Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/7KQuRRixFRD2InAA41vDA8b46Ss.roa
File: 7KQuRRixFRD2InAA41vDA8b46Ss.roa (raw, json)
Hash identifier: pqy5x79CuZKPgbD27qu8dFnC6qLbsZEYs512o7B8AtE=
Subject key identifier: EC:A4:2E:45:18:B1:15:10:F6:22:70:00:E3:5B:C3:03:C6:F8:E9:2B
Certificate issuer: /CN=b48f063d29e910f033becb656e8b9901f69ec974
Certificate serial: 0196B38D18718FA6E03B6C9B6BEEAD9FC1ED
Authority key identifier: B4:8F:06:3D:29:E9:10:F0:33:BE:CB:65:6E:8B:99:01:F6:9E:C9:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/7KQuRRixFRD2InAA41vDA8b46Ss.roa
Signing time: Fri 09 May 2025 05:38:10 +0000
ROA not before: Fri 09 May 2025 05:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207013
IP address blocks: 185.168.176.0/22 maxlen: 22
185.168.176.0/24 maxlen: 24
185.168.177.0/24 maxlen: 24
185.168.178.0/24 maxlen: 24
185.168.179.0/24 maxlen: 24
2a0b:ffc0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:8d:18:71:8f:a6:e0:3b:6c:9b:6b:ee:ad:9f:c1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48f063d29e910f033becb656e8b9901f69ec974
Validity
Not Before: May 9 05:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eca42e4518b11510f6227000e35bc303c6f8e92b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:a0:5c:59:77:79:37:95:85:66:92:d8:80:
c0:5d:30:b4:ea:14:c0:ba:16:7e:96:b7:d5:97:2b:
4e:2f:49:b1:77:2d:4d:88:91:c4:03:62:05:ed:7c:
df:61:18:63:b9:60:9f:97:4a:e6:61:78:49:7c:ca:
56:b7:8e:60:90:8b:d2:23:30:62:8a:6e:0a:e2:06:
1a:27:cc:5d:38:ab:17:9f:60:9c:aa:86:02:69:6f:
32:2d:95:09:38:3b:48:50:1c:1a:87:d0:6c:9f:75:
20:d4:42:bd:fe:bd:5e:50:4f:77:90:d6:84:05:8f:
2a:5e:38:28:de:60:03:0b:49:08:01:a1:0e:98:7e:
f2:d7:c6:90:12:49:17:d8:2b:c3:e9:42:2c:bc:e1:
6c:67:22:3a:8a:12:aa:9f:07:4d:05:28:65:0b:e2:
49:d3:29:7e:61:4a:d3:6c:34:f3:be:90:40:6e:b2:
6d:a1:00:eb:5f:d7:8f:6d:8f:ae:1b:80:53:92:43:
72:f4:29:9e:bd:ff:57:77:ab:0d:a2:41:7e:e6:d6:
42:03:90:6b:69:1c:50:ce:e2:c9:c0:3d:b9:81:e5:
b3:e2:89:e5:6f:a3:94:fb:30:51:68:e1:50:01:42:
cc:34:c1:b5:5a:da:bf:27:a3:59:5d:3a:19:93:a7:
df:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A4:2E:45:18:B1:15:10:F6:22:70:00:E3:5B:C3:03:C6:F8:E9:2B
X509v3 Authority Key Identifier:
keyid:B4:8F:06:3D:29:E9:10:F0:33:BE:CB:65:6E:8B:99:01:F6:9E:C9:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/7KQuRRixFRD2InAA41vDA8b46Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.176.0/22
IPv6:
2a0b:ffc0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:35:88:55:a8:83:2c:95:c3:ee:02:ce:c7:ee:bf:7e:5d:1a:
