Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/6C7YcOFbadpcBk89Kuw0b1IqBF8.roa
File: 6C7YcOFbadpcBk89Kuw0b1IqBF8.roa (raw, json)
Hash identifier: JbrRL4XZEv8Qmzh9zhvfoh7MCjeFilO/YQNFSTXbxbU=
Subject key identifier: E8:2E:D8:70:E1:5B:69:DA:5C:06:4F:3D:2A:EC:34:6F:52:2A:04:5F
Certificate issuer: /CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Certificate serial: 01977FD99F361167C73C6DC4F6C1E94EC39F
Authority key identifier: A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/6C7YcOFbadpcBk89Kuw0b1IqBF8.roa
Signing time: Tue 17 Jun 2025 21:44:17 +0000
ROA not before: Tue 17 Jun 2025 21:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200260
IP address blocks: 193.242.222.0/24 maxlen: 24
2a13:75c1:100::/40 maxlen: 48
2a13:75c1:100::/44 maxlen: 48
2a13:75c1:110::/44 maxlen: 48
2a13:75c1:300::/40 maxlen: 48
2a13:75c1:500::/40 maxlen: 40
2a13:75c1:2000::/36 maxlen: 48
2a13:75c1:3000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:d9:9f:36:11:67:c7:3c:6d:c4:f6:c1:e9:4e:c3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Validity
Not Before: Jun 17 21:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e82ed870e15b69da5c064f3d2aec346f522a045f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:16:14:78:8a:7a:5b:23:ae:75:43:37:21:db:
6c:c1:8b:b6:de:b8:84:b7:a1:5b:90:22:14:64:ee:
b8:65:7b:fc:aa:02:ff:19:46:a6:7f:72:64:18:f5:
7a:5e:8b:26:96:a5:48:68:81:29:89:14:12:e1:63:
01:8d:34:b9:ed:c1:2e:7e:be:ab:59:28:14:be:fa:
a6:ec:8e:5c:b7:5e:fb:21:52:65:d9:fd:13:ee:2e:
1b:71:41:87:27:d4:be:e6:2d:ae:47:5a:f3:a3:aa:
3f:4c:f9:1f:6a:6a:c3:54:bb:dd:e2:72:f2:14:ae:
5f:8a:bc:2a:7e:e8:ae:44:54:c2:24:2c:8a:30:d8:
76:6c:4b:e7:58:14:ed:b4:7d:da:0c:3c:1f:a1:57:
49:27:18:e1:21:bc:34:71:3b:8f:7f:64:46:2d:6e:
bb:58:6e:65:09:27:ff:1e:cf:ac:11:7a:3a:ad:da:
b0:2a:42:17:8b:16:95:bb:ae:47:4a:45:08:4d:86:
63:d8:6a:c3:54:eb:88:23:d7:bb:38:df:53:a3:7a:
5c:35:e3:62:7b:15:07:89:58:56:60:77:48:ca:6c:
ed:79:59:48:e4:5a:a4:91:c5:82:f2:42:63:40:ac:
18:8f:17:21:fb:27:b5:34:0c:ea:b0:01:08:9d:ab:
ad:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2E:D8:70:E1:5B:69:DA:5C:06:4F:3D:2A:EC:34:6F:52:2A:04:5F
X509v3 Authority Key Identifier:
keyid:A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/6C7YcOFbadpcBk89Kuw0b1IqBF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.222.0/24
IPv6:
2a13:75c1:100::/40
2a13:75c1:300::/40
2a13:75c1:500::/40
2a13:75c1:2000::/35
