb:4f:48:d2:43:d7:e3:00:50:eb:16:90:35:
74:ef:03:78:ff:59:2d:45:e6:8e:31:d4:c2:98:f4:81:be:9a:
99:f7:d0:3f:40:cb:7a:c8:7c:56:8b:82:bd:32:1c:25:1c:1e:
58:07:6a:63:f1:a1:b0:13:6a:fb:23:0f:2d:e9:b9:80:c3:05:
15:90:0e:7e:a2:87:e5:ff:59:65:46:a8:03:cc:f0:2b:98:c8:
9a:1d:22:d2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbAQQvDN/oKA/lGGhxrlV1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNTExMTY1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhiZDhhODVkNmQ2MDU5YzRlZWU3YzVlZDU2YTc3NWVlMGVhZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4oXG/sEuqGSwZk5DZ/OWcsKSqC3
aBPltmBinj0lRh+9ZoQxJlRVdGh8u4XYufADVxSQ8aUomBQ8TxC2g6DlWqe2xn99
XHJuI5I+TQWf6eH7KTl5Tqr8dPkLZ2f5g+3rlKwaeVEN/eUgU8MVFiySBLty8U7Z
Z0Lu9beDIKsOlzpP8SbtTnVn3fHvTNzTEi1/GJzL3009hRE2XJOUS5lrQbN1Va5p
DO4i6mXYiLmdmwB72MVPyl9Q6jEKep+fzSwKvFNmjjihOW3w2a1MFtVCtZk746r9
QsPKaYdhdJq8rJ0aIRLAMKpdU0v2ovjSa5tM9oUaEW6MCV/nhPZsCoDyTwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHOL2KhdbWBZxO7nxe1Wp3XuDq0JMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvYzR2WXFGMXRZRm5FN3VmRjdWYW5kZTRPclFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwu4sAwQC
wu5IAwQEwu5QAwQC1RLAAwQC1RLYAwQC2bVYMA0GCSqGSIb3DQEBCwUAA4IBAQCl
Z9SjI9FPmgcM90X4AalT7If/favDNnX+mP6zwJCK46iRh/NowAQptr+L+YbNDxaE
DtwYAIG1x7QYVln/PYJACV/h1CmzZztybPCQQblsAgpMf9OwWGbitPK80qny1wFh
AIU3eRCQgT42O0iRBVkEByhT6L1wg8HFsnNAHOqfnBj3KKnGQmA6XQZdwNjS3mJ5
LAOwKvqgt22ilI91SRL6O+aFK2sM6ftPSNJD1+MAUOsWkDV07wN4/1ktReaOMdTC
mPSBvpqZ99A/QMt6yHxWi4K9MhwlHB5YB2pj8aGwE2r7Iw8t6bmAwwUVkA5+oofl
/1llRqgDzPArmMiaHSLS
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:33:27 2025 by rpki-client