Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/6HdpHxLcX1yJjOzlOGgPAGgCNb0.roa
File: 6HdpHxLcX1yJjOzlOGgPAGgCNb0.roa (raw, json)
Hash identifier: y1XUmT2PqLYoWjVJT6WyKQER242J2k/RPKz4Xs0cE9k=
Subject key identifier: E8:77:69:1F:12:DC:5F:5C:89:8C:EC:E5:38:68:0F:00:68:02:35:BD
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 0196F33BA343D9AD2238E4A9C7BE3086984D
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/6HdpHxLcX1yJjOzlOGgPAGgCNb0.roa
Signing time: Wed 21 May 2025 14:24:54 +0000
ROA not before: Wed 21 May 2025 14:24:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215672
IP address blocks: 80.93.193.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.203.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:3b:a3:43:d9:ad:22:38:e4:a9:c7:be:30:86:98:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: May 21 14:24:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e877691f12dc5f5c898cece538680f00680235bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:11:e6:ef:ce:f9:11:50:32:74:c7:24:44:
ec:90:52:6a:05:35:6f:fd:cc:e3:c6:fe:33:26:91:
b6:1d:20:3a:09:8d:40:2f:00:84:d0:83:a2:7e:c3:
71:dc:9a:74:ec:76:da:28:d5:fd:c4:a3:ee:b2:d4:
5c:15:23:e5:f8:18:0d:cd:11:cc:bd:e2:d4:92:aa:
80:e4:fc:40:ba:4b:84:fa:e3:c9:45:0e:98:ce:94:
bf:25:16:0c:14:17:7a:1a:a7:30:bf:f2:a5:ad:68:
a4:38:95:eb:6c:32:30:6b:d9:06:90:bd:09:bc:12:
d3:ca:e4:49:26:92:62:c2:4b:bd:9d:e9:18:0c:ef:
dd:25:78:8a:55:83:04:c3:5e:b0:ad:7d:92:b6:7d:
89:02:12:3d:75:e3:00:25:43:c5:5d:4a:3c:39:bd:
34:e2:2e:61:71:29:9e:fe:b5:99:c6:bd:f0:40:cd:
4b:17:1a:2e:a1:33:38:01:85:37:01:b9:eb:2d:57:
f7:5a:27:d3:2a:fd:72:69:be:7b:39:5e:59:a5:30:
02:9f:a1:26:a8:21:ca:38:f6:96:a6:7a:12:f2:26:
01:f3:e3:f1:1f:f4:ed:f2:81:4a:46:17:f2:5d:21:
31:70:8a:f8:5f:9e:01:89:f3:42:23:c8:c7:ba:28:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:77:69:1F:12:DC:5F:5C:89:8C:EC:E5:38:68:0F:00:68:02:35:BD
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/6HdpHxLcX1yJjOzlOGgPAGgCNb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.193.0/24
80.93.199.0/24
80.93.203.0-80.93.205.255
Signature Algorithm: sha256WithRSAEncryption
19:83:f5:d5:a4:7f:42:99:8e:9b:3c:4f:55:3c:ae:ed:fb:06:
49:70:0e:7b:8f:be:be:93:ee:20:b1:8b:6d:01:45:66:e6:61:
24:8c:14:34:67:f9:f2:90:b3:ea:63:3c:b5:99:7f:5c:22:12:
1a:6b:b8:95:fe:0f:f8:5e:ec:7e:03:11:a9:87:92:20:cb:f3:
8d:c3:49:23:c3:59:c0:91:94:62:c2:ac:ba:87:15:db:cd:33:
a7:e1:76:a8:76:c2:13:30:e3:71:ef:cb:c1:06:c0:8b:d4:51:
2b:59:78:aa:2e:26:6c:f1:2b:33:92:1c:d9:cd:05:8f:5e:16:
bb:b0:bf:53:31:50:ef:f7:18:df:19:7c:78:9b:6f:55:39:25:
ac:1f:56:b8:6e:24:8a:b4:74:a8:37:e0:ed:e4:11:ef:20:97:
94:de:5b:05:62:a4:8a:8a:74:c5:4f:e8:e0:b7:5b:55:40:89:
04:96:32:a6:f7:cc:85:b1:de:70:6f:7d:19:4e:e6:45:c6:b9:
48:d6:8f:e1:ab:71:70:a7:ff:43:80:a9:bf:75:5b:92:9d:f5:
e6:31:a2:40:d0:e7:48:f2:e0:27:4a:65:66:1a:37:ab:b2:59:
7a:ea:81:42:95:aa:02:ae:c0:91:72:55:b4:31:fe:91:d2:2c:
fc:cc:a5:87
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZbzO6ND2a0iOOSpx74whphNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwNTIxMTQyNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODc3NjkxZjEyZGM1ZjVjODk4Y2VjZTUzODY4MGYwMDY4MDIzNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2AR5u/O+RFQMnTHJETskFJqBTVv
/czjxv4zJpG2HSA6CY1ALwCE0IOifsNx3Jp07HbaKNX9xKPustRcFSPl+BgNzRHM
veLUkqqA5PxAukuE+uPJRQ6YzpS/JRYMFBd6Gqcwv/KlrWikOJXrbDIwa9kGkL0J
vBLTyuRJJpJiwku9nekYDO/dJXiKVYMEw16wrX2Stn2JAhI9deMAJUPFXUo8Ob00
4i5hcSme/rWZxr3wQM1LFxouoTM4AYU3AbnrLVf3WifTKv1yab57OV5ZpTACn6Em
qCHKOPaWpnoS8iYB8+PxH/Tt8oFKRhfyXSExcIr4X54BifNCI8jHuig8tQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOh3aR8S3F9ciYzs5ThoDwBoAjW9MB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvNkhkcEh4TGNYMXlKak96bE9HZ1BBR2dDTmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3BAwQA
UF3HMAwDBABQXcsDBAFQXcwwDQYJKoZIhvcNAQELBQADggEBABmD9dWkf0KZjps8
T1U8ru37BklwDnuPvr6T7iCxi20BRWbmYSSMFDRn+fKQs+pjPLWZf1wiEhpruJX+
D/he7H4DEamHkiDL843DSSPDWcCRlGLCrLqHFdvNM6fhdqh2whMw43Hvy8EGwIvU
UStZeKouJmzxKzOSHNnNBY9eFruwv1MxUO/3GN8ZfHibb1U5JawfVrhuJIq0dKg3
4O3kEe8gl5TeWwVipIqKdMVP6OC3W1VAiQSWMqb3zIWx3nBvfRlO5kXGuUjWj+Gr
cXCn/0OAqb91W5Kd9eYxokDQ50jy4CdKZWYaN6uyWXrqgUKVqgKuwJFyVbQx/pHS
LPzMpYc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:18:49 2025 by rpki-client