Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6A3T6BTXJXfG8s08-iI7VmsrvS4.roa
File: 6A3T6BTXJXfG8s08-iI7VmsrvS4.roa (raw, json)
Hash identifier: SM/KdWNu2S+dPtnFI43Z6ECaAAAORa9iRhKhYe+WERE=
Subject key identifier: E8:0D:D3:E8:14:D7:25:77:C6:F2:CD:3C:FA:22:3B:56:6B:2B:BD:2E
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 01972FE74E11C13C37DBEAD8B9E3B95BA870
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6A3T6BTXJXfG8s08-iI7VmsrvS4.roa
Signing time: Mon 02 Jun 2025 09:09:37 +0000
ROA not before: Mon 02 Jun 2025 09:09:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 79.121.188.0/23 maxlen: 24
79.121.194.0/23 maxlen: 24
79.121.208.0/23 maxlen: 24
79.121.222.0/23 maxlen: 24
93.152.0.0/23 maxlen: 24
93.152.10.0/23 maxlen: 24
93.152.12.0/22 maxlen: 24
93.152.48.0/22 maxlen: 24
93.152.64.0/22 maxlen: 24
93.152.116.0/22 maxlen: 24
94.185.130.0/23 maxlen: 24
94.185.132.0/23 maxlen: 24
94.185.136.0/23 maxlen: 24
94.185.142.0/23 maxlen: 24
94.185.148.0/23 maxlen: 24
94.185.152.0/22 maxlen: 24
94.185.152.0/23 maxlen: 24
94.185.154.0/23 maxlen: 24
94.185.168.0/22 maxlen: 24
94.185.168.0/23 maxlen: 24
94.185.170.0/23 maxlen: 24
94.185.172.0/23 maxlen: 24
94.185.180.0/23 maxlen: 24
94.185.186.0/23 maxlen: 24
94.185.192.0/22 maxlen: 24
94.185.192.0/23 maxlen: 24
94.185.194.0/23 maxlen: 24
94.185.196.0/23 maxlen: 24
94.185.200.0/22 maxlen: 24
94.185.200.0/23 maxlen: 24
94.185.202.0/23 maxlen: 24
94.185.204.0/23 maxlen: 24
94.185.214.0/23 maxlen: 24
94.185.216.0/23 maxlen: 24
94.185.220.0/22 maxlen: 24
94.185.220.0/23 maxlen: 24
94.185.222.0/23 maxlen: 24
94.185.230.0/23 maxlen: 24
94.185.232.0/23 maxlen: 24
95.177.3.0/24 maxlen: 24
95.177.5.0/24 maxlen: 24
95.177.13.0/24 maxlen: 24
109.174.128.0/22 maxlen: 24
109.174.128.0/23 maxlen: 24
109.174.130.0/23 maxlen: 24
109.174.134.0/23 maxlen: 24
109.174.136.0/23 maxlen: 24
109.174.140.0/22 maxlen: 24
109.174.140.0/23 maxlen: 24
109.174.142.0/23 maxlen: 24
109.174.152.0/23 maxlen: 24
109.174.160.0/22 maxlen: 24
109.174.160.0/23 maxlen: 24
109.174.162.0/23 maxlen: 24
109.174.168.0/23 maxlen: 24
109.174.172.0/23 maxlen: 24
109.174.250.0/23 maxlen: 24
109.204.0.0/22 maxlen: 24
109.204.16.0/22 maxlen: 24
109.204.24.0/22 maxlen: 24
109.204.96.0/22 maxlen: 24
109.204.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:e7:4e:11:c1:3c:37:db:ea:d8:b9:e3:b9:5b:a8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jun 2 09:09:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e80dd3e814d72577c6f2cd3cfa223b566b2bbd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:52:8d:47:b5:b9:09:2e:1f:5c:36:88:e4:f1:
fb:aa:df:91:2f:7d:19:9c:a6:f3:ab:a4:48:5d:23:
c3:61:3e:19:74:8c:2c:cc:b9:a6:75:ad:b7:19:39:
c8:a5:69:63:46:55:1b:58:cf:6f:2f:40:2a:31:c7:
d6:7d:a8:e2:02:11:01:fe:ce:63:83:c8:7d:4a:a5:
fd:11:16:5f:32:ff:df:87:77:97:5a:e9:a6:7f:93:
13:d6:9c:d2:b6:82:64:10:b4:85:8d:c4:58:3f:20:
f8:dd:ed:ca:b5:50:00:aa:80:9e:95:4c:e6:b6:4f:
d6:f8:9d:77:79:64:8a:37:be:05:dd:ef:6e:ac:82:
28:54:66:52:93:e1:2b:61:de:eb:24:51:10:b8:26:
e0:4e:a1:08:a7:01:74:aa:dc:a1:84:01:39:83:18:
76:91:51:0a:ed:a8:ff:47:7a:c8:b7:00:2b:7d:eb:
68:ef:54:14:d6:fa:f2:ac:a0:b3:8d:15:92:8d:29:
d3:5f:27:fc:2d:2d:f2:14:fe:12:15:43:d7:d3:4c:
40:85:e3:c5:85:b5:5f:52:16:dd:25:b0:5a:d6:b4:
ee:3f:cb:4f:ff:f2:64:f2:ad:72:6f:4e:80:85:c0:
e2:bb:1b:62:62:d5:07:12:8f:fd:97:fb:25:ac:b6:
e8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0D:D3:E8:14:D7:25:77:C6:F2:CD:3C:FA:22:3B:56:6B:2B:BD:2E
