Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/YtxtGxzAFTD7VGg0PFEmZBNLElA.roa
File: YtxtGxzAFTD7VGg0PFEmZBNLElA.roa (raw, json)
Hash identifier: y8ZPyeZ/AYX6lgVWKnXOB87kBExgdYaVeX1AwaOBKoc=
Subject key identifier: 62:DC:6D:1B:1C:C0:15:30:FB:54:68:34:3C:51:26:64:13:4B:12:50
Certificate issuer: /CN=68d6604c88c2e04e6167241315b74a758ce648c3
Certificate serial: 0196B4D882E62E5CD147C07514428C3B635C
Authority key identifier: 68:D6:60:4C:88:C2:E0:4E:61:67:24:13:15:B7:4A:75:8C:E6:48:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/YtxtGxzAFTD7VGg0PFEmZBNLElA.roa
Signing time: Fri 09 May 2025 11:40:10 +0000
ROA not before: Fri 09 May 2025 11:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35362
IP address blocks: 5.83.16.0/21 maxlen: 21
37.17.240.0/22 maxlen: 22
62.84.248.0/21 maxlen: 21
95.158.0.0/18 maxlen: 18
146.0.80.0/21 maxlen: 21
176.113.168.0/21 maxlen: 21
185.11.28.0/22 maxlen: 22
2a07:1080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:d8:82:e6:2e:5c:d1:47:c0:75:14:42:8c:3b:63:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d6604c88c2e04e6167241315b74a758ce648c3
Validity
Not Before: May 9 11:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62dc6d1b1cc01530fb5468343c512664134b1250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:d0:30:73:87:76:d2:3a:0d:4a:07:61:b5:
44:3c:61:8c:aa:1a:6b:51:23:57:51:e9:2f:12:a5:
7c:27:79:ae:1e:34:d2:95:ca:da:f2:67:65:1e:a3:
d4:3e:58:a0:57:bd:fa:39:e0:ed:03:b0:80:48:82:
04:d9:e1:42:ef:3d:9a:12:47:7e:a6:84:64:4f:a2:
e5:df:46:3f:4c:d7:c7:fb:e2:88:60:50:20:c8:56:
98:2e:ec:c2:0a:44:f7:97:f0:c9:ba:87:84:dd:b5:
09:c0:9a:ae:4e:0a:89:c7:9b:e1:69:a6:8a:aa:23:
d5:84:49:72:38:00:a5:7b:6b:46:73:9f:7d:23:4f:
db:5d:0f:b1:e9:39:b0:89:a1:69:e3:68:71:16:e9:
aa:d1:b4:2b:ed:f9:52:0a:9b:d0:59:39:7f:b8:d2:
8f:3b:c8:73:15:6a:6e:20:d3:73:47:62:e0:6c:6f:
69:e4:26:18:5f:71:cb:d9:8b:74:7a:b9:ee:54:41:
37:81:d9:20:7c:85:60:e7:13:0c:67:81:67:ba:87:
1b:0c:96:cb:19:f6:79:e4:09:83:1a:cc:0e:88:c5:
b5:5d:b8:1f:aa:a6:70:64:e6:12:0a:e8:7a:94:ed:
ba:f3:28:aa:b0:2c:09:c3:b1:6b:d3:7d:a0:e9:26:
ba:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DC:6D:1B:1C:C0:15:30:FB:54:68:34:3C:51:26:64:13:4B:12:50
X509v3 Authority Key Identifier:
keyid:68:D6:60:4C:88:C2:E0:4E:61:67:24:13:15:B7:4A:75:8C:E6:48:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/YtxtGxzAFTD7VGg0PFEmZBNLElA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.16.0/21
37.17.240.0/22
62.84.248.0/21
95.158.0.0/18
146.0.80.0/21
176.113.168.0/21
185.11.28.0/22
IPv6:
2a07:1080::/29
Signature Algorithm: sha256WithRSAEncryption
