Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/r0PvjEpnlWFsFe9mhlu-x7uuqW4.roa
File: r0PvjEpnlWFsFe9mhlu-x7uuqW4.roa (raw, json)
Hash identifier: v9Sjd6VL0RkK073Ql08i5EoR8baGeigT54elfTpIto4=
Subject key identifier: AF:43:EF:8C:4A:67:95:61:6C:15:EF:66:86:5B:BE:C7:BB:AE:A9:6E
Certificate issuer: /CN=839b7e1615a001a5bcb96e154a71af9a0b45b5d7
Certificate serial: 019777FA8AF984AA40C8C185F07082FE5C1D
Authority key identifier: 83:9B:7E:16:15:A0:01:A5:BC:B9:6E:15:4A:71:AF:9A:0B:45:B5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5t-FhWgAaW8uW4VSnGvmgtFtdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/r0PvjEpnlWFsFe9mhlu-x7uuqW4.roa
Signing time: Mon 16 Jun 2025 09:03:17 +0000
ROA not before: Mon 16 Jun 2025 09:03:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41959
IP address blocks: 84.234.122.0/24 maxlen: 24
84.234.123.0/24 maxlen: 24
91.206.96.0/23 maxlen: 23
185.79.32.0/22 maxlen: 22
193.242.146.0/23 maxlen: 23
194.126.229.0/24 maxlen: 24
194.140.250.0/24 maxlen: 24
195.80.229.0/24 maxlen: 24
195.93.142.0/23 maxlen: 23
195.226.207.0/24 maxlen: 24
195.245.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/g5t-FhWgAaW8uW4VSnGvmgtFtdc.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/g5t-FhWgAaW8uW4VSnGvmgtFtdc.mft
rsync://rpki.ripe.net/repository/DEFAULT/g5t-FhWgAaW8uW4VSnGvmgtFtdc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:fa:8a:f9:84:aa:40:c8:c1:85:f0:70:82:fe:5c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839b7e1615a001a5bcb96e154a71af9a0b45b5d7
Validity
Not Before: Jun 16 09:03:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af43ef8c4a6795616c15ef66865bbec7bbaea96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:89:cb:14:04:ea:7a:7a:7d:d2:2a:7f:8e:8c:
f4:d6:21:1e:04:07:67:ba:31:fe:18:36:b8:d9:0f:
19:0e:36:dc:c1:7e:75:c9:05:e5:8f:c8:4e:0b:70:
c2:ea:76:66:68:71:fa:91:ea:d0:a8:49:94:1d:e4:
62:d8:84:2c:6a:40:81:d2:8f:93:92:f4:6a:d7:f2:
03:f3:97:d8:59:1c:c3:ae:aa:3f:7d:b3:51:de:ea:
4a:7e:cc:80:d3:1a:85:ae:ef:0c:38:c3:47:f6:43:
2d:27:07:40:e1:ae:16:57:5d:86:36:45:3e:1a:8d:
82:e4:3a:9e:4c:f5:39:08:a7:7b:d3:ac:01:da:bf:
34:86:c7:df:2c:a8:b7:76:04:15:17:b8:e5:f0:52:
05:30:b0:c6:3d:aa:29:f6:c6:11:08:60:4e:82:0b:
fe:c1:24:ec:f5:4d:55:d5:d4:49:f8:91:f4:05:f8:
15:dc:f6:6b:b6:f7:1d:b8:02:4b:9c:a3:b8:92:f0:
df:7e:25:04:ee:b2:00:d4:b4:68:ec:a0:3a:5e:3c:
f7:2d:00:ac:fa:e3:3b:74:94:e5:8f:44:11:8d:94:
00:4f:cd:3d:d3:d9:31:4a:1f:3f:78:e0:fe:e5:32:
b9:e9:7e:fc:1f:b7:3b:20:f6:66:a4:2c:a7:69:9f:
a6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:43:EF:8C:4A:67:95:61:6C:15:EF:66:86:5B:BE:C7:BB:AE:A9:6E
X509v3 Authority Key Identifier:
keyid:83:9B:7E:16:15:A0:01:A5:BC:B9:6E:15:4A:71:AF:9A:0B:45:B5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5t-FhWgAaW8uW4VSnGvmgtFtdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/r0PvjEpnlWFsFe9mhlu-x7uuqW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/g5t-FhWgAaW8uW4VSnGvmgtFtdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.122.0/23
