Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/rxtrSvmD_RFnWzieVlVkl0VvNHg.roa
File: rxtrSvmD_RFnWzieVlVkl0VvNHg.roa (raw, json)
Hash identifier: /miHkpCVQbdxK2uWlYSN1Ko3dggZV4gzjlL/pMNtIqY=
Subject key identifier: AF:1B:6B:4A:F9:83:FD:11:67:5B:38:9E:56:55:64:97:45:6F:34:78
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 0198CB208B2B245BDAB1D724DEC2DF1FA307
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/rxtrSvmD_RFnWzieVlVkl0VvNHg.roa
Signing time: Thu 21 Aug 2025 05:36:04 +0000
ROA not before: Thu 21 Aug 2025 05:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35237
IP address blocks: 84.252.144.0/23 maxlen: 24
84.252.144.0/24 maxlen: 24
84.252.145.0/24 maxlen: 24
84.252.146.0/24 maxlen: 24
84.252.147.0/24 maxlen: 24
84.252.149.0/24 maxlen: 24
84.252.150.0/24 maxlen: 24
84.252.151.0/24 maxlen: 24
84.252.152.0/24 maxlen: 24
91.217.194.0/24 maxlen: 24
185.157.96.0/23 maxlen: 23
185.157.96.0/24 maxlen: 24
185.157.97.0/24 maxlen: 24
185.157.99.0/24 maxlen: 24
194.54.14.0/24 maxlen: 24
194.54.15.0/24 maxlen: 24
2a07:a600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:20:8b:2b:24:5b:da:b1:d7:24:de:c2:df:1f:a3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Aug 21 05:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af1b6b4af983fd11675b389e56556497456f3478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:27:3e:7d:e6:67:72:d0:61:1b:18:75:c1:
b0:62:f6:d4:ce:27:09:2e:2f:44:1a:6e:a0:a8:c2:
07:d4:41:3c:43:4b:91:df:f1:c5:68:97:f9:18:c1:
c1:2a:d7:87:40:90:fb:68:7c:24:2b:4b:bd:46:32:
cd:d4:86:54:4b:63:5f:06:f4:3f:01:04:d9:0f:43:
b5:1e:f1:d4:bf:76:e5:89:7e:ca:2d:04:f6:86:9b:
ac:b9:f7:fa:1b:bf:72:16:8e:09:39:3e:fb:9f:e1:
0c:69:c3:bd:ee:18:e4:e1:57:5e:c3:f6:fd:87:b6:
3b:74:38:07:3e:4b:bd:17:3e:69:0d:a3:d6:1b:dc:
17:17:0c:dd:cc:63:29:c2:4b:6a:6f:18:3e:48:e9:
9f:cf:cb:3b:25:6b:16:ea:df:0f:f6:85:83:34:df:
0d:f7:57:7b:c9:c5:42:62:9e:2b:5a:32:42:69:3d:
1a:c4:13:7b:68:c0:1c:50:75:a2:15:73:8e:79:19:
d2:91:b1:02:9a:b9:38:c3:30:1f:2a:47:d4:cb:8a:
19:55:27:e4:36:33:ff:24:17:30:26:35:8b:13:1a:
de:c0:dd:e3:b5:fe:59:5f:8b:cb:ea:e0:aa:b8:27:
e4:0b:88:af:23:47:39:c5:38:80:5d:fc:cf:0a:2e:
c4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1B:6B:4A:F9:83:FD:11:67:5B:38:9E:56:55:64:97:45:6F:34:78
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/rxtrSvmD_RFnWzieVlVkl0VvNHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.144.0/22
84.252.149.0-84.252.152.255
91.217.194.0/24
185.157.96.0/23
185.157.99.0/24