a3:9e:75:27:1a:30:fa:32:7c:f2:d7:3a:c9:f5:4d:3f:60:a0:
b8:30:ec:6e:41:4d:d9:59:ce:e7:27:73:42:f4:5e:89:a5:47:
75:7a:a3:a5:7a:31:44:df:ab:64:35:26:c8:5e:d8:1d:2e:cf:
0b:8e:66:89:ad:99:06:99:af:51:5a:5e:2a:78:a8:6a:64:96:
4b:4b:76:71:63:1d:cd:27:da:9d:68:d0:e5:2c:b9:4f:23:e7:
0c:49:39:07:dc:cc:aa:98:a1:c1:be:c0:d6:15:6c:7a:e8:b3:
87:1a:c8:50:a7:23:38:09:cd:dd:9e:f4:3c:25:10:36:86:08:
ae:94:a2:7c:39:c2:42:a4:83:97:8d:0e:db:61:d6:90:04:6d:
df:43:47:73:f7:7e:4e:7e:62:cd:0e:83:9e:07:f8:fc:fb:87:
eb:b1:36:d9:0b:67:93:d7:0a:97:e0:8b:a4:ef:97:a0:82:85:
11:29:3d:b1:5a:55:78:b2:18:08:d1:bd:37:36:6b:f4:e1:cd:
1b:a5:8c:56:52:a8:23:d3:a3:f0:15:10:48:47:40:41:09:0f:
a6:f5:2b:cf:14:f4:13:fc:b2:ae:5f:d6:5d:e0:59:80:20:e7:
9e:f5:f0:9b:ee:6f:41:25:14:38:2f:e4:dd:77:19:b6:af:93:
99:f3:27:27
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZa02ILmLlzRR8B1FEKMO2NcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDY2MDRjODhjMmUwNGU2MTY3MjQxMzE1Yjc0YTc1OGNl
NjQ4YzMwHhcNMjUwNTA5MTE0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRjNmQxYjFjYzAxNTMwZmI1NDY4MzQzYzUxMjY2NDEzNGIxMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l3QMHOHdtI6DUoHYbVEPGGMqhpr
USNXUekvEqV8J3muHjTSlcra8mdlHqPUPligV736OeDtA7CASIIE2eFC7z2aEkd+
poRkT6Ll30Y/TNfH++KIYFAgyFaYLuzCCkT3l/DJuoeE3bUJwJquTgqJx5vhaaaK
qiPVhElyOACle2tGc599I0/bXQ+x6TmwiaFp42hxFumq0bQr7flSCpvQWTl/uNKP
O8hzFWpuINNzR2LgbG9p5CYYX3HL2Yt0ernuVEE3gdkgfIVg5xMMZ4FnuocbDJbL
GfZ55AmDGswOiMW1XbgfqqZwZOYSCuh6lO268yiqsCwJw7Fr032g6Sa63QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGLcbRscwBUw+1RoNDxRJmQTSxJQMB8GA1UdIwQY
MBaAFGjWYEyIwuBOYWckExW3SnWM5kjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5aZ1RJakM0RTVoWnlRVEZiZEtkWXptU01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wMDYyMjUtOWJmZi00NTgzLThhMTUt
N2NjMjk0NWYyY2E2LzEvWXR4dEd4ekFGVEQ3VkdnMFBGRW1aQk5MRWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wMDYyMjUtOWJmZi00NTgzLThhMTUtN2NjMjk0NWYyY2E2
LzEvYU5aZ1RJakM0RTVoWnlRVEZiZEtkWXptU01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBVMQAwQC
JRHwAwQDPlT4AwQGX54AAwQDkgBQAwQDsHGoAwQCuQscMA0EAgACMAcDBQMqBxCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCjnnUnGjD6Mnzy1zrJ9U0/YKC4MOxuQU3ZWc7n
J3NC9F6JpUd1eqOlejFE36tkNSbIXtgdLs8LjmaJrZkGma9RWl4qeKhqZJZLS3Zx
Yx3NJ9qdaNDlLLlPI+cMSTkH3MyqmKHBvsDWFWx66LOHGshQpyM4Cc3dnvQ8JRA2
hgiulKJ8OcJCpIOXjQ7bYdaQBG3fQ0dz935OfmLNDoOeB/j8+4frsTbZC2eT1wqX
4Iuk75eggoURKT2xWlV4shgI0b03Nmv04c0bpYxWUqgj06PwFRBIR0BBCQ+m9SvP
FPQT/LKuX9Zd4FmAIOee9fCb7m9BJRQ4L+Tddxm2r5OZ8ycn
-----END CERTIFICATE-----
Generated at Sat May 10 09:22:23 2025 by rpki-client