71:46:a5:48:59:a6:64:cd:aa:a8:60:77:f0:03:9b:81:6e:b5:
ed:33:04:f3:8b:6d:64:f3:2a:c9:81:80:21:14:2e:f3:52:51:
f9:77:ea:fc:15:f6:99:38:67:37:78:5a:5f:20:a6:01:22:1e:
ca:fb:fc:12:b9:a3:fe:12:e6:bd:f6:74:25:b3:15:72:61:b9:
bd:4c:83:59:e7:b8:ef:63:61:f6:6c:9e:83:cf:19:82:5b:74:
d3:5b:6a:49:16:78:00:79:4c:cf:22:8b:0a:45:aa:ed:67:df:
11:05:a8:ce:a4:2b:0e:7a:1b:06:f7:72:4d:7e:ea:8b:e2:36:
a2:6b:6d:1a:6a:ca:0a:73:1c:5a:ca:a1:b3:ab:dc:a3:ab:6e:
53:cf:54:03:54:ce:b4:ae:64:3c:17:e0:37:82:99:25:94:9f:
51:b6:f3:eb:0d:f0:a9:5e:c1:88:cb:d7:b9:bd:c8:c3:2c:a3:
48:cf:09:2d:1e:39:9f:be:fe:12:86:c0:ed:59:80:b4:12:cf:
8f:41:ba:19:9a:3f:f6:3b:9a:65:fd:47:1b:f2:c4:3b:c2:82:
ec:c2:45:1e:4c:c6:86:63:66:a4:43:db:9c:3c:65:92:d9:2a:
70:6a:da:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZazjRhxj6bgO2yba+6tn8HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGYwNjNkMjllOTEwZjAzM2JlY2I2NTZlOGI5OTAxZjY5
ZWM5NzQwHhcNMjUwNTA5MDUzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E0MmU0NTE4YjExNTEwZjYyMjcwMDBlMzViYzMwM2M2ZjhlOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E+gXFl3eTeVhWaS2IDAXTC06hTA
uhZ+lrfVlytOL0mxdy1NiJHEA2IF7XzfYRhjuWCfl0rmYXhJfMpWt45gkIvSIzBi
im4K4gYaJ8xdOKsXn2CcqoYCaW8yLZUJODtIUBwah9Bsn3Ug1EK9/r1eUE93kNaE
BY8qXjgo3mADC0kIAaEOmH7y18aQEkkX2CvD6UIsvOFsZyI6ihKqnwdNBShlC+JJ
0yl+YUrTbDTzvpBAbrJtoQDrX9ePbY+uG4BTkkNy9Cmevf9Xd6sNokF+5tZCA5Br
aRxQzuLJwD25geWz4onlb6OU+zBRaOFQAULMNMG1Wtq/J6NZXToZk6ffNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOykLkUYsRUQ9iJwAONbwwPG+OkrMB8GA1UdIwQY
MBaAFLSPBj0p6RDwM77LZW6LmQH2nsl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk4R1BTbnBFUEF6dnN0bGJvdVpBZmFleVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8yNmM3ZmYtOTk4ZS00MTMxLWE3NDct
M2M0M2MzZDM1ZWYzLzEvN0tRdVJSaXhGUkQySW5BQTQxdkRBOGI0NlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8yNmM3ZmYtOTk4ZS00MTMxLWE3NDctM2M0M2MzZDM1ZWYz
LzEvdEk4R1BTbnBFUEF6dnN0bGJvdVpBZmFleVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaiwMA0E
AgACMAcDBQAqC//AMA0GCSqGSIb3DQEBCwUAA4IBAQBtNYhVqIMslcPuAs7H7r9+
XRpxRqVIWaZkzaqoYHfwA5uBbrXtMwTzi21k8yrJgYAhFC7zUlH5d+r8FfaZOGc3
eFpfIKYBIh7K+/wSuaP+Eua99nQlsxVyYbm9TINZ57jvY2H2bJ6DzxmCW3TTW2pJ
FngAeUzPIosKRartZ98RBajOpCsOehsG93JNfuqL4jaia20aasoKcxxayqGzq9yj
q25Tz1QDVM60rmQ8F+A3gpkllJ9RtvPrDfCpXsGIy9e5vcjDLKNIzwktHjmfvv4S
hsDtWYC0Es+PQboZmj/2O5pl/Ucb8sQ7woLswkUeTMaGY2akQ9ucPGWS2SpwatrF
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:53:10 2025 by rpki-client