Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1-_vI6Tp7u-6rXSCsq4v21pvZ9xI.roa
File: 1-_vI6Tp7u-6rXSCsq4v21pvZ9xI.roa (raw, json)
Hash identifier: 3uo5m7Es9LJ8+wQvapCRvFkaIHPGgBCy7TJfTaor+YQ=
Subject key identifier: FB:FB:C8:E9:3A:7B:BB:EE:AB:5D:20:AC:AB:8B:F6:D6:9B:D9:F7:12
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 01978280F18685CF23D2C10CF6AEC78C22B5
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1-_vI6Tp7u-6rXSCsq4v21pvZ9xI.roa
Signing time: Wed 18 Jun 2025 10:06:17 +0000
ROA not before: Wed 18 Jun 2025 10:06:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8391
IP address blocks: 195.138.32.0/22 maxlen: 22
195.138.38.0/24 maxlen: 24
195.138.54.0/24 maxlen: 24
195.138.58.0/24 maxlen: 24
195.138.61.0/24 maxlen: 24
195.138.62.0/24 maxlen: 24
195.253.0.0/16 maxlen: 24
195.253.6.0/24 maxlen: 24
195.253.96.0/19 maxlen: 24
2a01:5b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 01:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:80:f1:86:85:cf:23:d2:c1:0c:f6:ae:c7:8c:22:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Jun 18 10:06:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbfbc8e93a7bbbeeab5d20acab8bf6d69bd9f712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:e5:0e:96:c3:81:d6:6b:cf:28:eb:74:66:
3e:01:24:9d:7d:3b:a5:7f:2b:e3:b4:74:1e:71:b3:
33:49:fd:96:53:d7:2a:e5:66:f3:8c:55:02:39:2f:
86:d8:9f:de:ff:4e:c0:d3:a6:7f:64:45:75:e6:e2:
65:82:34:41:32:0f:9b:4f:6b:ad:10:cb:a8:33:6d:
e7:42:46:bb:0d:f1:8b:11:40:76:6f:16:8d:4f:17:
1b:60:3a:17:d9:bf:c8:2e:2f:71:1c:e6:16:d8:aa:
28:0b:4c:a1:e6:80:35:f7:9e:a7:96:b8:b9:03:72:
9e:55:09:18:f9:ea:8a:8e:a7:bc:f5:b0:c9:88:1b:
f4:b3:ab:cb:95:d8:7e:d8:9d:9e:51:8a:ef:f7:4b:
c1:d4:79:0d:dd:9b:d6:f4:ed:76:75:3a:e8:55:79:
8f:cd:90:ad:bb:73:f7:f1:e5:94:77:cd:c4:02:23:
9a:e3:19:19:b9:5e:31:67:78:f7:0e:28:c0:e3:7e:
b0:82:e3:f6:08:61:5d:fa:ce:a7:6c:82:a0:62:15:
d7:09:8f:e4:d2:b0:2d:a8:75:38:3a:29:d4:e3:3c:
12:e6:99:34:bc:c3:ae:89:3a:a7:8a:e9:f0:f1:c3:
d9:7f:45:a9:a6:88:2b:b4:5a:45:07:8a:07:98:57:
f5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FB:C8:E9:3A:7B:BB:EE:AB:5D:20:AC:AB:8B:F6:D6:9B:D9:F7:12
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1-_vI6Tp7u-6rXSCsq4v21pvZ9xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.32.0/22
195.138.38.0/24
195.138.54.0/24
195.138.58.0/24
195.138.61.0-195.138.62.255
195.253.0.0/16
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ef:3d:20:e1:7a:bf:c4:44:c8:a1:4a:c7:08:68:c8:8b:37:
4c:71:0a:60:13:4b:62:69:b0:e2:f3:dd:db:df:f7:9b:9f:44:
08:80:aa:49:c5:5a:ee:ea:45:d6:b1:10:76:69:44:61:36:40:
09:35:78:18:39:6f:ff:88:01:c1:71:ab:1e:ff:5b:55:06:b0:
1a:7f:9a:cd:33:20:00:ad:1a:d8:76:66:25:02:97:93:01:69:
df:00:18:10:b8:20:c1:9a:3f:00:42:8b:48:20:7c:56:6f:37:
c3:37:ae:99:4f:af:48:37:e7:09:90:d2:d8:cd:0c:aa:2d:34:
25:d3:7e:49:e5:87:76:78:cb:ff:16:fa:a6:1b:df:63:df:35:
1b:01:85:c7:a1:1b:7b:ac:49:5f:5a:b7:8c:eb:7a:f7:d7:d2:
bc:4a:43:0a:e2:3a:20:1f:5b:58:bf:1f:57:23:3e:99:44:d5:
bf:81:f0:2e:08:10:26:71:5f:be:5d:8f:da:4d:c2:d1:ed:89:
83:76:c5:da:fa:d0:51:cc:2e:43:5c:a2:9f:43:52:8f:71:5a:
7a:f2:46:f4:5a:3b:ba:14:16:2d:3c:ad:72:b2:89:12:7e:a3:
03:31:40:74:aa:44:4e:b7:11:4a:03:4e:ac:22:33:34:f1:80:
e2:bb:69:18
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZeCgPGGhc8j0sEM9q7HjCK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwNjE4MTAwNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZiYzhlOTNhN2JiYmVlYWI1ZDIwYWNhYjhiZjZkNjliZDlmNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhHlDpbDgdZrzyjrdGY+ASSdfTul
fyvjtHQecbMzSf2WU9cq5WbzjFUCOS+G2J/e/07A06Z/ZEV15uJlgjRBMg+bT2ut
EMuoM23nQka7DfGLEUB2bxaNTxcbYDoX2b/ILi9xHOYW2KooC0yh5oA1956nlri5
A3KeVQkY+eqKjqe89bDJiBv0s6vLldh+2J2eUYrv90vB1HkN3ZvW9O12dTroVXmP
zZCtu3P38eWUd83EAiOa4xkZuV4xZ3j3DijA436wguP2CGFd+s6nbIKgYhXXCY/k
0rAtqHU4OinU4zwS5pk0vMOuiTqniunw8cPZf0WppogrtFpFB4oHmFf1rQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPv7yOk6e7vuq10grKuL9tab2fcSMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvMS1fdkk2VHA3dS02clhTQ3NxNHYyMXB2Wjl4SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvOWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYw
ZC8xL1VNSGtKdldPUXE0dzVXemJmX1RZLWQzWVd6QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwMQQCAAEwKwMEAsOKIAME
AMOKJgMEAMOKNgMEAMOKOjAMAwQAw4o9AwQAw4o+AwMAw/0wDQQCAAIwBwMFACoB
BbAwDQYJKoZIhvcNAQELBQADggEBAAzvPSDher/ERMihSscIaMiLN0xxCmATS2Jp
sOLz3dvf95ufRAiAqknFWu7qRdaxEHZpRGE2QAk1eBg5b/+IAcFxqx7/W1UGsBp/
ms0zIACtGth2ZiUCl5MBad8AGBC4IMGaPwBCi0ggfFZvN8M3rplPr0g35wmQ0tjN
DKotNCXTfknlh3Z4y/8W+qYb32PfNRsBhcehG3usSV9at4zrevfX0rxKQwriOiAf
W1i/H1cjPplE1b+B8C4IECZxX75dj9pNwtHtiYN2xdr60FHMLkNcop9DUo9xWnry
RvRaO7oUFi08rXKyiRJ+owMxQHSqRE63EUoDTqwiMzTxgOK7aRg=
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:13:30 2025 by rpki-client