Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/6FP3Y1fBU0TrJ51eMbgNFd0rKVA.roa
File: 6FP3Y1fBU0TrJ51eMbgNFd0rKVA.roa (raw, json)
Hash identifier: ThVgjuG/r9q2aF5/KHMfIZnIIpHT020uL7K9KYhhSI4=
Subject key identifier: E8:53:F7:63:57:C1:53:44:EB:27:9D:5E:31:B8:0D:15:DD:2B:29:50
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 019A4B0977E3E1D8E4A17D2FBC64E4933B56
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/6FP3Y1fBU0TrJ51eMbgNFd0rKVA.roa
Signing time: Mon 03 Nov 2025 18:45:03 +0000
ROA not before: Mon 03 Nov 2025 18:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202015
IP address blocks: 77.83.199.0/24 maxlen: 24
79.141.160.0/23 maxlen: 23
79.141.162.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
79.141.173.0/24 maxlen: 24
89.46.38.0/24 maxlen: 24
91.193.19.0/24 maxlen: 24
185.33.84.0/23 maxlen: 23
185.33.86.0/23 maxlen: 23
185.253.119.0/24 maxlen: 24
193.42.38.0/24 maxlen: 24
193.111.208.0/24 maxlen: 24
194.124.229.0/24 maxlen: 24
2a01:8640:4::/48 maxlen: 48
2a01:8640:5::/48 maxlen: 48
2a01:8640:b::/48 maxlen: 48
2a01:8640:e::/48 maxlen: 48
2a01:8640:1e::/48 maxlen: 48
2a01:8640:1f::/48 maxlen: 48
2a01:8640:22::/48 maxlen: 48
2a01:8640:23::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 12:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:09:77:e3:e1:d8:e4:a1:7d:2f:bc:64:e4:93:3b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Nov 3 18:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e853f76357c15344eb279d5e31b80d15dd2b2950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9f:1b:01:84:18:0c:98:97:30:0e:d5:c2:ee:
a6:c4:8b:5c:35:81:41:c7:2f:a9:fa:3f:d5:bf:8d:
b4:12:9b:0b:b5:7d:b2:ae:90:0f:fb:5e:ee:c8:5e:
92:ae:fe:fa:14:ad:53:0c:d9:51:26:02:2f:e2:72:
ea:03:c4:52:f7:ff:67:19:e0:da:74:63:e2:a1:be:
54:f4:cc:e2:97:45:d8:b8:95:ee:78:11:ad:f3:a5:
4d:7c:24:02:04:ab:4c:4d:c5:da:21:b5:b2:ec:56:
8c:2b:a2:97:b3:c9:c5:fa:dc:70:d7:14:64:d9:8b:
99:c2:71:e6:f7:ec:b8:65:10:ce:1d:83:76:fe:d1:
0a:d9:b0:22:11:1c:bc:21:ee:d4:2b:9d:38:18:b2:
1f:c0:ab:bf:b1:fb:bc:5d:75:1e:f5:10:db:53:64:
5d:e7:46:88:7c:05:b0:8c:8f:be:e3:cb:7d:09:c8:
1d:f3:25:a0:40:dd:6c:b2:6c:57:c6:b1:3a:bf:00:
65:e2:18:cf:a9:b2:42:ec:a3:6b:e6:b5:c6:5c:ec:
2c:94:b9:5a:92:7e:ce:f9:af:9b:9c:f1:d9:a7:db:
1b:ab:56:b7:38:b4:a4:1d:b9:11:60:5a:6e:b1:4b:
a6:30:52:6e:55:94:09:29:7f:85:9a:71:56:74:bf:
33:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:53:F7:63:57:C1:53:44:EB:27:9D:5E:31:B8:0D:15:DD:2B:29:50
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/6FP3Y1fBU0TrJ51eMbgNFd0rKVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.199.0/24
