Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/6T07akuBxgvG0izMFImIY3LJxqs.roa
File: 6T07akuBxgvG0izMFImIY3LJxqs.roa (raw, json)
Hash identifier: XGRbraQFnaK7TkdQ/duWwEkwP4S4BhjaDtKSynptX9M=
Subject key identifier: E9:3D:3B:6A:4B:81:C6:0B:C6:D2:2C:CC:14:89:88:63:72:C9:C6:AB
Certificate issuer: /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial: 01978747DE407F4FB0489745DACA513B9320
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/6T07akuBxgvG0izMFImIY3LJxqs.roa
Signing time: Thu 19 Jun 2025 08:22:03 +0000
ROA not before: Thu 19 Jun 2025 08:22:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 94.143.105.0/24 maxlen: 24
94.143.106.0/24 maxlen: 24
94.143.107.0/24 maxlen: 24
94.143.108.0/24 maxlen: 24
94.143.109.0/24 maxlen: 24
94.143.110.0/24 maxlen: 24
185.236.124.0/24 maxlen: 24
185.236.125.0/24 maxlen: 24
185.236.126.0/24 maxlen: 24
185.236.127.0/24 maxlen: 24
212.1.218.0/24 maxlen: 24
212.1.219.0/24 maxlen: 24
212.1.222.0/24 maxlen: 24
212.1.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 11:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:47:de:40:7f:4f:b0:48:97:45:da:ca:51:3b:93:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Validity
Not Before: Jun 19 08:22:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e93d3b6a4b81c60bc6d22ccc1489886372c9c6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:b2:eb:c4:bf:0d:9d:8e:05:74:eb:e2:9f:
6d:7c:47:53:89:0f:7c:17:e8:63:54:02:ce:dd:bd:
b1:2c:de:a8:44:85:91:a2:92:2a:34:c1:44:39:9b:
79:6c:c0:96:fd:d5:bb:aa:ca:3d:ab:ce:be:44:9c:
a0:f1:f5:55:ca:c6:a8:19:24:d1:76:c2:c1:10:a1:
c4:c1:95:d2:59:d5:19:2f:67:b6:e9:80:50:60:01:
f9:34:0d:1d:37:1d:b3:a4:39:48:ee:8d:cf:2d:ac:
1b:bf:9d:d2:f8:c1:44:7f:56:5b:16:d6:fa:e1:05:
63:9e:21:03:b8:2f:e0:83:64:55:8f:2f:d8:13:50:
ff:29:bf:b5:e3:c1:c2:06:50:e2:66:6c:20:f8:c3:
e7:07:fa:1a:9d:ab:0d:88:a3:01:26:14:f7:13:68:
a9:4a:0f:37:72:3b:74:a5:57:92:3f:2d:44:e0:37:
20:79:3e:7f:20:f4:32:5c:07:58:bc:f6:5b:0b:98:
22:c7:4f:b0:38:99:d6:e5:f3:90:9b:e7:a2:9b:ee:
5f:0d:37:71:08:83:1e:cb:7d:fb:bb:2e:77:38:16:
b0:ff:d7:45:40:90:53:b0:3f:1f:a5:09:e8:af:20:
9c:d6:10:ad:e4:73:32:2e:03:b0:f8:5b:41:04:6c:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3D:3B:6A:4B:81:C6:0B:C6:D2:2C:CC:14:89:88:63:72:C9:C6:AB
X509v3 Authority Key Identifier:
keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/6T07akuBxgvG0izMFImIY3LJxqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.105.0-94.143.110.255
