Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/c6IRErIGfaFkFauAsD0yX1D2OJo.roa
File: c6IRErIGfaFkFauAsD0yX1D2OJo.roa (raw, json)
Hash identifier: xl23q8TaDjC94/sI1Iw9HbGjuwzReW51qdpjOFZcIcI=
Subject key identifier: 73:A2:11:12:B2:06:7D:A1:64:15:AB:80:B0:3D:32:5F:50:F6:38:9A
Certificate issuer: /CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Certificate serial: 0197A77BD6E931553FE3C30B1F1D7A1C4523
Authority key identifier: 9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/c6IRErIGfaFkFauAsD0yX1D2OJo.roa
Signing time: Wed 25 Jun 2025 14:26:40 +0000
ROA not before: Wed 25 Jun 2025 14:26:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 212.29.11.0/24 maxlen: 24
212.29.12.0/24 maxlen: 24
212.29.13.0/24 maxlen: 24
212.29.20.0/24 maxlen: 24
212.29.30.0/24 maxlen: 24
217.19.160.0/24 maxlen: 24
217.19.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:7b:d6:e9:31:55:3f:e3:c3:0b:1f:1d:7a:1c:45:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Validity
Not Before: Jun 25 14:26:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73a21112b2067da16415ab80b03d325f50f6389a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ef:d2:69:f6:02:46:8e:7d:d3:99:4a:fc:0a:
23:0d:ad:cb:65:a6:9c:b2:1b:10:c2:ee:43:9c:8c:
19:9f:79:a6:9b:3e:cf:ae:03:fd:ac:df:e6:6b:05:
38:e9:d2:c8:71:1a:71:75:14:a3:0e:24:a8:c0:e5:
1e:14:32:0c:35:a8:a7:b3:cb:86:70:67:f2:89:f4:
ad:2c:8b:f2:82:e8:d1:8f:c6:11:71:03:31:8f:98:
61:b7:97:01:f1:13:bf:6f:49:79:4f:e1:8c:46:32:
99:f5:7d:d7:9f:90:e8:4f:4c:51:c2:42:97:7b:e8:
f4:fd:57:4b:64:f8:7a:19:df:e8:00:a0:2e:96:92:
3f:58:a1:71:95:d9:6c:74:72:6a:1f:80:c4:3e:45:
b6:49:49:be:42:34:4e:8e:5c:5c:5a:09:ac:13:53:
28:de:00:66:4a:59:b2:21:9a:3a:92:28:72:4a:74:
d9:ef:04:71:29:2f:92:4c:87:63:4a:25:c7:e9:29:
55:e9:6c:73:e0:94:2d:d4:e7:df:56:9f:de:0a:f7:
e0:15:53:3d:d4:e3:39:33:84:41:73:ed:cd:3b:73:
92:cb:64:9a:ef:b3:42:f9:26:bc:4f:d3:6c:35:bc:
67:aa:b3:36:3b:ad:68:29:de:68:2d:2e:ea:0d:45:
06:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A2:11:12:B2:06:7D:A1:64:15:AB:80:B0:3D:32:5F:50:F6:38:9A
X509v3 Authority Key Identifier:
keyid:9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/c6IRErIGfaFkFauAsD0yX1D2OJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.11.0-212.29.13.255
212.29.20.0/24
212.29.30.0/24
217.19.160.0/23
Signature Algorithm: sha256WithRSAEncryption
