Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6JWp8fnl93dhB8zcDsDWKpG6MYQ.roa
File: 6JWp8fnl93dhB8zcDsDWKpG6MYQ.roa (raw, json)
Hash identifier: ANH0GD/PfIVfp0XJuqXM89+2GRYH3V0+6FrnIDXf3JI=
Subject key identifier: E8:95:A9:F1:F9:E5:F7:77:61:07:CC:DC:0E:C0:D6:2A:91:BA:31:84
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01994C5B500544AFFDC25182373BB29AF4B8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6JWp8fnl93dhB8zcDsDWKpG6MYQ.roa
Signing time: Mon 15 Sep 2025 07:51:16 +0000
ROA not before: Mon 15 Sep 2025 07:51:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 192.36.87.0/24 maxlen: 24
192.36.92.0/24 maxlen: 24
192.71.200.0/24 maxlen: 24
192.121.63.0/24 maxlen: 24
193.181.71.0/24 maxlen: 24
193.182.6.0/24 maxlen: 24
193.182.105.0/24 maxlen: 24
193.182.156.0/24 maxlen: 24
193.182.159.0/24 maxlen: 24
194.14.242.0/24 maxlen: 24
194.68.3.0/24 maxlen: 24
194.68.24.0/23 maxlen: 24
194.103.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:5b:50:05:44:af:fd:c2:51:82:37:3b:b2:9a:f4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 15 07:51:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e895a9f1f9e5f7776107ccdc0ec0d62a91ba3184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8d:50:f7:0f:95:7f:61:3c:a4:ad:5d:e1:c2:
5d:8b:ad:76:7f:46:9e:b4:f7:46:ed:c2:33:e3:58:
66:2e:53:3a:80:94:84:49:12:fb:f5:cc:34:ed:65:
3e:4d:f6:0e:a5:2f:95:b3:5e:94:d6:d5:56:52:3f:
ec:e7:da:fb:a5:d9:98:bd:10:fe:33:84:a3:c5:db:
fa:04:40:e6:7d:24:87:3c:ab:9b:4c:38:64:38:97:
7a:6d:c3:a1:f3:7e:36:81:9e:ca:18:8c:28:55:89:
b5:db:bd:11:65:ae:4c:b0:08:70:eb:42:c4:a1:5d:
2c:c1:f7:92:16:04:4b:83:e3:2b:19:10:3a:53:5c:
9f:7d:c0:f7:b8:00:32:f0:21:76:9a:7f:05:0c:e1:
28:34:73:a9:61:14:33:bb:c8:ee:6d:9c:8a:f3:bc:
ca:7a:b2:f5:03:bf:02:ab:51:0d:b1:fa:e2:fa:cd:
d6:4c:7c:69:54:c5:97:8f:8f:65:e0:93:16:9e:51:
f5:c9:90:b4:92:cc:8e:a9:d0:82:d2:ba:d8:f2:26:
3d:82:f8:6f:2a:4f:3c:36:c6:82:c6:5c:47:8f:d6:
40:51:73:9b:ba:95:74:57:10:ee:71:c9:03:22:1c:
19:01:81:62:0e:8e:e0:11:05:13:73:f8:5e:93:4d:
79:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:95:A9:F1:F9:E5:F7:77:61:07:CC:DC:0E:C0:D6:2A:91:BA:31:84
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6JWp8fnl93dhB8zcDsDWKpG6MYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.87.0/24
192.36.92.0/24
192.71.200.0/24
192.121.63.0/24
193.181.71.0/24
193.182.6.0/24
193.182.105.0/24