185.236.124.0/22
212.1.218.0/23
212.1.222.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:af:7f:d8:7b:1b:88:9c:5e:75:d1:70:f0:88:ed:01:1e:27:
74:6e:47:f0:84:d3:20:bd:ba:55:63:66:6a:08:57:1b:89:54:
ff:88:9e:e2:df:76:31:7b:95:77:49:a5:90:5c:b0:ae:93:0e:
52:dc:a0:b4:ea:52:1e:e7:8a:e5:ff:aa:34:cc:d2:5d:88:da:
47:48:6f:57:e9:b2:d6:1e:d6:b6:4a:fb:92:d2:68:9e:bf:e3:
7d:07:69:de:52:64:26:66:37:5f:15:89:65:9e:6a:ac:b3:2a:
89:8a:fe:c1:d2:78:59:72:87:7e:0d:bc:86:ba:60:7c:cd:63:
61:93:56:cc:e7:8d:0c:5a:53:80:b4:fb:c1:fb:7a:00:22:b2:
ad:ac:83:ec:9f:53:55:1d:88:11:fd:06:43:22:86:e8:41:dc:
dd:af:2b:01:1d:97:b4:81:5b:bd:4f:32:b8:cd:ca:6f:4a:fe:
02:c9:e8:d2:c9:12:53:89:b9:b8:27:df:9f:28:23:ed:e4:79:
a1:ec:dd:97:af:48:66:41:4e:23:c2:39:af:00:17:9c:56:bc:
f4:cf:3d:3a:9c:56:f6:df:72:e8:37:ea:56:5b:05:76:d1:34:
b0:a3:28:8f:47:2b:36:9c:a2:40:ff:94:e2:d8:7d:90:fc:48:
fe:3a:0b:b3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZeHR95Af0+wSJdF2spRO5MgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDc4YzVhYTIyNmEyNzhlOGIxOTA2ZjM3MWM2MGNmYzdk
ODdlOGUwHhcNMjUwNjE5MDgyMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTNkM2I2YTRiODFjNjBiYzZkMjJjY2MxNDg5ODg2MzcyYzljNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOOy68S/DZ2OBXTr4p9tfEdTiQ98
F+hjVALO3b2xLN6oRIWRopIqNMFEOZt5bMCW/dW7qso9q86+RJyg8fVVysaoGSTR
dsLBEKHEwZXSWdUZL2e26YBQYAH5NA0dNx2zpDlI7o3PLawbv53S+MFEf1ZbFtb6
4QVjniEDuC/gg2RVjy/YE1D/Kb+148HCBlDiZmwg+MPnB/oanasNiKMBJhT3E2ip
Sg83cjt0pVeSPy1E4DcgeT5/IPQyXAdYvPZbC5gix0+wOJnW5fOQm+eim+5fDTdx
CIMey337uy53OBaw/9dFQJBTsD8fpQnoryCc1hCt5HMyLgOw+FtBBGyCHQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOk9O2pLgcYLxtIszBSJiGNyycarMB8GA1UdIwQY
MBaAFHpHjFqiJqJ46LGQbzccYM/H2H6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAt
ZDc2ZWM5Y2MwZDI4LzEvNlQwN2FrdUJ4Z3ZHMGl6TUZJbUlZM0xKeHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAtZDc2ZWM5Y2MwZDI4
LzEvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABej2kD
BABej24DBAK57HwDBAHUAdoDBAHUAd4wDQYJKoZIhvcNAQELBQADggEBAB6vf9h7
G4icXnXRcPCI7QEeJ3RuR/CE0yC9ulVjZmoIVxuJVP+InuLfdjF7lXdJpZBcsK6T
DlLcoLTqUh7niuX/qjTM0l2I2kdIb1fpstYe1rZK+5LSaJ6/430Had5SZCZmN18V
iWWeaqyzKomK/sHSeFlyh34NvIa6YHzNY2GTVsznjQxaU4C0+8H7egAisq2sg+yf
U1UdiBH9BkMihuhB3N2vKwEdl7SBW71PMrjNym9K/gLJ6NLJElOJubgn358oI+3k
eaHs3ZevSGZBTiPCOa8AF5xWvPTPPTqcVvbfcug36lZbBXbRNLCjKI9HKzacokD/
lOLYfZD8SP46C7M=
-----END CERTIFICATE-----
Generated at Sun Jun 29 18:19:40 2025 by rpki-client