Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/X6C0LQtGVvRd2CeSFuWYh98x4Js.roa
File: X6C0LQtGVvRd2CeSFuWYh98x4Js.roa (raw, json)
Hash identifier: EUGlTVUrEwtvjyoLAcB1cjNBUrDvFi8aL2LwEWKJh7U=
Subject key identifier: 5F:A0:B4:2D:0B:46:56:F4:5D:D8:27:92:16:E5:98:87:DF:31:E0:9B
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 01968F835282A3ED111BEAE72EC49ABF570A
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/X6C0LQtGVvRd2CeSFuWYh98x4Js.roa
Signing time: Fri 02 May 2025 05:41:10 +0000
ROA not before: Fri 02 May 2025 05:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58172
IP address blocks: 85.116.176.0/23 maxlen: 23
85.116.178.0/24 maxlen: 24
85.116.179.0/24 maxlen: 24
85.116.180.0/24 maxlen: 24
85.116.181.0/24 maxlen: 24
85.116.183.0/24 maxlen: 24
85.116.184.0/23 maxlen: 23
85.116.186.0/23 maxlen: 23
85.116.188.0/23 maxlen: 23
85.116.190.0/24 maxlen: 24
85.116.191.0/24 maxlen: 24
91.132.148.0/24 maxlen: 24
91.132.149.0/24 maxlen: 24
91.132.150.0/24 maxlen: 24
91.132.151.0/24 maxlen: 24
91.239.101.0/24 maxlen: 24
128.127.96.0/24 maxlen: 24
128.127.97.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:83:52:82:a3:ed:11:1b:ea:e7:2e:c4:9a:bf:57:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: May 2 05:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa0b42d0b4656f45dd8279216e59887df31e09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:39:82:f2:f5:43:c0:82:e1:ea:70:9a:d9:5f:
38:4f:1e:c7:e4:fb:b4:dd:97:4e:6c:bd:c9:ae:19:
ff:43:fa:4b:ad:1b:b1:4d:ff:05:20:87:2f:96:65:
a0:85:72:6b:e4:e9:38:79:f1:f7:2c:9a:16:c3:88:
34:e0:ab:5d:c0:90:17:92:69:48:70:49:82:62:fc:
61:07:c6:97:01:64:7e:58:81:c9:8f:f4:b6:4c:b6:
11:a5:23:f4:6f:d2:bd:2e:8d:45:ec:33:89:bc:fb:
ea:b0:08:dd:55:6b:1e:9c:3c:87:0b:a4:48:ad:87:
18:90:5b:69:b5:de:d4:79:8f:9e:c7:c3:1b:e4:6b:
55:04:fa:a2:06:8f:03:08:e0:e9:f8:76:af:6b:22:
be:b9:b1:12:d8:72:af:82:ef:a2:95:dd:f1:bf:2d:
f2:b6:05:8b:fd:71:be:55:ad:62:f3:01:4d:99:27:
3f:5d:92:4f:36:0b:72:9e:75:b0:18:a2:5e:82:d7:
dd:49:65:dc:12:22:cf:09:32:73:72:fd:78:7e:c9:
97:d7:92:23:ae:c0:54:f7:8d:82:18:39:69:49:45:
42:7f:09:c5:5c:75:6b:5f:8d:20:c3:f3:fd:c2:79:
bc:b4:70:7a:16:d4:d7:b3:c3:ab:55:db:1a:7d:e6:
6c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A0:B4:2D:0B:46:56:F4:5D:D8:27:92:16:E5:98:87:DF:31:E0:9B
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/X6C0LQtGVvRd2CeSFuWYh98x4Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.176.0-85.116.181.255
