Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/bJ_iwVujMcklNyoPPnV6NVD5zm0.roa
File: bJ_iwVujMcklNyoPPnV6NVD5zm0.roa (raw, json)
Hash identifier: 7Mm1XlFD1wQ7r5xMGnLxxurh8Au27N7TujgdM8NcOpg=
Subject key identifier: 6C:9F:E2:C1:5B:A3:31:C9:25:37:2A:0F:3E:75:7A:35:50:F9:CE:6D
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 0198D049A5D37AC3D1ED8A303F250EDC8A32
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/bJ_iwVujMcklNyoPPnV6NVD5zm0.roa
Signing time: Fri 22 Aug 2025 05:39:04 +0000
ROA not before: Fri 22 Aug 2025 05:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34718
IP address blocks: 62.209.128.0/19 maxlen: 19
80.80.208.0/20 maxlen: 20
80.80.208.0/23 maxlen: 23
80.80.210.0/24 maxlen: 24
80.80.211.0/24 maxlen: 24
80.80.212.0/22 maxlen: 22
80.80.216.0/21 maxlen: 21
89.236.192.0/18 maxlen: 18
94.141.70.0/24 maxlen: 24
94.141.80.0/24 maxlen: 24
94.141.82.0/24 maxlen: 24
94.141.83.0/24 maxlen: 24
94.141.84.0/24 maxlen: 24
94.141.85.0/24 maxlen: 24
94.141.89.0/24 maxlen: 24
94.141.95.0/24 maxlen: 24
185.6.40.0/22 maxlen: 22
185.248.44.0/22 maxlen: 22
194.55.92.0/22 maxlen: 22
217.30.164.0/22 maxlen: 22
217.30.168.0/24 maxlen: 24
217.30.174.0/24 maxlen: 24
2a02:f10::/29 maxlen: 29
2a03:540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:49:a5:d3:7a:c3:d1:ed:8a:30:3f:25:0e:dc:8a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Aug 22 05:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c9fe2c15ba331c925372a0f3e757a3550f9ce6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:37:0a:ec:ab:11:b9:3f:1e:7a:c7:d1:6b:
04:35:00:d5:9b:64:55:d6:2b:ad:b8:2a:86:c0:9c:
7a:c5:e8:90:51:46:ad:72:4a:05:8d:e1:d0:8d:f6:
30:1d:ce:42:56:8e:9d:0a:4b:fe:ef:00:34:3c:6a:
86:a1:4a:d4:15:35:88:e6:04:50:98:04:5e:4d:0a:
7f:5e:11:0c:60:2d:68:74:47:c0:31:15:73:28:23:
cb:07:4d:bb:5b:a8:65:38:dc:39:c4:e0:79:7d:b6:
ee:b3:56:d7:17:68:ca:15:95:da:31:d5:69:fb:41:
95:b0:f2:14:e8:34:60:6e:15:8b:9f:63:26:68:bb:
36:6c:53:b5:48:45:6b:6a:a8:2a:cf:57:91:aa:f6:
b5:4b:07:66:43:bd:6c:28:68:b7:e5:db:e7:02:68:
06:cf:87:ba:92:19:56:40:c1:14:3e:39:20:ac:07:
c9:33:c3:42:c9:21:dd:48:07:d5:77:79:5a:63:1d:
44:a3:7f:b7:b1:98:18:b6:cb:0c:b1:54:8f:2f:95:
52:d4:a1:72:fe:7c:8d:fb:6e:63:01:2a:fc:f7:3f:
3d:aa:ee:52:7e:70:32:29:cb:b9:59:f7:c8:c4:23:
2b:7c:ad:99:c1:49:75:c9:cb:c3:dc:72:55:2c:12:
99:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9F:E2:C1:5B:A3:31:C9:25:37:2A:0F:3E:75:7A:35:50:F9:CE:6D
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/bJ_iwVujMcklNyoPPnV6NVD5zm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.128.0/19
