Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/egtzvRVazNe8WeEfcIG06LemmN8.roa
File: egtzvRVazNe8WeEfcIG06LemmN8.roa (raw, json)
Hash identifier: TsV2yb4uCxxRnC/+s7mjRUpuNbVIbnDgtBTH7E4+YyE=
Subject key identifier: 7A:0B:73:BD:15:5A:CC:D7:BC:59:E1:1F:70:81:B4:E8:B7:A6:98:DF
Certificate issuer: /CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Certificate serial: 01976FDD364322BCC8B2F21B88A1D9DAC8F3
Authority key identifier: 3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/egtzvRVazNe8WeEfcIG06LemmN8.roa
Signing time: Sat 14 Jun 2025 19:14:17 +0000
ROA not before: Sat 14 Jun 2025 19:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 37.0.72.0/21 maxlen: 24
46.21.192.0/20 maxlen: 24
62.100.128.0/19 maxlen: 24
78.41.232.0/21 maxlen: 24
81.93.240.0/20 maxlen: 24
91.191.144.0/20 maxlen: 24
94.247.176.0/21 maxlen: 24
185.67.152.0/22 maxlen: 24
188.130.0.0/17 maxlen: 24
193.47.184.0/24 maxlen: 24
195.14.0.0/24 maxlen: 24
195.114.18.0/23 maxlen: 24
2001:758::/32 maxlen: 48
2001:900::/32 maxlen: 48
2a00:cb80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6f:dd:36:43:22:bc:c8:b2:f2:1b:88:a1:d9:da:c8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Validity
Not Before: Jun 14 19:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a0b73bd155accd7bc59e11f7081b4e8b7a698df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:f7:e5:ea:c3:16:a1:68:6f:91:5f:a9:4b:
ca:08:4f:38:17:d2:e9:eb:b7:a8:d3:17:ca:98:d3:
93:22:42:7e:12:04:c6:c0:c0:21:6a:9d:c1:03:72:
bc:62:8b:05:72:86:03:2b:9c:65:11:7f:85:b4:89:
b2:e6:9e:d8:00:32:0a:68:c0:7d:e6:c7:57:69:04:
e5:be:06:1f:ce:24:cb:76:21:8c:34:f8:9b:5b:3c:
79:9a:ae:79:17:00:ec:d2:cc:1c:04:86:95:d0:95:
a3:93:ab:d3:3d:1f:a0:cc:b0:4f:98:d1:9c:22:c4:
e6:93:6a:90:dd:16:51:84:32:ae:39:b2:06:de:6d:
66:92:60:03:cd:d1:35:32:96:70:90:b6:fc:39:ec:
98:1a:15:18:06:ac:f1:f6:ac:f7:15:f6:65:5f:6a:
8a:3b:11:a4:e9:be:66:db:08:2b:79:00:d2:c8:9f:
51:bf:f7:1e:4d:14:f2:4a:8f:29:84:f7:c2:ff:29:
7a:1f:9c:65:15:e5:19:41:2e:0a:b2:01:57:1a:a8:
58:4d:b6:76:44:c1:cf:b1:37:cf:5b:99:d3:92:7a:
53:10:de:fc:af:a1:15:a8:05:23:6a:35:5b:1c:53:
6c:75:ee:81:81:b0:df:1f:ba:a7:db:f1:89:04:f7:
eb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0B:73:BD:15:5A:CC:D7:BC:59:E1:1F:70:81:B4:E8:B7:A6:98:DF
X509v3 Authority Key Identifier:
keyid:3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/egtzvRVazNe8WeEfcIG06LemmN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.72.0/21
46.21.192.0/20
62.100.128.0/19
78.41.232.0/21
81.93.240.0/20
91.191.144.0/20
94.247.176.0/21
185.67.152.0/22
188.130.0.0/17