85.116.183.0-85.116.191.255
91.132.148.0/22
91.239.101.0/24
128.127.96.0/21
178.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
46:6a:c1:08:d8:23:37:f8:9d:da:93:5f:17:23:62:41:d4:14:
f3:7d:d1:5f:a7:ba:d1:24:9e:7e:22:1f:78:91:0b:87:cf:79:
0c:52:c7:7d:50:22:04:2b:b5:41:bc:87:5b:3c:03:42:5d:e8:
55:ae:cc:30:f5:55:b3:d7:29:94:bf:b9:2f:41:6e:7f:1b:e5:
14:61:f3:a9:82:18:4b:c0:94:3e:44:4c:04:36:35:30:8a:cb:
08:65:dc:11:de:5b:27:05:23:12:c0:a8:c1:da:ec:e0:1d:f9:
8b:b9:ae:6c:b7:34:8b:84:b0:13:c4:12:7e:29:b0:69:48:81:
e0:6b:1a:26:35:30:6d:5c:f7:c2:42:75:cb:58:00:2d:a3:57:
16:f1:ae:de:67:d2:63:e1:f8:0a:f4:4a:55:a7:f4:f3:12:f2:
d3:75:0d:2a:ec:ac:41:cb:f8:30:ae:2f:89:62:4b:c8:d2:77:
e0:7f:4f:e2:c6:3f:0d:40:65:ed:94:d0:f2:6b:fb:3d:38:b5:
ba:2e:e4:c5:60:7b:bf:5a:44:7d:b9:59:e6:cf:a5:a5:55:96:
52:8b:34:31:d4:41:88:b3:86:1f:bc:7a:08:4c:f5:6f:de:29:
1c:dd:40:94:52:fd:13:14:6d:71:e1:4f:b5:61:b6:dc:26:78:
62:0d:36:95
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZaPg1KCo+0RG+rnLsSav1cKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwNTAyMDU0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmEwYjQyZDBiNDY1NmY0NWRkODI3OTIxNmU1OTg4N2RmMzFlMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzmC8vVDwILh6nCa2V84Tx7H5Pu0
3ZdObL3Jrhn/Q/pLrRuxTf8FIIcvlmWghXJr5Ok4efH3LJoWw4g04KtdwJAXkmlI
cEmCYvxhB8aXAWR+WIHJj/S2TLYRpSP0b9K9Lo1F7DOJvPvqsAjdVWsenDyHC6RI
rYcYkFtptd7UeY+ex8Mb5GtVBPqiBo8DCODp+HavayK+ubES2HKvgu+ild3xvy3y
tgWL/XG+Va1i8wFNmSc/XZJPNgtynnWwGKJegtfdSWXcEiLPCTJzcv14fsmX15Ij
rsBU942CGDlpSUVCfwnFXHVrX40gw/P9wnm8tHB6FtTXs8OrVdsafeZsYQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF+gtC0LRlb0XdgnkhblmIffMeCbMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvWDZDMExRdEdWdlJkMkNlU0Z1V1loOTh4NEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBARVdLAD
BAFVdLQwDAMEAFV0twMEBlV0gAMEAluElAMEAFvvZQMEA4B/YAMEA7IUsDANBgkq
hkiG9w0BAQsFAAOCAQEARmrBCNgjN/id2pNfFyNiQdQU833RX6e60SSefiIfeJEL
h895DFLHfVAiBCu1QbyHWzwDQl3oVa7MMPVVs9cplL+5L0FufxvlFGHzqYIYS8CU
PkRMBDY1MIrLCGXcEd5bJwUjEsCowdrs4B35i7mubLc0i4SwE8QSfimwaUiB4Gsa
JjUwbVz3wkJ1y1gALaNXFvGu3mfSY+H4CvRKVaf08xLy03UNKuysQcv4MK4viWJL
yNJ34H9P4sY/DUBl7ZTQ8mv7PTi1ui7kxWB7v1pEfblZ5s+lpVWWUos0MdRBiLOG
H7x6CEz1b94pHN1AlFL9ExRtceFPtWG23CZ4Yg02lQ==
-----END CERTIFICATE-----
Generated at Mon May 12 07:22:40 2025 by rpki-client