Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/_0avkX9R80849niuPtRFEJjbyDI.roa
File: _0avkX9R80849niuPtRFEJjbyDI.roa (raw, json)
Hash identifier: Wlo0KTcdwxIVfrtxvPDP/C02KQyQtuDyar4UgepvhIg=
Subject key identifier: FF:46:AF:91:7F:51:F3:4F:38:F6:78:AE:3E:D4:45:10:98:DB:C8:32
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 0196EDBA809947532282C5F784AF16947C49
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/_0avkX9R80849niuPtRFEJjbyDI.roa
Signing time: Tue 20 May 2025 12:45:44 +0000
ROA not before: Tue 20 May 2025 12:45:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6700
IP address blocks: 62.108.96.0/19 maxlen: 24
62.193.128.0/19 maxlen: 24
91.148.64.0/18 maxlen: 24
91.223.162.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
194.106.160.0/19 maxlen: 24
195.252.64.0/18 maxlen: 24
213.244.228.0/22 maxlen: 24
213.244.232.0/21 maxlen: 24
217.26.64.0/20 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.mft
rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:ba:80:99:47:53:22:82:c5:f7:84:af:16:94:7c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: May 20 12:45:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff46af917f51f34f38f678ae3ed4451098dbc832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8b:b0:60:7c:2c:27:03:8b:2d:70:b9:38:9a:
db:e6:c2:10:d3:e2:19:67:ad:76:c9:93:9f:3c:6b:
f9:f2:dc:a3:85:63:b8:72:18:6a:9c:a8:6d:4f:42:
97:88:78:dc:75:8e:ef:83:7a:2c:64:d9:56:ca:66:
1b:7c:b7:62:c3:0d:06:5b:34:c6:62:b4:c7:d6:13:
23:3b:7f:d0:84:9c:dc:58:4c:d4:6c:cd:e1:5b:e6:
94:76:39:ec:25:29:ca:af:3b:73:c9:71:78:70:5a:
1b:91:98:39:6b:be:3d:17:4a:c3:b2:aa:c6:af:1c:
99:ab:bd:32:ff:8e:b0:3c:d2:a0:15:85:f1:75:f1:
83:7d:27:6e:be:2c:31:5c:8e:18:15:73:80:5f:91:
ad:55:71:9d:23:57:2d:6f:06:f5:1f:22:7a:1b:d1:
0a:34:b7:93:79:b8:47:c3:6c:56:11:3f:7a:13:db:
0e:5d:65:75:6c:d3:1e:67:b4:36:d2:a7:21:37:8d:
bb:fd:e9:6b:8a:26:32:6c:98:20:03:12:7b:8c:74:
cc:b2:0d:f0:d5:3c:b4:af:ca:11:8e:af:4c:59:dd:
57:04:bf:f6:d5:90:06:9d:f9:46:d1:99:49:af:8c:
81:73:7c:63:0c:e7:88:48:35:0d:cc:29:bd:b4:08:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:46:AF:91:7F:51:F3:4F:38:F6:78:AE:3E:D4:45:10:98:DB:C8:32
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/_0avkX9R80849niuPtRFEJjbyDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
91.148.64.0/18
91.223.162.0/24
178.20.205.0/24
178.20.207.0/24
185.47.210.0/24
194.106.160.0/19
195.252.64.0/18
213.244.228.0-213.244.239.255
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
20:01:06:96:17:76:d0:fa:4a:44:0d:a0:cd:70:5b:6f:5d:67:
e2:a1:ca:96:34:3c:40:6b:73:a3:08:37:90:27:ad:ac:3d:ba:
76:7a:fe:d7:3e:0e:9a:ae:14:a0:b2:60:d7:e5:90:59:b2:07:
5f:6b:0b:54:d7:f9:bf:d4:0d:b6:b4:b8:5c:40:b8:66:a4:8a:
8f:3b:f1:a1:e2:85:e9:8f:9a:8a:bf:4e:77:fa:45:f8:9c:ec:
0c:5e:c7:46:7b:be:c5:00:c2:ba:92:52:44:2a:00:47:fb:58:
eb:fe:c8:54:17:e2:4d:c0:54:9f:3b:c5:c0:df:e0:e2:2e:7e:
4c:3a:4d:3f:74:97:74:12:56:b0:b8:0e:4f:81:45:a8:73:f0:
4f:5a:23:73:88:3e:95:9b:03:98:0b:ab:4f:ab:8a:6c:82:93:
28:17:01:c2:db:c5:77:bb:2e:fe:03:63:18:e5:3d:78:e3:98:
a2:e5:7d:7a:20:95:d2:62:92:d7:a7:7e:bc:f5:25:6b:ad:49:
d8:a0:7b:18:04:85:d4:2c:1c:17:5c:35:47:15:70:ac:fc:a7:
6e:c5:8c:79:4f:02:a0:52:52:cf:ea:18:ae:4d:77:9c:a3:d1:
db:ae:8e:db:2a:71:80:4a:2a:b7:96:b4:1b:8f:61:c8:89:d9:
fc:8b:a0:4a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZbtuoCZR1MigsX3hK8WlHxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjUwNTIwMTI0NTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ2YWY5MTdmNTFmMzRmMzhmNjc4YWUzZWQ0NDUxMDk4ZGJjODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvouwYHwsJwOLLXC5OJrb5sIQ0+IZ
Z612yZOfPGv58tyjhWO4chhqnKhtT0KXiHjcdY7vg3osZNlWymYbfLdiww0GWzTG
YrTH1hMjO3/QhJzcWEzUbM3hW+aUdjnsJSnKrztzyXF4cFobkZg5a749F0rDsqrG
rxyZq70y/46wPNKgFYXxdfGDfSduviwxXI4YFXOAX5GtVXGdI1ctbwb1HyJ6G9EK
NLeTebhHw2xWET96E9sOXWV1bNMeZ7Q20qchN427/elriiYybJggAxJ7jHTMsg3w
1Ty0r8oRjq9MWd1XBL/21ZAGnflG0ZlJr4yBc3xjDOeISDUNzCm9tAj+ZQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFP9Gr5F/UfNPOPZ4rj7URRCY28gyMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvXzBhdmtYOVI4MDg0OW5pdVB0UkZFSmpieURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQFPmxgAwQF
PsGAAwQGW5RAAwQAW9+iAwQAshTNAwQAshTPAwQAuS/SAwQFwmqgAwQGw/xAMAwD
BALV9OQDBATV9OADBATZGkAwFAQCAAIwDgMFACABCMgDBQAqAg5AMA0GCSqGSIb3
DQEBCwUAA4IBAQAgAQaWF3bQ+kpEDaDNcFtvXWfiocqWNDxAa3OjCDeQJ62sPbp2
ev7XPg6arhSgsmDX5ZBZsgdfawtU1/m/1A22tLhcQLhmpIqPO/Gh4oXpj5qKv053
+kX4nOwMXsdGe77FAMK6klJEKgBH+1jr/shUF+JNwFSfO8XA3+DiLn5MOk0/dJd0
ElawuA5PgUWoc/BPWiNziD6VmwOYC6tPq4psgpMoFwHC28V3uy7+A2MY5T1445ii
5X16IJXSYpLXp3689SVrrUnYoHsYBIXULBwXXDVHFXCs/KduxYx5TwKgUlLP6hiu
TXeco9Hbro7bKnGASiq3lrQbj2HIidn8i6BK
-----END CERTIFICATE-----
Generated at Thu Jun 19 09:29:24 2025 by rpki-client