Signature Algorithm: sha256WithRSAEncryption
a8:96:e6:7c:a4:81:1e:f4:a5:ee:7f:9f:51:70:04:1e:48:89:
2b:6a:d8:07:dc:be:db:bd:9e:90:33:bb:05:e0:f5:1c:c6:8a:
cf:a9:05:85:e5:6f:81:0e:0b:43:21:96:be:49:7b:dd:b7:9f:
47:3e:c7:1e:13:14:89:24:8a:77:59:ea:7c:5a:13:a4:31:a0:
a5:67:b8:5e:49:58:f4:bc:06:34:f7:8d:07:46:52:19:48:6b:
61:62:6c:c7:f2:8a:b6:8c:e5:ba:10:1e:eb:35:88:90:6b:7b:
90:c8:c3:64:e0:09:ff:cf:e7:50:54:8f:14:f0:ec:1a:98:23:
8b:ed:16:4d:32:e1:ab:7e:1f:21:32:26:44:40:8a:81:ca:83:
33:a9:a0:88:16:e5:d7:1c:b9:00:9c:cb:90:f8:5b:6e:2c:d4:
cc:8e:0a:81:1d:83:00:08:d4:59:57:38:ac:2a:9e:fa:4a:12:
05:a7:2e:d8:dc:c5:67:4c:5f:0c:6d:da:6e:03:9b:30:d9:f9:
b1:ba:3c:6e:a1:5d:bd:71:28:f6:da:d7:0f:2f:24:6c:83:8a:
28:43:59:eb:01:72:f8:b6:d8:99:61:ec:a2:58:03:ec:bd:b5:
a0:47:46:a2:ba:c9:65:a8:77:83:4a:da:bc:c5:fd:f2:3f:9b:
3d:2c:79:4f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZd/2Z82EWfHPG3E9sHpTsOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTIzN2MzOWEzMjVhYTMwOWI2OWU2NmZlMDkyMzdkYTFh
ZDBkMmIwHhcNMjUwNjE3MjE0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJlZDg3MGUxNWI2OWRhNWMwNjRmM2QyYWVjMzQ2ZjUyMmEwNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hYUeIp6WyOudUM3IdtswYu23riE
t6FbkCIUZO64ZXv8qgL/GUamf3JkGPV6XosmlqVIaIEpiRQS4WMBjTS57cEufr6r
WSgUvvqm7I5ct177IVJl2f0T7i4bcUGHJ9S+5i2uR1rzo6o/TPkfamrDVLvd4nLy
FK5firwqfuiuRFTCJCyKMNh2bEvnWBTttH3aDDwfoVdJJxjhIbw0cTuPf2RGLW67
WG5lCSf/Hs+sEXo6rdqwKkIXixaVu65HSkUITYZj2GrDVOuII9e7ON9To3pcNeNi
exUHiVhWYHdIymzteVlI5FqkkcWC8kJjQKwYjxch+ye1NAzqsAEInautPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOgu2HDhW2naXAZPPSrsNG9SKgRfMB8GA1UdIwQY
MBaAFKFSN8OaMlqjCbaeZv4JI32hrQ0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQt
NGM5MTBhZTM3MzVkLzEvNkM3WWNPRmJhZHBjQms4OUt1dzBiMUlxQkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQtNGM5MTBhZTM3MzVk
LzEvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQAwfLeMCYE
AgACMCADBgAqE3XBAQMGACoTdcEDAwYAKhN1wQUDBgUqE3XBIDANBgkqhkiG9w0B
AQsFAAOCAQEAqJbmfKSBHvSl7n+fUXAEHkiJK2rYB9y+272ekDO7BeD1HMaKz6kF
heVvgQ4LQyGWvkl73befRz7HHhMUiSSKd1nqfFoTpDGgpWe4XklY9LwGNPeNB0ZS
GUhrYWJsx/KKtozluhAe6zWIkGt7kMjDZOAJ/8/nUFSPFPDsGpgji+0WTTLhq34f
ITImRECKgcqDM6mgiBbl1xy5AJzLkPhbbizUzI4KgR2DAAjUWVc4rCqe+koSBacu
2NzFZ0xfDG3abgObMNn5sbo8bqFdvXEo9trXDy8kbIOKKENZ6wFy+LbYmWHsolgD
7L21oEdGorrJZah3g0ravMX98j+bPSx5Tw==
-----END CERTIFICATE-----
Generated at Wed Jul 2 04:50:33 2025 by rpki-client