Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/6mdz3FUbYbEXUwbNtdE6ko8nTMU.roa
File: 6mdz3FUbYbEXUwbNtdE6ko8nTMU.roa (raw, json)
Hash identifier: qQLpPmQPw8ftCewNYkAAyWaRT4QAsIUlv1iheRZAjNU=
Subject key identifier: EA:67:73:DC:55:1B:61:B1:17:53:06:CD:B5:D1:3A:92:8F:27:4C:C5
Certificate issuer: /CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Certificate serial: 0197B12CF3EA3A4094DA3EA1A5953693BA72
Authority key identifier: B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/6mdz3FUbYbEXUwbNtdE6ko8nTMU.roa
Signing time: Fri 27 Jun 2025 11:36:42 +0000
ROA not before: Fri 27 Jun 2025 11:36:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 45.130.244.0/22 maxlen: 22
45.140.44.0/22 maxlen: 22
45.147.140.0/22 maxlen: 22
79.110.16.0/21 maxlen: 21
79.110.24.0/22 maxlen: 22
178.159.108.0/22 maxlen: 22
185.71.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:2c:f3:ea:3a:40:94:da:3e:a1:a5:95:36:93:ba:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Validity
Not Before: Jun 27 11:36:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea6773dc551b61b1175306cdb5d13a928f274cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:f3:bf:a5:2b:11:1c:88:b4:4a:fb:4a:fc:
6e:5b:c5:62:5c:69:12:aa:19:ca:fd:c5:36:bb:a7:
f6:a6:45:b3:66:18:58:dc:87:f7:8b:b7:31:d1:35:
26:f6:13:f9:aa:76:0d:f6:e7:17:d6:0f:2b:49:e7:
c4:a9:4a:c1:d3:91:f5:e3:12:bf:e0:c5:ba:40:b5:
b6:a6:8b:eb:1f:23:31:ef:4a:57:0f:a8:9d:f9:a4:
5c:52:7a:03:a1:a8:e3:63:7c:92:b6:22:95:c4:52:
bc:a6:ee:dd:4a:9d:8d:27:4c:86:d9:a0:73:f7:d7:
5a:48:31:e4:a4:c5:bd:7a:de:7f:74:71:d8:f4:4a:
59:6d:14:68:38:40:cb:4a:d1:75:32:5b:a0:30:43:
e6:5f:42:a5:3c:e9:3b:5a:68:cf:5a:e5:f8:fc:e9:
6c:0c:b0:6b:47:36:8b:aa:1f:49:64:6d:db:97:d9:
7b:ab:30:6a:61:1a:07:51:50:9b:65:f7:1f:f7:3b:
9a:f6:4c:69:5a:e0:25:41:d3:e1:3f:1b:d2:02:76:
8d:e3:d0:06:59:46:15:f2:31:f0:e7:e1:df:4a:3f:
b5:4c:d6:aa:2f:dc:95:eb:43:56:2c:46:bb:77:4b:
61:13:f2:96:54:35:1a:ac:1c:c1:d9:f9:90:13:c2:
9c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:67:73:DC:55:1B:61:B1:17:53:06:CD:B5:D1:3A:92:8F:27:4C:C5
X509v3 Authority Key Identifier:
keyid:B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/6mdz3FUbYbEXUwbNtdE6ko8nTMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.244.0/22
45.140.44.0/22
45.147.140.0/22
79.110.16.0-79.110.27.255
178.159.108.0/22
185.71.0.0/22
Signature Algorithm: sha256WithRSAEncryption
