Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/6rfsfqbb66Z4YyQ85DrSCClEYyQ.roa
File: 6rfsfqbb66Z4YyQ85DrSCClEYyQ.roa (raw, json)
Hash identifier: XC2Ku0Iwp3bsO/t4i7GruB0hUrNI8+QktDyu/hHIIas=
Subject key identifier: EA:B7:EC:7E:A6:DB:EB:A6:78:63:24:3C:E4:3A:D2:08:29:44:63:24
Certificate issuer: /CN=55fad96dd05af8c2d26192c841131f2f97459fed
Certificate serial: 019762FD50686FD1D17BF1D499131C876FBC
Authority key identifier: 55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/6rfsfqbb66Z4YyQ85DrSCClEYyQ.roa
Signing time: Thu 12 Jun 2025 07:14:17 +0000
ROA not before: Thu 12 Jun 2025 07:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35057
IP address blocks: 185.175.92.0/24 maxlen: 24
185.175.93.0/24 maxlen: 24
194.31.236.0/24 maxlen: 24
194.31.237.0/24 maxlen: 24
194.31.244.0/24 maxlen: 24
194.31.245.0/24 maxlen: 24
195.38.10.0/24 maxlen: 24
195.38.11.0/24 maxlen: 24
2a0e:3307::/32 maxlen: 34
2a0e:3307::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/VfrZbdBa-MLSYZLIQRMfL5dFn-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/VfrZbdBa-MLSYZLIQRMfL5dFn-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:62:fd:50:68:6f:d1:d1:7b:f1:d4:99:13:1c:87:6f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55fad96dd05af8c2d26192c841131f2f97459fed
Validity
Not Before: Jun 12 07:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eab7ec7ea6dbeba67863243ce43ad20829446324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:c9:d8:b0:5f:74:a7:dc:7e:18:b2:b7:7d:
f5:e1:81:8c:41:45:4c:fd:95:59:52:a5:bf:c8:2d:
04:28:f1:c7:3b:ed:55:14:cd:34:39:47:94:bc:d6:
a4:71:df:99:d5:5d:00:c3:30:ad:de:4c:18:06:a5:
a8:54:d6:1e:e3:26:c1:f2:48:33:a1:94:c6:58:97:
e7:0d:bb:32:1e:4f:02:57:b2:e5:20:7a:ab:5a:b6:
24:78:b4:c3:4c:17:33:54:6c:96:50:8c:ea:1a:a9:
9e:f8:46:82:0b:e7:6b:71:c0:66:22:0b:2b:2a:19:
a8:7a:f2:f5:c6:fb:32:8d:d9:f9:42:20:41:a7:e8:
ad:dd:de:5d:66:a3:23:42:aa:2f:32:c5:75:ef:72:
a0:83:90:02:c9:8e:64:c7:30:8d:cd:0c:46:e1:f4:
97:fd:fb:82:84:b9:ae:02:f6:9d:a4:63:4d:bf:57:
0d:32:e3:9a:6a:3d:41:29:d9:68:d4:81:28:57:29:
b2:ae:5f:bd:b6:8f:52:d9:3a:74:fd:76:8b:6e:b9:
f2:fc:b8:0f:0b:dc:9b:d3:be:b8:2a:8c:c8:0e:bb:
72:14:e9:6a:0b:e9:de:3d:56:b1:7c:cd:d0:af:5f:
f0:9d:54:0a:dd:7e:4d:3c:cf:0e:a0:65:71:4a:1e:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B7:EC:7E:A6:DB:EB:A6:78:63:24:3C:E4:3A:D2:08:29:44:63:24
X509v3 Authority Key Identifier:
keyid:55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/6rfsfqbb66Z4YyQ85DrSCClEYyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/VfrZbdBa-MLSYZLIQRMfL5dFn-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.92.0/23
