Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/g-_U_ZQ6WoPDtEKmmE8KB6VVy50.roa
File: g-_U_ZQ6WoPDtEKmmE8KB6VVy50.roa (raw, json)
Hash identifier: FKIdBJ4K6Ik/oTZWTfO7K6hztUPX1QWBSTQJtuPCOzE=
Subject key identifier: 83:EF:D4:FD:94:3A:5A:83:C3:B4:42:A6:98:4F:0A:07:A5:55:CB:9D
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0196CDC2FE0F2D0C8CAC8F408A3853A24F55
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/g-_U_ZQ6WoPDtEKmmE8KB6VVy50.roa
Signing time: Wed 14 May 2025 07:47:10 +0000
ROA not before: Wed 14 May 2025 07:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.240.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.196.0/22 maxlen: 24
213.18.208.0/22 maxlen: 24
213.18.220.0/22 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.44.0/22 maxlen: 24
217.177.48.0/22 maxlen: 24
217.177.52.0/22 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.80.0/22 maxlen: 24
217.179.124.0/22 maxlen: 24
217.179.220.0/22 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
217.180.61.0/24 maxlen: 24
217.181.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:c2:fe:0f:2d:0c:8c:ac:8f:40:8a:38:53:a2:4f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: May 14 07:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83efd4fd943a5a83c3b442a6984f0a07a555cb9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:06:61:3a:3d:cf:7b:1d:df:2d:d3:32:9a:86:
bb:17:c2:96:b7:27:78:c0:58:63:8c:41:6d:7c:e0:
a8:c4:ee:8a:fc:17:3e:e8:f9:a0:c8:51:b3:67:16:
5c:77:d4:04:3f:95:e0:4b:53:27:72:d9:1f:7a:2e:
6b:40:1b:e8:13:e8:90:06:af:fd:7b:29:71:23:e8:
7f:b9:79:dc:50:42:dc:1b:23:21:bf:1f:37:41:ee:
1f:d1:51:fd:f4:a6:2d:ca:aa:81:92:36:03:34:2f:
5f:6e:01:b2:2d:1c:ec:33:7e:fc:39:b9:0e:12:38:
5e:2d:95:f5:30:68:0b:4f:90:d8:22:94:27:87:21:
c8:21:8f:57:57:84:62:12:6d:23:56:00:41:37:70:
c2:b9:b5:49:57:9e:37:10:a0:a1:d8:52:d9:28:1d:
cd:9f:cf:82:6e:1b:1f:84:83:fe:a0:15:8e:f1:c3:
5c:9a:34:6f:6d:da:ee:de:1e:49:c7:e9:af:fe:db:
c3:6f:29:2e:32:5a:3a:0b:13:07:c2:ed:a0:30:71:
56:1c:be:9b:0a:c4:b1:15:85:f6:db:dd:e6:44:63:
ef:29:4e:ba:49:1f:a0:6a:1c:d5:f7:78:85:66:a5:
99:90:95:64:a8:8c:e3:89:2e:9b:fd:3c:08:58:ff:
6b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EF:D4:FD:94:3A:5A:83:C3:B4:42:A6:98:4F:0A:07:A5:55:CB:9D
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/g-_U_ZQ6WoPDtEKmmE8KB6VVy50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
194.238.78.0/23
213.18.196.0/22
213.18.208.0/22
213.18.220.0/22
213.18.245.0/24
217.177.0.0/21
217.177.44.0-217.177.55.255
217.179.56.0/22
217.179.72.0/22
217.179.80.0/22