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6A3T6BTXJXfG8s08-iI7VmsrvS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.121.188.0/23
79.121.194.0/23
79.121.208.0/23
79.121.222.0/23
93.152.0.0/23
93.152.10.0-93.152.15.255
93.152.48.0/22
93.152.64.0/22
93.152.116.0/22
94.185.130.0-94.185.133.255
94.185.136.0/23
94.185.142.0/23
94.185.148.0/23
94.185.152.0/22
94.185.168.0-94.185.173.255
94.185.180.0/23
94.185.186.0/23
94.185.192.0-94.185.197.255
94.185.200.0-94.185.205.255
94.185.214.0-94.185.217.255
94.185.220.0/22
94.185.230.0-94.185.233.255
95.177.3.0/24
95.177.5.0/24
95.177.13.0/24
109.174.128.0/22
109.174.134.0-109.174.137.255
109.174.140.0/22
109.174.152.0/23
109.174.160.0/22
109.174.168.0/23
109.174.172.0/23
109.174.250.0/23
109.204.0.0/22
109.204.16.0/22
109.204.24.0/22
109.204.96.0/22
109.204.124.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:34:1c:37:04:ea:4e:d1:76:dd:4c:8d:c7:40:47:f8:6c:c9:
f0:5f:d5:53:18:41:39:32:6a:b9:5a:5f:5d:d9:d4:cc:43:ad:
4f:58:92:7b:02:3a:f0:22:d2:14:4b:95:10:ae:18:cb:a1:e5:
4c:19:2c:aa:57:8a:6b:73:0e:96:71:a7:74:23:57:26:8a:ed:
dd:90:da:5c:dc:67:a6:97:7e:d4:09:11:d8:91:10:27:40:8b:
63:79:8d:a9:17:4d:ba:37:70:3b:b4:0d:7f:99:c5:f3:1b:9a:
bc:25:cf:50:e7:6b:91:c2:70:7e:87:94:d5:30:29:25:0b:47:
ac:a5:da:69:e3:07:4e:90:c3:0e:bb:9c:b7:86:0d:e2:dd:73:
c2:e2:c5:ee:65:f3:46:fb:85:59:75:44:20:51:92:1d:fb:a1:
a8:6c:0f:5a:ff:0e:46:5f:e1:1b:a1:3b:08:7a:fa:af:4e:3d:
c2:d5:26:42:1b:09:e5:dc:5c:74:7e:6d:26:e9:a4:b6:df:11:
f0:3b:b6:41:6e:62:bc:67:34:5b:44:33:7d:95:bf:1a:14:7f:
7f:fd:3e:8b:2f:8c:bc:a5:c8:ea:e7:e1:48:fd:0d:f0:1e:9d:
34:0a:8d:c4:93:ba:25:41:36:f0:ce:cb:4b:48:f2:12:86:d3:
c8:28:e6:5a
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAZcv504RwTw32+rYueO5W6hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwNjAyMDkwOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODBkZDNlODE0ZDcyNTc3YzZmMmNkM2NmYTIyM2I1NjZiMmJiZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFKNR7W5CS4fXDaI5PH7qt+RL30Z
nKbzq6RIXSPDYT4ZdIwszLmmda23GTnIpWljRlUbWM9vL0AqMcfWfajiAhEB/s5j
g8h9SqX9ERZfMv/fh3eXWummf5MT1pzStoJkELSFjcRYPyD43e3KtVAAqoCelUzm
tk/W+J13eWSKN74F3e9urIIoVGZSk+ErYd7rJFEQuCbgTqEIpwF0qtyhhAE5gxh2
kVEK7aj/R3rItwArfeto71QU1vryrKCzjRWSjSnTXyf8LS3yFP4SFUPX00xAhePF
hbVfUhbdJbBa1rTuP8tP//Jk8q1yb06AhcDiuxtiYtUHEo/9l/slrLborQIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFOgN0+gU1yV3xvLNPPoiO1ZrK70uMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvNkEzVDZCVFhKWGZHOHMwOC1pSTdWbXNydlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAU95vAMEAU95wgMEAU950AMEAU953gMEAV2YADAMAwQBXZgKAwQEXZgAAwQC
XZgwAwQCXZhAAwQCXZh0MAwDBAFeuYIDBAFeuYQDBAFeuYgDBAFeuY4DBAFeuZQD
BAJeuZgwDAMEA165qAMEAV65rAMEAV65tAMEAV65ujAMAwQGXrnAAwQBXrnEMAwD
BANeucgDBAFeucwwDAMEAV651gMEAV652AMEAl653DAMAwQBXrnmAwQBXrnoAwQA
X7EDAwQAX7EFAwQAX7ENAwQCba6AMAwDBAFtroYDBAFtrogDBAJtrowDBAFtrpgD
BAJtrqADBAFtrqgDBAFtrqwDBAFtrvoDBAJtzAADBAJtzBADBAJtzBgDBAJtzGAD
BAFtzHwwDQYJKoZIhvcNAQELBQADggEBAMk0HDcE6k7Rdt1MjcdAR/hsyfBf1VMY
QTkyarlaX13Z1MxDrU9YknsCOvAi0hRLlRCuGMuh5UwZLKpXimtzDpZxp3QjVyaK
7d2Q2lzcZ6aXftQJEdiRECdAi2N5jakXTbo3cDu0DX+ZxfMbmrwlz1Dna5HCcH6H
lNUwKSULR6yl2mnjB06Qww67nLeGDeLdc8Lixe5l80b7hVl1RCBRkh37oahsD1r/
DkZf4RuhOwh6+q9OPcLVJkIbCeXcXHR+bSbppLbfEfA7tkFuYrxnNFtEM32VvxoU
f3/9PosvjLylyOrn4Uj9DfAenTQKjcSTuiVBNvDOy0tI8hKG08go5lo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:24:55 2025 by rpki-client