Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/4Ze6fHS1CDDIrfDprEE1yu2W5uY.roa
File: 4Ze6fHS1CDDIrfDprEE1yu2W5uY.roa (raw, json)
Hash identifier: To0AiaOH9TsCon/TYTwvzw2Mel3lXf3uulB0tRaKWIc=
Subject key identifier: E1:97:BA:7C:74:B5:08:30:C8:AD:F0:E9:AC:41:35:CA:ED:96:E6:E6
Certificate issuer: /CN=7c8c1371dd6afd5fd79ea984da3fbda1b94afe23
Certificate serial: 0197B13D6DD37452F9117DA10305DBDBE4A0
Authority key identifier: 7C:8C:13:71:DD:6A:FD:5F:D7:9E:A9:84:DA:3F:BD:A1:B9:4A:FE:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fIwTcd1q_V_XnqmE2j-9oblK_iM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/4Ze6fHS1CDDIrfDprEE1yu2W5uY.roa
Signing time: Fri 27 Jun 2025 11:54:42 +0000
ROA not before: Fri 27 Jun 2025 11:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210252
IP address blocks: 193.23.20.0/22 maxlen: 24
193.23.22.0/24 maxlen: 24
2a0d:5bc0::/29 maxlen: 32
2a0d:5bc0::/32 maxlen: 32
2a0d:5bc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fIwTcd1q_V_XnqmE2j-9oblK_iM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fIwTcd1q_V_XnqmE2j-9oblK_iM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fIwTcd1q_V_XnqmE2j-9oblK_iM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 23:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:3d:6d:d3:74:52:f9:11:7d:a1:03:05:db:db:e4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8c1371dd6afd5fd79ea984da3fbda1b94afe23
Validity
Not Before: Jun 27 11:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e197ba7c74b50830c8adf0e9ac4135caed96e6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:21:dc:57:2f:3f:db:01:22:22:c8:cb:52:
ee:a8:aa:4c:d9:be:24:44:30:e6:0d:72:42:06:df:
35:3e:86:e1:e7:bb:93:27:4a:37:18:06:84:18:61:
4c:c6:1e:a8:fb:d0:45:53:1c:60:99:2d:8e:39:c0:
41:0b:86:36:e6:6f:7d:5c:ed:81:42:02:6f:77:db:
2b:00:78:81:00:1f:e3:53:38:d2:8b:73:a1:64:0e:
9f:eb:8a:e1:76:83:8a:75:a6:1e:37:d4:da:7f:c1:
0c:47:e4:7e:f3:df:28:a8:a7:71:53:60:d3:05:3d:
8e:ee:f7:8a:82:c5:a9:df:27:44:4e:91:c0:fd:fb:
78:dc:ae:df:51:01:20:8a:a6:fe:91:2f:bc:1c:ae:
43:34:d9:1c:fa:d8:ab:4d:92:ef:0b:cf:7e:52:78:
b1:57:d5:55:24:6c:2d:a6:a9:63:61:10:0b:d5:62:
96:f1:6e:1e:6a:37:05:15:3c:ba:c6:2f:d3:33:26:
e3:7a:6b:f9:89:06:1b:f8:ca:3c:f5:6b:5b:c9:ed:
ec:ee:36:ab:2a:3d:d3:c0:fc:36:fe:f3:bf:58:88:
9e:23:63:aa:a5:ac:cd:20:c2:2d:54:20:9f:a8:fd:
f9:7b:b6:a2:75:a3:c1:a3:18:8f:21:5c:da:c5:17:
e9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:97:BA:7C:74:B5:08:30:C8:AD:F0:E9:AC:41:35:CA:ED:96:E6:E6
X509v3 Authority Key Identifier:
keyid:7C:8C:13:71:DD:6A:FD:5F:D7:9E:A9:84:DA:3F:BD:A1:B9:4A:FE:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIwTcd1q_V_XnqmE2j-9oblK_iM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/4Ze6fHS1CDDIrfDprEE1yu2W5uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fIwTcd1q_V_XnqmE2j-9oblK_iM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.20.0/22