194.54.14.0/23
IPv6:
2a07:a600::/29
Signature Algorithm: sha256WithRSAEncryption
7e:7a:4e:a0:58:2c:c3:4c:22:ed:de:f0:9a:9d:da:f5:aa:a1:
96:81:23:d0:95:d9:3a:69:a5:1e:ec:c5:d9:c4:e6:2a:53:95:
c3:89:17:18:24:98:a8:54:88:17:eb:ba:fa:e1:37:53:0f:b0:
7a:2f:9e:6a:0b:78:e3:91:71:8b:fd:9a:79:bf:c9:7d:29:d7:
9c:81:59:5a:40:09:7a:9a:fa:3f:27:97:29:d6:3c:54:b6:94:
48:c9:e6:b9:b4:64:f2:fe:f5:bd:4c:fa:e9:a7:0d:22:92:de:
eb:93:c7:ed:31:6d:55:13:47:ae:da:30:1b:e1:22:4e:0d:24:
2c:3e:2c:c0:56:4b:d2:1f:cb:54:32:ec:03:13:14:33:52:f8:
54:c1:17:9c:35:c5:ee:f3:23:09:aa:13:e5:c7:b2:e6:39:d2:
d3:38:f6:f7:a9:17:85:0e:36:ed:bf:05:c6:a6:7f:c4:e5:be:
fb:f4:8e:ad:c0:3f:b5:bd:4f:86:c0:0e:b2:1f:bf:ac:4f:fd:
26:75:19:f6:b8:a5:28:43:81:2f:32:e3:36:e9:36:25:76:c0:
b3:8c:7a:69:63:25:20:92:a5:18:5d:7a:0b:28:87:66:0c:99:
df:71:86:81:7f:eb:50:ec:e3:5f:ae:50:5e:84:c7:5f:90:92:
ce:bb:2f:f7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZjLIIsrJFvasdck3sLfH6MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTI2YTczY2U4ZjlmNjJjMTRhMTFhMmVhOTEzZWMyNzNk
NThjNDYwHhcNMjUwODIxMDUzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFiNmI0YWY5ODNmZDExNjc1YjM4OWU1NjU1NjQ5NzQ1NmYzNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUQnPn3mZ3LQYRsYdcGwYvbUzicJ
Li9EGm6gqMIH1EE8Q0uR3/HFaJf5GMHBKteHQJD7aHwkK0u9RjLN1IZUS2NfBvQ/
AQTZD0O1HvHUv3bliX7KLQT2hpusuff6G79yFo4JOT77n+EMacO97hjk4Vdew/b9
h7Y7dDgHPku9Fz5pDaPWG9wXFwzdzGMpwktqbxg+SOmfz8s7JWsW6t8P9oWDNN8N
91d7ycVCYp4rWjJCaT0axBN7aMAcUHWiFXOOeRnSkbECmrk4wzAfKkfUy4oZVSfk
NjP/JBcwJjWLExrewN3jtf5ZX4vL6uCquCfkC4ivI0c5xTiAXfzPCi7EEQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFK8ba0r5g/0RZ1s4nlZVZJdFbzR4MB8GA1UdIwQY
MBaAFJpSanPOj59iwUoRouqRPsJz1YxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMt
N2QxNmI5MGRiZTcyLzEvcnh0clN2bURfUkZuV3ppZVZsVmtsMFZ2TkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMtN2QxNmI5MGRiZTcy
LzEvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCVPyQMAwD
BABU/JUDBABU/JgDBABb2cIDBAG5nWADBAC5nWMDBAHCNg4wDQQCAAIwBwMFAyoH
pgAwDQYJKoZIhvcNAQELBQADggEBAH56TqBYLMNMIu3e8Jqd2vWqoZaBI9CV2Tpp
pR7sxdnE5ipTlcOJFxgkmKhUiBfruvrhN1MPsHovnmoLeOORcYv9mnm/yX0p15yB
WVpACXqa+j8nlynWPFS2lEjJ5rm0ZPL+9b1M+umnDSKS3uuTx+0xbVUTR67aMBvh
Ik4NJCw+LMBWS9Ify1Qy7AMTFDNS+FTBF5w1xe7zIwmqE+XHsuY50tM49vepF4UO
Nu2/Bcamf8Tlvvv0jq3AP7W9T4bADrIfv6xP/SZ1Gfa4pShDgS8y4zbpNiV2wLOM
emljJSCSpRhdegsoh2YMmd9xhoF/61Ds41+uUF6Ex1+Qks67L/c=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:41:31 2025 by rpki-client