193.182.156.0/24
193.182.159.0/24
194.14.242.0/24
194.68.3.0/24
194.68.24.0/23
194.103.248.0/24
Signature Algorithm: sha256WithRSAEncryption
64:36:3b:9f:fe:ca:24:e0:46:2b:7f:c1:1e:a6:f4:d8:fd:85:
c9:d4:36:31:d2:b7:ff:ac:c4:2d:96:af:03:cc:6c:76:79:a0:
67:63:3f:07:fd:c6:95:76:2f:1e:2e:fe:32:a4:be:b7:eb:14:
fe:77:61:c1:3e:5a:1a:19:06:28:55:84:5f:4f:59:b5:71:de:
08:8c:ab:bb:c4:87:4d:01:17:eb:2e:63:12:aa:43:14:04:47:
18:ff:2e:e9:9a:48:44:00:01:b8:8c:fd:9d:8b:e5:87:43:6f:
3d:3d:06:a6:10:ac:41:56:17:eb:19:f6:47:ec:95:be:94:2c:
7f:99:ec:b0:d5:e5:c1:c9:f2:aa:2b:c2:f4:f4:6c:32:26:4f:
88:3b:c4:ba:29:6a:9d:aa:67:fe:cb:f3:1a:84:26:2d:01:4f:
56:d6:0d:67:83:b1:81:ae:4a:54:71:5d:b1:9c:11:2e:e0:63:
92:ba:d6:7c:46:2c:65:d0:c1:11:6e:97:33:c2:9e:6c:00:f8:
18:75:42:9a:3a:7f:03:d6:a5:61:40:01:42:6f:a8:15:41:e1:
a0:96:9b:68:28:99:51:90:3b:4b:89:6d:b5:1a:fb:ed:1a:13:
85:a5:e4:3e:48:8f:eb:c5:ff:17:df:28:f7:1a:78:e5:c8:56:
ab:9d:a4:64
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZlMW1AFRK/9wlGCNzuymvS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwOTE1MDc1MTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk1YTlmMWY5ZTVmNzc3NjEwN2NjZGMwZWMwZDYyYTkxYmEzMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY1Q9w+Vf2E8pK1d4cJdi612f0ae
tPdG7cIz41hmLlM6gJSESRL79cw07WU+TfYOpS+Vs16U1tVWUj/s59r7pdmYvRD+
M4Sjxdv6BEDmfSSHPKubTDhkOJd6bcOh8342gZ7KGIwoVYm1270RZa5MsAhw60LE
oV0swfeSFgRLg+MrGRA6U1yffcD3uAAy8CF2mn8FDOEoNHOpYRQzu8jubZyK87zK
erL1A78Cq1ENsfri+s3WTHxpVMWXj49l4JMWnlH1yZC0ksyOqdCC0rrY8iY9gvhv
Kk88NsaCxlxHj9ZAUXObupV0VxDucckDIhwZAYFiDo7gEQUTc/hek015cwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFOiVqfH55fd3YQfM3A7A1iqRujGEMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNkpXcDhmbmw5M2RoQjh6Y0RzRFdLcEc2TVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwCRXAwQA
wCRcAwQAwEfIAwQAwHk/AwQAwbVHAwQAwbYGAwQAwbZpAwQAwbacAwQAwbafAwQA
wg7yAwQAwkQDAwQBwkQYAwQAwmf4MA0GCSqGSIb3DQEBCwUAA4IBAQBkNjuf/sok
4EYrf8EepvTY/YXJ1DYx0rf/rMQtlq8DzGx2eaBnYz8H/caVdi8eLv4ypL636xT+
d2HBPloaGQYoVYRfT1m1cd4IjKu7xIdNARfrLmMSqkMUBEcY/y7pmkhEAAG4jP2d
i+WHQ289PQamEKxBVhfrGfZH7JW+lCx/meyw1eXByfKqK8L09GwyJk+IO8S6KWqd
qmf+y/MahCYtAU9W1g1ng7GBrkpUcV2xnBEu4GOSutZ8Rixl0MERbpczwp5sAPgY
dUKaOn8D1qVhQAFCb6gVQeGglptoKJlRkDtLiW21GvvtGhOFpeQ+SI/rxf8X3yj3
GnjlyFarnaRk
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:56 2025 by rpki-client