80.80.208.0/20
89.236.192.0/18
94.141.70.0/24
94.141.80.0/24
94.141.82.0-94.141.85.255
94.141.89.0/24
94.141.95.0/24
185.6.40.0/22
185.248.44.0/22
194.55.92.0/22
217.30.164.0-217.30.168.255
217.30.174.0/24
IPv6:
2a02:f10::/29
2a03:540::/32
Signature Algorithm: sha256WithRSAEncryption
35:12:e8:80:c0:78:b5:c6:61:66:a0:12:01:e7:02:67:25:22:
c1:b1:de:6c:6f:59:e1:20:91:f2:95:2d:c0:49:bb:31:f7:b7:
88:46:e6:ed:d5:41:88:32:2b:99:f8:d9:8e:a9:58:98:bf:be:
f1:25:c1:34:ff:5f:d3:88:a0:04:73:c3:09:9e:04:2b:a9:35:
21:75:a3:a6:2f:21:c2:22:dc:99:d2:70:d9:99:e6:08:12:b0:
e7:ae:62:27:ca:c4:e7:ca:ea:68:c6:df:bc:52:1d:11:e5:28:
45:64:91:06:9e:22:f3:ee:8a:40:7e:8a:18:81:79:e8:13:2e:
d7:c0:7b:08:a0:6b:b6:5d:c3:5f:b0:8b:6d:46:43:74:cd:a8:
e3:c4:55:0d:83:68:9b:00:8c:e6:0e:87:bb:f0:41:c6:f1:52:
76:8a:11:75:4c:7b:13:ee:df:51:18:f9:85:d5:5c:9f:1a:e2:
67:7b:18:95:2b:6a:c7:c9:5f:24:0d:8f:11:6a:c9:38:cf:88:
36:0c:8e:30:a1:eb:de:dc:a3:07:da:89:4e:d5:a8:39:4c:0d:
be:01:c0:f2:86:d6:01:97:19:e9:49:dd:40:6a:95:7c:91:3b:
58:c0:32:47:0f:56:97:f2:73:8b:70:19:15:bd:86:f9:f8:05:
de:48:44:46
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZjQSaXTesPR7YowPyUO3IoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjUwODIyMDUzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzlmZTJjMTViYTMzMWM5MjUzNzJhMGYzZTc1N2EzNTUwZjljZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvA3CuyrEbk/HnrH0WsENQDVm2RV
1iutuCqGwJx6xeiQUUatckoFjeHQjfYwHc5CVo6dCkv+7wA0PGqGoUrUFTWI5gRQ
mAReTQp/XhEMYC1odEfAMRVzKCPLB027W6hlONw5xOB5fbbus1bXF2jKFZXaMdVp
+0GVsPIU6DRgbhWLn2MmaLs2bFO1SEVraqgqz1eRqva1SwdmQ71sKGi35dvnAmgG
z4e6khlWQMEUPjkgrAfJM8NCySHdSAfVd3laYx1Eo3+3sZgYtssMsVSPL5VS1KFy
/nyN+25jASr89z89qu5SfnAyKcu5WffIxCMrfK2ZwUl1ycvD3HJVLBKZfQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFGyf4sFbozHJJTcqDz51ejVQ+c5tMB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvYkpfaXdWdWpNY2tsTnlvUFBuVjZOVkQ1em0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXgMEBT7RgAME
BFBQ0AMEBlnswAMEAF6NRgMEAF6NUDAMAwQBXo1SAwQBXo1UAwQAXo1ZAwQAXo1f
AwQCuQYoAwQCufgsAwQCwjdcMAwDBALZHqQDBADZHqgDBADZHq4wFAQCAAIwDgMF
AyoCDxADBQAqAwVAMA0GCSqGSIb3DQEBCwUAA4IBAQA1EuiAwHi1xmFmoBIB5wJn
JSLBsd5sb1nhIJHylS3ASbsx97eIRubt1UGIMiuZ+NmOqViYv77xJcE0/1/TiKAE
c8MJngQrqTUhdaOmLyHCItyZ0nDZmeYIErDnrmInysTnyupoxt+8Uh0R5ShFZJEG
niLz7opAfooYgXnoEy7XwHsIoGu2XcNfsIttRkN0zajjxFUNg2ibAIzmDoe78EHG
8VJ2ihF1THsT7t9RGPmF1VyfGuJnexiVK2rHyV8kDY8Rask4z4g2DI4woeve3KMH
2olO1ag5TA2+AcDyhtYBlxnpSd1AapV8kTtYwDJHD1aX8nOLcBkVvYb5+AXeSERG
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:34:00 2025 by rpki-client