193.47.184.0/24
195.14.0.0/24
195.114.18.0/23
IPv6:
2001:758::/32
2001:900::/32
2a00:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
4e:12:bd:68:ee:34:df:37:ea:6b:37:f9:98:ed:b3:6c:46:60:
8f:7f:29:89:f3:ef:78:6e:3e:05:7d:42:ad:e9:09:77:83:7a:
fa:b8:a3:b8:da:b9:b5:13:3e:e9:12:8b:65:1e:11:6c:0d:44:
66:8f:95:7e:18:bd:7c:1b:88:20:89:f7:55:35:d2:00:34:f4:
ac:90:b7:4f:89:62:61:d9:e8:61:25:c3:f9:52:e8:e9:17:cb:
43:1a:50:5d:56:29:68:7c:22:3b:e3:89:77:a2:28:c8:c2:00:
28:ba:7a:ba:e0:bd:bd:7c:74:31:78:3d:fb:7c:06:e1:3b:03:
68:31:ce:43:b3:32:36:2c:28:13:6e:72:ef:5b:f2:53:53:82:
8d:98:e1:9f:05:bc:a1:2d:d5:4a:bc:26:e0:17:d4:d2:05:57:
5e:eb:fa:b0:8b:ff:62:b7:2e:37:6b:39:ab:65:11:a9:72:56:
20:00:20:45:ad:5c:78:b5:6f:9a:7e:03:ce:f3:d9:f8:bf:ad:
72:09:dc:e5:33:ee:21:2f:3c:9d:68:8c:9d:77:79:2c:d3:ac:
94:04:52:75:78:e7:f7:f9:cb:49:d0:98:22:fd:11:12:5f:17:
9f:9d:cc:37:23:5b:48:93:de:ea:7a:e4:78:24:b5:8b:4f:ca:
f0:51:d6:ba
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZdv3TZDIrzIsvIbiKHZ2sjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzhjMjBlNjVkY2QzM2ZmOGE1ZTNjMzBhNjQ1OTI1YzVj
OWY5NWYwHhcNMjUwNjE0MTkxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBiNzNiZDE1NWFjY2Q3YmM1OWUxMWY3MDgxYjRlOGI3YTY5OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8z35erDFqFob5FfqUvKCE84F9Lp
67eo0xfKmNOTIkJ+EgTGwMAhap3BA3K8YosFcoYDK5xlEX+FtImy5p7YADIKaMB9
5sdXaQTlvgYfziTLdiGMNPibWzx5mq55FwDs0swcBIaV0JWjk6vTPR+gzLBPmNGc
IsTmk2qQ3RZRhDKuObIG3m1mkmADzdE1MpZwkLb8OeyYGhUYBqzx9qz3FfZlX2qK
OxGk6b5m2wgreQDSyJ9Rv/ceTRTySo8phPfC/yl6H5xlFeUZQS4KsgFXGqhYTbZ2
RMHPsTfPW5nTknpTEN78r6EVqAUjajVbHFNsde6BgbDfH7qn2/GJBPfrEwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHoLc70VWszXvFnhH3CBtOi3ppjfMB8GA1UdIwQY
MBaAFD7Iwg5l3NM/+KXjwwpkWSXFyflfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYt
ZGZjNWNjNjRhODFlLzEvZWd0enZSVmF6TmU4V2VFZmNJRzA2TGVtbU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYtZGZjNWNjNjRhODFl
LzEvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQDJQBIAwQE
LhXAAwQFPmSAAwQDTinoAwQEUV3wAwQEW7+QAwQDXvewAwQCuUOYAwQHvIIAAwQA
wS+4AwQAww4AAwQBw3ISMBsEAgACMBUDBQAgAQdYAwUAIAEJAAMFACoAy4AwDQYJ
KoZIhvcNAQELBQADggEBAE4SvWjuNN836ms3+Zjts2xGYI9/KYnz73huPgV9Qq3p
CXeDevq4o7jaubUTPukSi2UeEWwNRGaPlX4YvXwbiCCJ91U10gA09KyQt0+JYmHZ
6GElw/lS6OkXy0MaUF1WKWh8IjvjiXeiKMjCACi6errgvb18dDF4Pft8BuE7A2gx
zkOzMjYsKBNucu9b8lNTgo2Y4Z8FvKEt1Uq8JuAX1NIFV17r+rCL/2K3LjdrOatl
EalyViAAIEWtXHi1b5p+A87z2fi/rXIJ3OUz7iEvPJ1ojJ13eSzTrJQEUnV45/f5
y0nQmCL9ERJfF5+dzDcjW0iT3up65HgktYtPyvBR1ro=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:44:34 2025 by rpki-client