21:a6:51:ca:48:58:4b:d7:1f:a1:87:05:15:be:66:16:4d:29:
42:78:5e:4a:4b:a9:e2:f6:dc:a2:71:07:46:f9:22:63:1f:37:
2d:d3:f9:54:37:55:3f:27:df:89:46:84:37:0d:e9:48:2d:87:
ff:bf:74:6a:5b:af:3d:da:7e:a0:87:78:be:ca:44:49:38:f1:
da:3f:ca:7c:77:2e:70:e6:cf:c6:6d:18:c0:08:17:ff:4a:e0:
42:3e:9b:46:03:17:46:c0:ee:4f:5b:d5:2f:91:e8:87:9d:fd:
2e:9e:ae:51:61:47:91:99:fd:79:0d:8d:08:a4:43:d2:79:be:
93:8b:58:8e:b3:8e:e8:c6:24:b1:69:c0:ad:d6:20:9f:00:85:
1d:ad:39:3b:8c:f0:a2:60:a4:aa:14:8b:7a:b2:6a:65:5d:0c:
34:d2:d4:42:82:04:af:f8:a8:12:fa:d6:0a:79:8f:f5:cb:dd:
7f:11:aa:80:af:08:40:d1:64:05:eb:d2:d5:46:f7:6e:d4:da:
2b:ca:92:5a:0b:77:1a:a3:f5:32:ec:0e:a0:3c:bb:ec:42:88:
c0:12:42:4d:b9:75:a5:f9:99:b7:a7:4d:19:1c:5e:86:2d:c8:
c6:4a:64:11:a1:5b:d4:15:fc:de:1e:b6:59:d5:60:f0:e9:e0:
68:10:60:f3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZene9bpMVU/48MLHx16HEUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjliZGY5YmJkMmE0NTk3ZTI2Y2UyMGJmZTEzODYyNGNh
ZDMzZGMwHhcNMjUwNjI1MTQyNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2EyMTExMmIyMDY3ZGExNjQxNWFiODBiMDNkMzI1ZjUwZjYzODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+/SafYCRo5905lK/AojDa3LZaac
shsQwu5DnIwZn3mmmz7PrgP9rN/mawU46dLIcRpxdRSjDiSowOUeFDIMNains8uG
cGfyifStLIvygujRj8YRcQMxj5hht5cB8RO/b0l5T+GMRjKZ9X3Xn5DoT0xRwkKX
e+j0/VdLZPh6Gd/oAKAulpI/WKFxldlsdHJqH4DEPkW2SUm+QjROjlxcWgmsE1Mo
3gBmSlmyIZo6kihySnTZ7wRxKS+STIdjSiXH6SlV6Wxz4JQt1OffVp/eCvfgFVM9
1OM5M4RBc+3NO3OSy2Sa77NC+Sa8T9NsNbxnqrM2O61oKd5oLS7qDUUG3QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHOiERKyBn2hZBWrgLA9Ml9Q9jiaMB8GA1UdIwQY
MBaAFJ9pvfm70qRZfibOIL/hOGJMrTPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEt
NjE5MjgxMzgwYmMyLzEvYzZJUkVySUdmYUZrRmF1QXNEMHlYMUQyT0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEtNjE5MjgxMzgwYmMy
LzEvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBADUHQsD
BAHUHQwDBADUHRQDBADUHR4DBAHZE6AwDQYJKoZIhvcNAQELBQADggEBACGmUcpI
WEvXH6GHBRW+ZhZNKUJ4XkpLqeL23KJxB0b5ImMfNy3T+VQ3VT8n34lGhDcN6Ugt
h/+/dGpbrz3afqCHeL7KREk48do/ynx3LnDmz8ZtGMAIF/9K4EI+m0YDF0bA7k9b
1S+R6Ied/S6erlFhR5GZ/XkNjQikQ9J5vpOLWI6zjujGJLFpwK3WIJ8AhR2tOTuM
8KJgpKoUi3qyamVdDDTS1EKCBK/4qBL61gp5j/XL3X8RqoCvCEDRZAXr0tVG927U
2ivKkloLdxqj9TLsDqA8u+xCiMASQk25daX5mbenTRkcXoYtyMZKZBGhW9QV/N4e
tlnVYPDp4GgQYPM=
-----END CERTIFICATE-----
Generated at Tue Jul 1 19:45:44 2025 by rpki-client