217.179.124.0/22
217.179.220.0/22
217.180.12.0-217.180.14.255
217.180.20.0/24
217.180.22.0/23
217.180.38.0/24
217.180.45.0-217.180.46.255
217.180.59.0/24
217.180.61.0/24
217.181.80.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:be:ce:84:d5:ef:fd:e1:a2:e4:71:91:c7:f8:97:bc:f3:26:
16:29:e7:98:e7:1d:ef:37:ec:99:e9:44:67:17:a8:79:74:e2:
37:72:e7:11:02:1b:6c:84:7e:bd:c8:c1:08:16:6b:f0:6c:21:
0a:15:73:ca:7d:63:a7:fb:9e:57:5b:e4:4f:a5:f7:28:47:ad:
aa:5e:b9:dc:b4:a8:60:27:08:1f:78:f1:d2:ea:de:98:54:37:
fd:6c:9f:4a:1d:27:45:e1:20:a9:76:f2:52:f2:da:2b:2b:6f:
e0:0e:42:91:d5:b2:c9:c5:fb:f3:47:2e:71:fd:68:1c:ad:a8:
01:22:0b:cd:33:52:2c:8b:6f:90:26:b1:3a:2a:3b:fa:f1:c2:
fd:ae:07:9d:e7:54:8a:54:73:14:96:51:9f:8e:64:27:d3:33:
fd:f2:71:7c:41:a1:32:69:e1:97:f8:11:4b:6f:74:9a:b5:ea:
86:77:00:60:b6:d6:ff:39:34:2e:fb:12:c9:42:b5:4e:be:b4:
1d:60:8a:c2:f2:bf:e2:7e:22:9f:f3:b4:26:5e:5a:b3:8d:fa:
ef:20:c0:6f:82:f4:c5:d6:25:95:66:6f:de:a6:0b:6b:6c:f2:
7f:d9:85:e7:91:f0:8e:e1:8f:96:77:c2:0a:b0:e4:7a:01:a2:
aa:2d:c5:36
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZbNwv4PLQyMrI9AijhTok9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNTE0MDc0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2VmZDRmZDk0M2E1YTgzYzNiNDQyYTY5ODRmMGEwN2E1NTVjYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAZhOj3Pex3fLdMymoa7F8KWtyd4
wFhjjEFtfOCoxO6K/Bc+6PmgyFGzZxZcd9QEP5XgS1Mnctkfei5rQBvoE+iQBq/9
eylxI+h/uXncUELcGyMhvx83Qe4f0VH99KYtyqqBkjYDNC9fbgGyLRzsM378ObkO
EjheLZX1MGgLT5DYIpQnhyHIIY9XV4RiEm0jVgBBN3DCubVJV543EKCh2FLZKB3N
n8+CbhsfhIP+oBWO8cNcmjRvbdru3h5Jx+mv/tvDbykuMlo6CxMHwu2gMHFWHL6b
CsSxFYX2293mRGPvKU66SR+gahzV93iFZqWZkJVkqIzjiS6b/TwIWP9reQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIPv1P2UOlqDw7RCpphPCgelVcudMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvZy1fVV9aUTZXb1BEdEVLbW1FOEtCNlZWeTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAI+
q/ADBAHC7k4DBALVEsQDBALVEtADBALVEtwDBADVEvUDBAPZsQAwDAMEAtmxLAME
A9mxMAMEAtmzOAMEAtmzSAMEAtmzUAMEAtmzfAMEAtmz3DAMAwQC2bQMAwQA2bQO
AwQA2bQUAwQB2bQWAwQA2bQmMAwDBADZtC0DBADZtC4DBADZtDsDBADZtD0DBAPZ
tVAwDQYJKoZIhvcNAQELBQADggEBAG6+zoTV7/3houRxkcf4l7zzJhYp55jnHe83
7JnpRGcXqHl04jdy5xECG2yEfr3IwQgWa/BsIQoVc8p9Y6f7nldb5E+l9yhHrape
udy0qGAnCB948dLq3phUN/1sn0odJ0XhIKl28lLy2isrb+AOQpHVssnF+/NHLnH9
aBytqAEiC80zUiyLb5AmsToqO/rxwv2uB53nVIpUcxSWUZ+OZCfTM/3ycXxBoTJp
4Zf4EUtvdJq16oZ3AGC21v85NC77EslCtU6+tB1gisLyv+J+Ip/ztCZeWrON+u8g
wG+C9MXWJZVmb96mC2ts8n/ZheeR8I7hj5Z3wgqw5HoBoqotxTY=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:21:25 2025 by rpki-client