79.141.160.0/22
79.141.172.0/23
89.46.38.0/24
91.193.19.0/24
185.33.84.0/22
185.253.119.0/24
193.42.38.0/24
193.111.208.0/24
194.124.229.0/24
IPv6:
2a01:8640:4::/47
2a01:8640:b::/48
2a01:8640:e::/48
2a01:8640:1e::/47
2a01:8640:22::/47
Signature Algorithm: sha256WithRSAEncryption
6a:7e:b8:c9:b3:73:a1:a3:60:b7:eb:93:e0:4f:27:9d:79:ba:
c1:3b:5e:ed:9e:4d:49:a6:9a:bd:1c:42:ad:d6:aa:d5:ea:63:
b1:ba:10:21:73:d8:08:70:ce:6f:18:42:55:61:e2:3a:79:56:
49:80:22:96:1f:21:70:8d:2f:5a:42:b1:a2:2f:07:aa:a1:a1:
41:dd:10:d6:e7:67:b5:62:44:15:bf:ef:5e:5f:62:e5:77:b7:
77:ba:ea:62:e1:88:20:0f:08:5e:e4:ed:7d:2e:80:e6:ac:03:
f9:a0:9b:b9:05:95:a6:a5:97:3d:d6:dc:15:49:83:ab:25:bc:
62:0e:05:df:4f:0e:72:3f:ce:79:33:e7:10:ee:fc:3d:96:93:
89:fe:56:93:08:8a:80:9b:11:47:a1:ed:c3:39:6f:b9:fb:d5:
3d:8b:cb:bb:46:56:89:4d:1e:7f:e4:b1:b3:00:9a:be:c4:5d:
ac:ac:6f:00:7c:52:ff:12:42:74:5c:60:b4:76:f1:36:53:e8:
4b:13:52:0e:fa:39:7c:48:9b:77:40:c9:04:4e:93:12:35:af:
9e:0b:1c:2c:69:b1:b0:bf:95:f7:69:ce:31:48:49:e1:c9:7c:
b4:cb:6c:5d:61:40:72:ac:8e:7f:dd:e3:64:3a:98:a9:3a:58:
ca:73:39:4d
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZpLCXfj4djkoX0vvGTkkztWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjUxMTAzMTg0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODUzZjc2MzU3YzE1MzQ0ZWIyNzlkNWUzMWI4MGQxNWRkMmIyOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA158bAYQYDJiXMA7Vwu6mxItcNYFB
xy+p+j/Vv420EpsLtX2yrpAP+17uyF6Srv76FK1TDNlRJgIv4nLqA8RS9/9nGeDa
dGPiob5U9Mzil0XYuJXueBGt86VNfCQCBKtMTcXaIbWy7FaMK6KXs8nF+txw1xRk
2YuZwnHm9+y4ZRDOHYN2/tEK2bAiERy8Ie7UK504GLIfwKu/sfu8XXUe9RDbU2Rd
50aIfAWwjI++48t9Ccgd8yWgQN1ssmxXxrE6vwBl4hjPqbJC7KNr5rXGXOwslLla
kn7O+a+bnPHZp9sbq1a3OLSkHbkRYFpusUumMFJuVZQJKX+FmnFWdL8zeQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFOhT92NXwVNE6yedXjG4DRXdKylQMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvNkZQM1kxZkJVMFRySjUxZU1iZ05GZDByS1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwQgQCAAEwPAMEAE1TxwME
Ak+NoAMEAU+NrAMEAFkuJgMEAFvBEwMEArkhVAMEALn9dwMEAMEqJgMEAMFv0AME
AMJ85TAzBAIAAjAtAwcBKgGGQAAEAwcAKgGGQAALAwcAKgGGQAAOAwcBKgGGQAAe
AwcBKgGGQAAiMA0GCSqGSIb3DQEBCwUAA4IBAQBqfrjJs3Oho2C365PgTyedebrB
O17tnk1Jppq9HEKt1qrV6mOxuhAhc9gIcM5vGEJVYeI6eVZJgCKWHyFwjS9aQrGi
LweqoaFB3RDW52e1YkQVv+9eX2Lld7d3uupi4YggDwhe5O19LoDmrAP5oJu5BZWm
pZc91twVSYOrJbxiDgXfTw5yP855M+cQ7vw9lpOJ/laTCIqAmxFHoe3DOW+5+9U9
i8u7RlaJTR5/5LGzAJq+xF2srG8AfFL/EkJ0XGC0dvE2U+hLE1IO+jl8SJt3QMkE
TpMSNa+eCxwsabGwv5X3ac4xSEnhyXy0y2xdYUByrI5/3eNkOpipOljKczlN
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:30:20 2025 by rpki-client