89:46:2f:ac:5c:14:90:dd:bb:e7:12:c5:a1:f5:4f:90:f3:76:
78:3d:06:e2:22:1d:52:b0:ee:66:72:9b:07:69:32:80:bd:67:
7c:74:f9:67:ec:a6:55:de:0b:aa:50:7f:08:e9:8c:8a:f9:50:
92:a7:80:1c:0a:77:54:d3:78:8d:01:6a:46:f6:d3:5a:57:4d:
8e:11:4b:9d:c2:a0:32:82:20:7d:46:53:a6:31:c4:07:ec:af:
64:11:3f:4f:08:ee:a3:c6:ed:29:47:30:9a:57:53:40:a5:0e:
3c:6b:c4:28:fa:88:a4:a3:0c:3d:7b:ec:89:06:30:bb:74:dd:
59:81:75:1b:59:84:b7:9e:db:b4:9c:0b:30:e8:e5:f2:7a:c6:
9d:b1:87:98:17:ce:99:19:cb:43:2a:62:bb:10:e1:d8:de:bc:
2b:4c:21:e0:92:10:4d:56:fd:32:14:aa:69:54:63:2e:28:0b:
17:6b:83:b0:90:c5:2e:a1:ac:4a:7f:2f:5f:35:b0:c3:fb:67:
7a:bc:2b:9e:23:15:60:c0:30:2c:81:e8:f1:f3:5f:d6:1e:f8:
31:a4:e3:28:08:ee:47:ce:5d:7f:89:d4:1e:80:32:2c:84:83:
da:35:bd:22:9a:ee:8c:a8:10:79:be:4b:f2:f2:ad:18:ad:f5:
65:73:b8:06
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZexLPPqOkCU2j6hpZU2k7pyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmU3YjgwNjhjNGFlOWFlNGNhNGMzYTZiMjA5NjE5OWE3
NDFmZjIwHhcNMjUwNjI3MTEzNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTY3NzNkYzU1MWI2MWIxMTc1MzA2Y2RiNWQxM2E5MjhmMjc0Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWTzv6UrERyItEr7SvxuW8ViXGkS
qhnK/cU2u6f2pkWzZhhY3If3i7cx0TUm9hP5qnYN9ucX1g8rSefEqUrB05H14xK/
4MW6QLW2povrHyMx70pXD6id+aRcUnoDoajjY3yStiKVxFK8pu7dSp2NJ0yG2aBz
99daSDHkpMW9et5/dHHY9EpZbRRoOEDLStF1MlugMEPmX0KlPOk7WmjPWuX4/Ols
DLBrRzaLqh9JZG3bl9l7qzBqYRoHUVCbZfcf9zua9kxpWuAlQdPhPxvSAnaN49AG
WUYV8jHw5+HfSj+1TNaqL9yV60NWLEa7d0thE/KWVDUarBzB2fmQE8KcxQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOpnc9xVG2GxF1MGzbXROpKPJ0zFMB8GA1UdIwQY
MBaAFLgue4BoxK6a5MpMOmsglhmadB/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMt
YWFkZmE5YzA2NzQyLzEvNm1kejNGVWJZYkVYVXdiTnRkRTZrbzhuVE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMtYWFkZmE5YzA2NzQy
LzEvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLYL0AwQC
LYwsAwQCLZOMMAwDBARPbhADBAJPbhgDBAKyn2wDBAK5RwAwDQYJKoZIhvcNAQEL
BQADggEBAIlGL6xcFJDdu+cSxaH1T5Dzdng9BuIiHVKw7mZymwdpMoC9Z3x0+Wfs
plXeC6pQfwjpjIr5UJKngBwKd1TTeI0Bakb201pXTY4RS53CoDKCIH1GU6YxxAfs
r2QRP08I7qPG7SlHMJpXU0ClDjxrxCj6iKSjDD177IkGMLt03VmBdRtZhLee27Sc
CzDo5fJ6xp2xh5gXzpkZy0MqYrsQ4djevCtMIeCSEE1W/TIUqmlUYy4oCxdrg7CQ
xS6hrEp/L181sMP7Z3q8K54jFWDAMCyB6PHzX9Ye+DGk4ygI7kfOXX+J1B6AMiyE
g9o1vSKa7oyoEHm+S/LyrRit9WVzuAY=
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:58:47 2025 by rpki-client