194.31.236.0/23
194.31.244.0/23
195.38.10.0/23
IPv6:
2a0e:3307::/32
Signature Algorithm: sha256WithRSAEncryption
5e:fe:55:27:fd:8f:08:1b:ee:41:10:28:9e:c9:83:e6:d7:84:
25:20:98:26:8e:95:ef:55:ba:56:e2:36:a8:75:0e:8f:ae:14:
b1:d5:71:d8:ae:8b:0b:62:25:99:e2:84:ab:b0:ce:a1:5b:1f:
9b:d9:67:3a:a4:49:74:cb:67:b7:2f:d0:6d:22:70:c1:cb:ca:
a2:8e:51:dc:0d:3f:fe:5a:1a:9e:0d:b1:31:17:a8:fb:c3:c6:
8f:d0:db:c6:92:5f:be:cf:a1:a7:8f:69:28:c8:c5:6e:03:98:
02:9e:2e:b1:66:cc:62:9a:81:6c:61:70:dc:46:68:12:4f:ce:
83:ae:e3:b0:1f:ac:a2:da:d7:2c:43:a0:74:eb:0f:ca:5d:18:
b7:e6:ff:48:55:01:c7:78:36:42:5e:88:05:0d:c2:c1:b6:eb:
52:20:14:5c:14:e0:ee:12:10:78:9a:14:ab:4e:7f:a7:87:f8:
c4:d5:43:f9:b2:c3:ea:c3:39:0d:14:b6:81:0c:67:31:69:ac:
33:73:d8:f7:ee:c6:68:e8:a5:85:e2:a7:94:24:d1:9d:2a:5e:
ff:5e:b8:c5:5e:6d:e9:4b:1d:30:64:12:c5:61:64:b7:21:bf:
a8:b0:2f:a3:3b:64:c8:fe:87:65:dd:56:40:7d:58:3c:b8:3b:
70:c5:92:27
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZdi/VBob9HRe/HUmRMch2+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZmFkOTZkZDA1YWY4YzJkMjYxOTJjODQxMTMxZjJmOTc0
NTlmZWQwHhcNMjUwNjEyMDcxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWI3ZWM3ZWE2ZGJlYmE2Nzg2MzI0M2NlNDNhZDIwODI5NDQ2MzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKnJ2LBfdKfcfhiyt3314YGMQUVM
/ZVZUqW/yC0EKPHHO+1VFM00OUeUvNakcd+Z1V0AwzCt3kwYBqWoVNYe4ybB8kgz
oZTGWJfnDbsyHk8CV7LlIHqrWrYkeLTDTBczVGyWUIzqGqme+EaCC+drccBmIgsr
KhmoevL1xvsyjdn5QiBBp+it3d5dZqMjQqovMsV173Kgg5ACyY5kxzCNzQxG4fSX
/fuChLmuAvadpGNNv1cNMuOaaj1BKdlo1IEoVymyrl+9to9S2Tp0/XaLbrny/LgP
C9yb0764KozIDrtyFOlqC+nePVaxfM3Qr1/wnVQK3X5NPM8OoGVxSh6O9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOq37H6m2+umeGMkPOQ60ggpRGMkMB8GA1UdIwQY
MBaAFFX62W3QWvjC0mGSyEETHy+XRZ/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAt
MzBmZjJjODNmMDAxLzEvNnJmc2ZxYmI2Nlo0WXlRODVEclNDQ2xFWXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAtMzBmZjJjODNmMDAx
LzEvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBua9cAwQB
wh/sAwQBwh/0AwQBwyYKMA0EAgACMAcDBQAqDjMHMA0GCSqGSIb3DQEBCwUAA4IB
AQBe/lUn/Y8IG+5BECieyYPm14QlIJgmjpXvVbpW4jaodQ6PrhSx1XHYrosLYiWZ
4oSrsM6hWx+b2Wc6pEl0y2e3L9BtInDBy8qijlHcDT/+WhqeDbExF6j7w8aP0NvG
kl++z6Gnj2koyMVuA5gCni6xZsximoFsYXDcRmgST86DruOwH6yi2tcsQ6B06w/K
XRi35v9IVQHHeDZCXogFDcLBtutSIBRcFODuEhB4mhSrTn+nh/jE1UP5ssPqwzkN
FLaBDGcxaawzc9j37sZo6KWF4qeUJNGdKl7/XrjFXm3pSx0wZBLFYWS3Ib+osC+j
O2TI/odl3VZAfVg8uDtwxZIn
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:53:14 2025 by rpki-client