91.206.96.0/23
185.79.32.0/22
193.242.146.0/23
194.126.229.0/24
194.140.250.0/24
195.80.229.0/24
195.93.142.0/23
195.226.207.0/24
195.245.204.0/24
Signature Algorithm: sha256WithRSAEncryption
84:9d:c8:8d:91:92:a8:5f:34:04:85:7c:72:5a:8d:8d:e0:20:
81:e1:d0:1a:52:0b:92:50:50:88:b5:04:88:31:04:cf:59:3f:
c8:90:1c:52:a0:a9:a8:0a:52:d5:bd:d6:79:21:1e:ab:c6:87:
f2:e9:68:3e:ce:b8:60:cf:4d:52:d3:14:e3:fd:39:3d:e4:5c:
69:2c:8a:43:9a:54:58:7d:1c:ec:50:68:03:35:4d:41:a3:2c:
b4:66:ff:ce:a6:8f:f7:06:ce:fd:71:f8:9d:5c:5c:0b:44:e5:
de:fd:8d:3f:59:ef:93:95:00:a7:c2:a8:eb:a4:bc:c1:7a:0f:
ec:59:35:1b:ae:12:47:17:e4:d0:a4:78:c6:fc:20:2e:19:64:
d0:19:c3:30:e4:c9:9d:8f:97:42:54:15:29:c5:49:76:c7:04:
e3:d4:eb:4b:e2:5d:9e:65:75:ab:ca:7b:88:6b:3a:e5:39:20:
9a:a0:a7:f5:4b:fa:0b:07:d1:87:9e:96:f9:56:4d:e6:4e:9d:
52:e4:7d:fa:81:71:28:e2:b0:bd:fb:04:48:ca:fa:cc:5a:cc:
02:36:2a:69:89:f8:b8:01:5c:d0:db:de:79:1f:5f:3f:ee:83:
29:18:60:48:ea:37:25:88:ff:a6:c3:c8:fe:d5:5a:8e:f5:eb:
ee:f0:99:f1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZd3+or5hKpAyMGF8HCC/lwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOWI3ZTE2MTVhMDAxYTViY2I5NmUxNTRhNzFhZjlhMGI0
NWI1ZDcwHhcNMjUwNjE2MDkwMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQzZWY4YzRhNjc5NTYxNmMxNWVmNjY4NjViYmVjN2JiYWVhOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34nLFATqenp90ip/joz01iEeBAdn
ujH+GDa42Q8ZDjbcwX51yQXlj8hOC3DC6nZmaHH6kerQqEmUHeRi2IQsakCB0o+T
kvRq1/ID85fYWRzDrqo/fbNR3upKfsyA0xqFru8MOMNH9kMtJwdA4a4WV12GNkU+
Go2C5DqeTPU5CKd706wB2r80hsffLKi3dgQVF7jl8FIFMLDGPaop9sYRCGBOggv+
wSTs9U1V1dRJ+JH0BfgV3PZrtvcduAJLnKO4kvDffiUE7rIA1LRo7KA6Xjz3LQCs
+uM7dJTlj0QRjZQAT80909kxSh8/eOD+5TK56X78H7c7IPZmpCynaZ+mlwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK9D74xKZ5VhbBXvZoZbvse7rqluMB8GA1UdIwQY
MBaAFIObfhYVoAGlvLluFUpxr5oLRbXXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzV0LUZoV2dBYVc4dVc0VlNuR3ZtZ3RGdGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi80MmYyNzUtNjhiNy00NDhkLWI5NTYt
MzViYjJlNmQwNjA2LzEvcjBQdmpFcG5sV0ZzRmU5bWhsdS14N3V1cVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi80MmYyNzUtNjhiNy00NDhkLWI5NTYtMzViYjJlNmQwNjA2
LzEvZzV0LUZoV2dBYVc4dVc0VlNuR3ZtZ3RGdGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBVOp6AwQB
W85gAwQCuU8gAwQBwfKSAwQAwn7lAwQAwoz6AwQAw1DlAwQBw12OAwQAw+LPAwQA
w/XMMA0GCSqGSIb3DQEBCwUAA4IBAQCEnciNkZKoXzQEhXxyWo2N4CCB4dAaUguS
UFCItQSIMQTPWT/IkBxSoKmoClLVvdZ5IR6rxofy6Wg+zrhgz01S0xTj/Tk95Fxp
LIpDmlRYfRzsUGgDNU1Boyy0Zv/Opo/3Bs79cfidXFwLROXe/Y0/We+TlQCnwqjr
pLzBeg/sWTUbrhJHF+TQpHjG/CAuGWTQGcMw5Mmdj5dCVBUpxUl2xwTj1OtL4l2e
ZXWrynuIazrlOSCaoKf1S/oLB9GHnpb5Vk3mTp1S5H36gXEo4rC9+wRIyvrMWswC
Nippifi4AVzQ2955H18/7oMpGGBI6jcliP+mw8j+1VqO9evu8Jnx
-----END CERTIFICATE-----
Generated at Tue Jul 1 22:45:23 2025 by rpki-client