Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa
File: W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa (raw, json)
Hash identifier: OmbyY76V+595ZQjAafvVZcWcNGfzKgZ8Ut3VoJKhN9E=
Subject key identifier: 5B:A6:6E:0C:01:A7:5A:80:DA:13:39:56:23:BB:BA:A1:09:27:4A:60
Certificate issuer: /CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Certificate serial: 01975906A7C412DCC5F46D93618E661616C7
Authority key identifier: 7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa
Signing time: Tue 10 Jun 2025 08:48:17 +0000
ROA not before: Tue 10 Jun 2025 08:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205086
IP address blocks: 185.231.20.0/22 maxlen: 22
185.231.20.0/24 maxlen: 24
185.231.21.0/24 maxlen: 24
185.231.22.0/24 maxlen: 24
185.231.23.0/24 maxlen: 24
2a0a:9580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 23:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:06:a7:c4:12:dc:c5:f4:6d:93:61:8e:66:16:16:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Validity
Not Before: Jun 10 08:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ba66e0c01a75a80da13395623bbbaa109274a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:0e:30:e8:77:75:b7:7b:cc:33:af:cc:23:
5e:fa:96:3d:59:69:ef:33:a6:e6:2f:33:02:3f:fd:
72:d2:99:25:eb:96:b7:89:c1:e0:8f:4b:29:97:05:
ba:0a:68:16:68:53:97:16:a9:8c:1e:9e:80:7e:28:
f7:53:04:47:fb:cb:9c:da:a0:99:23:89:b3:4d:0a:
6d:45:46:08:55:39:43:f3:ed:4b:eb:88:e2:2e:f5:
ee:70:3d:23:2a:dd:d8:17:a3:64:9c:24:16:47:c4:
85:15:73:25:47:03:3b:54:c4:9f:e5:f9:84:4f:72:
5e:e8:d7:62:a3:ae:ba:b0:be:86:1e:c3:3a:52:03:
9f:43:7d:c6:42:df:b6:94:45:0c:4f:e3:4b:b9:20:
b1:19:7a:a1:61:d0:2a:fd:8b:5b:2f:5b:2f:7f:24:
a1:d2:c5:e4:d8:f9:61:55:c8:ba:f7:81:41:69:f9:
fa:89:ff:38:f2:6b:64:33:36:23:be:39:21:13:58:
1f:69:1c:f4:62:7c:cc:2f:42:98:d8:f0:1c:fe:6f:
91:21:bf:9a:13:b8:5d:d9:42:ac:1a:ae:37:f8:9e:
0f:4e:de:28:20:c5:2a:56:80:d5:13:28:f2:6c:da:
f5:f1:61:4d:98:e8:cc:1d:f9:55:e8:4b:b7:60:ce:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A6:6E:0C:01:A7:5A:80:DA:13:39:56:23:BB:BA:A1:09:27:4A:60
X509v3 Authority Key Identifier:
keyid:7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.20.0/22
IPv6:
2a0a:9580::/29
Signature Algorithm: sha256WithRSAEncryption
bc:70:59:48:a4:03:e8:74:50:7c:f5:ef:d7:83:1d:4d:32:28:
a3:d4:7b:8e:35:0c:2f:86:e0:12:6c:60:16:ee:29:4e:60:8c:
df:2c:e0:9e:91:4f:73:2b:08:88:bf:6d:96:45:87:c7:0d:ae:
80:30:22:78:a9:d5:85:83:46:ed:1a:c0:1d:f2:ab:b7:ee:25:
c0:db:49:62:82:aa:4b:42:f9:5e:43:03:b3:aa:fe:83:33:c2:
03:c8:c7:9c:7d:e4:01:05:06:f0:6f:58:14:ac:ee:a3:a9:6f:
14:2b:88:44:ac:c6:8e:b8:01:f5:ab:8d:7c:c7:5f:b2:6d:2c:
8d:c3:bd:ad:3d:ea:ce:9b:57:3f:2a:72:da:5a:e5:24:d8:9c:
9a:10:a9:0f:05:b8:2a:92:97:2b:64:0a:a1:33:b1:f4:17:51:
5a:08:01:a6:3a:cd:78:a6:c1:f7:e9:1f:c2:e1:d6:ab:32:32:
a4:32:dc:9e:21:9f:55:1c:63:e5:cc:0e:d1:db:1f:e9:77:93:
32:3f:d6:16:0e:cd:50:f9:af:fc:09:d7:1e:3e:75:69:ef:cb:
28:92:da:75:b6:50:5b:38:b3:0e:68:37:b3:17:b7:30:d3:92:
f1:58:dc:e8:46:de:71:cd:f8:df:d8:26:58:df:72:c4:fb:05:
b9:d7:00:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZdZBqfEEtzF9G2TYY5mFhbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTM0MTRiZGMyMzEyNDAwZGZhOWY1MDY1MGQ1MWVlMDQ0
M2RmMTYwHhcNMjUwNjEwMDg0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmE2NmUwYzAxYTc1YTgwZGExMzM5NTYyM2JiYmFhMTA5Mjc0YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDoOMOh3dbd7zDOvzCNe+pY9WWnv
M6bmLzMCP/1y0pkl65a3icHgj0splwW6CmgWaFOXFqmMHp6Afij3UwRH+8uc2qCZ
I4mzTQptRUYIVTlD8+1L64jiLvXucD0jKt3YF6NknCQWR8SFFXMlRwM7VMSf5fmE
T3Je6Ndio666sL6GHsM6UgOfQ33GQt+2lEUMT+NLuSCxGXqhYdAq/YtbL1svfySh
0sXk2PlhVci694FBafn6if848mtkMzYjvjkhE1gfaRz0YnzML0KY2PAc/m+RIb+a
E7hd2UKsGq43+J4PTt4oIMUqVoDVEyjybNr18WFNmOjMHflV6Eu3YM6RyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFumbgwBp1qA2hM5ViO7uqEJJ0pgMB8GA1UdIwQY
MBaAFH4TQUvcIxJADfqfUGUNUe4EQ98WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQt
MDRmY2VjYWQ3MGVjLzEvVzZadURBR25Xb0RhRXpsV0k3dTZvUWtuU21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQtMDRmY2VjYWQ3MGVj
LzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuecUMA0E
AgACMAcDBQMqCpWAMA0GCSqGSIb3DQEBCwUAA4IBAQC8cFlIpAPodFB89e/Xgx1N
Miij1HuONQwvhuASbGAW7ilOYIzfLOCekU9zKwiIv22WRYfHDa6AMCJ4qdWFg0bt
GsAd8qu37iXA20ligqpLQvleQwOzqv6DM8IDyMecfeQBBQbwb1gUrO6jqW8UK4hE
rMaOuAH1q418x1+ybSyNw72tPerOm1c/KnLaWuUk2JyaEKkPBbgqkpcrZAqhM7H0
F1FaCAGmOs14psH36R/C4darMjKkMtyeIZ9VHGPlzA7R2x/pd5MyP9YWDs1Q+a/8
CdcePnVp78soktp1tlBbOLMOaDezF7cw05LxWNzoRt5xzfjf2CZY33LE+wW51wAd
-----END CERTIFICATE-----
Generated at Thu Jun 19 08:43:43 2025 by rpki-client