IPv6:
2a0d:5bc0::/29
Signature Algorithm: sha256WithRSAEncryption
82:0c:43:c2:b3:c2:7d:60:4d:6b:ad:7d:bb:0a:37:7b:21:d1:
f3:64:79:ef:3a:77:90:f4:d9:79:fe:5c:8d:a7:b9:06:f4:f7:
f5:49:b8:a5:4d:69:e9:14:25:c0:19:71:54:6c:1c:dd:19:69:
91:74:ee:77:f6:31:ea:18:49:50:2d:51:73:25:f6:01:30:42:
43:cd:e5:21:38:f1:91:e8:b4:3c:ad:cf:a5:48:79:a3:8d:0f:
8a:6f:5e:05:39:7f:99:df:3d:4d:8c:a9:d9:f9:0b:48:82:fd:
52:a8:99:a3:fc:91:30:e1:26:ac:6f:28:12:ab:98:66:dd:20:
7c:4c:c4:53:aa:96:8a:5b:4f:77:c7:67:57:78:fa:4c:ae:39:
60:ad:1b:2c:90:0b:33:4c:08:f4:0a:6f:9d:22:7c:a2:81:b9:
e1:18:2b:35:59:54:72:1b:84:f1:1a:9b:b7:8a:91:7b:5e:b9:
3a:a4:ca:56:c0:3f:c2:cf:b2:8d:60:93:01:c2:2d:3d:1f:9d:
93:aa:4d:76:4d:27:7c:69:23:6f:b3:5f:1f:13:42:31:fd:b7:
80:77:86:c8:40:4b:8a:20:29:b8:82:db:c5:1e:06:ac:b4:42:
d0:28:a8:7b:a9:78:21:62:b5:67:7c:e7:1f:dd:7a:b2:7e:1c:
51:3d:3f:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZexPW3TdFL5EX2hAwXb2+SgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGMxMzcxZGQ2YWZkNWZkNzllYTk4NGRhM2ZiZGExYjk0
YWZlMjMwHhcNMjUwNjI3MTE1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTk3YmE3Yzc0YjUwODMwYzhhZGYwZTlhYzQxMzVjYWVkOTZlNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAgh3FcvP9sBIiLIy1LuqKpM2b4k
RDDmDXJCBt81Pobh57uTJ0o3GAaEGGFMxh6o+9BFUxxgmS2OOcBBC4Y25m99XO2B
QgJvd9srAHiBAB/jUzjSi3OhZA6f64rhdoOKdaYeN9Taf8EMR+R+898oqKdxU2DT
BT2O7veKgsWp3ydETpHA/ft43K7fUQEgiqb+kS+8HK5DNNkc+tirTZLvC89+Unix
V9VVJGwtpqljYRAL1WKW8W4eajcFFTy6xi/TMybjemv5iQYb+Mo89Wtbye3s7jar
Kj3TwPw2/vO/WIieI2OqpazNIMItVCCfqP35e7aidaPBoxiPIVzaxRfpVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGXunx0tQgwyK3w6axBNcrtlubmMB8GA1UdIwQY
MBaAFHyME3Hdav1f156phNo/vaG5Sv4jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkl3VGNkMXFfVl9YbnFtRTJqLTlvYmxLX2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOTQ2NTItMTU2NC00ZDFiLTgxOTgt
MWFjNWQ4ODYzMDgyLzEvNFplNmZIUzFDRERJcmZEcHJFRTF5dTJXNXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOTQ2NTItMTU2NC00ZDFiLTgxOTgtMWFjNWQ4ODYzMDgy
LzEvZkl3VGNkMXFfVl9YbnFtRTJqLTlvYmxLX2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwRcUMA0E
AgACMAcDBQMqDVvAMA0GCSqGSIb3DQEBCwUAA4IBAQCCDEPCs8J9YE1rrX27Cjd7
IdHzZHnvOneQ9Nl5/lyNp7kG9Pf1SbilTWnpFCXAGXFUbBzdGWmRdO539jHqGElQ
LVFzJfYBMEJDzeUhOPGR6LQ8rc+lSHmjjQ+Kb14FOX+Z3z1NjKnZ+QtIgv1SqJmj
/JEw4SasbygSq5hm3SB8TMRTqpaKW093x2dXePpMrjlgrRsskAszTAj0Cm+dInyi
gbnhGCs1WVRyG4TxGpu3ipF7Xrk6pMpWwD/Cz7KNYJMBwi09H52Tqk12TSd8aSNv
s18fE0Ix/beAd4bIQEuKICm4gtvFHgastELQKKh7qXghYrVnfOcf3XqyfhxRPT9j
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:02:24 2025 by rpki-client