Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kKtRQezG1rMEyMQvP0RRWITiDNY.roa
File: kKtRQezG1rMEyMQvP0RRWITiDNY.roa (raw, json)
Hash identifier: kg46EVpkE4+/VNPdECgsYCTszii5SSynRjie+wFP6H8=
Subject key identifier: 90:AB:51:41:EC:C6:D6:B3:04:C8:C4:2F:3F:44:51:58:84:E2:0C:D6
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01980D7CF20671B1FE55789B2793E0398D59
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kKtRQezG1rMEyMQvP0RRWITiDNY.roa
Signing time: Tue 15 Jul 2025 09:49:08 +0000
ROA not before: Tue 15 Jul 2025 09:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 77.105.8.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.195.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
212.69.2.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:7c:f2:06:71:b1:fe:55:78:9b:27:93:e0:39:8d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 15 09:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90ab5141ecc6d6b304c8c42f3f44515884e20cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d3:39:d0:96:00:61:22:13:f3:59:22:36:a3:
d5:1d:37:3f:ac:82:bf:a4:24:41:2b:18:a2:03:cf:
8a:7b:6d:a8:75:c3:41:f5:86:c8:b4:3e:71:a8:56:
33:4a:80:ed:41:50:5e:51:50:6c:9f:a3:f6:f6:24:
b4:41:e5:d0:17:db:4c:ca:8c:c2:d4:63:64:5f:8a:
88:24:9a:50:83:21:75:b7:76:ce:e8:bb:4d:90:e1:
4b:9f:fb:99:ca:b0:38:41:93:b3:d6:ed:7e:4a:5c:
e1:03:30:18:27:f5:43:d9:f0:f9:02:cd:a2:3f:cb:
69:ba:9a:b0:54:19:9b:17:a4:39:83:32:33:82:b1:
cc:ab:13:94:de:3d:83:a3:74:8d:72:d0:f7:48:ae:
cc:bb:b3:93:ce:11:e2:fe:20:07:2b:fd:a7:58:08:
0c:1a:c9:a8:66:30:13:94:e3:b0:fd:97:bb:73:d8:
28:a4:fb:93:e9:a6:9a:83:8d:46:64:eb:6b:d0:38:
54:7e:5d:e5:8b:a4:d7:cf:d4:76:db:c6:b9:c5:02:
cd:8c:c9:2c:e7:d1:db:10:db:b3:3a:8d:fe:60:19:
c5:da:3b:f2:2f:83:64:d3:06:51:1d:7d:f9:9a:dc:
fa:83:5b:bc:f0:79:c8:9e:a4:dd:72:bb:2a:42:1f:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AB:51:41:EC:C6:D6:B3:04:C8:C4:2F:3F:44:51:58:84:E2:0C:D6
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kKtRQezG1rMEyMQvP0RRWITiDNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.39.0/24
79.175.66.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
178.219.2.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.235.0/24
178.253.238.0/24
178.253.245.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:00:cf:02:21:ac:38:9b:a9:6b:fc:e2:98:93:c0:5e:8d:23:
f3:1f:ca:f3:d6:03:06:c6:b3:2e:40:73:fb:d5:fe:03:43:18:
05:9c:cc:88:1b:25:51:80:88:42:93:8c:77:6e:0e:56:15:3c:
05:bb:42:6b:4b:07:a3:d1:76:c0:6e:95:d1:1d:91:40:df:5b:
29:f0:ff:40:91:46:05:f5:b3:47:26:01:ce:ef:04:b5:e1:61:
38:e6:90:ae:94:f7:bd:e0:b5:d8:ff:0a:5e:7f:b3:bc:88:d1:
47:fa:ca:70:a4:47:5b:e6:a0:da:ee:91:dd:a5:04:5e:a7:d8:
a4:e8:2b:60:ef:ec:36:f5:61:a5:39:d3:91:8c:4c:88:87:3a:
eb:74:ef:af:36:48:ed:81:46:a1:26:ea:f0:29:2f:8a:fc:f1:
f1:2c:d8:f2:67:67:b3:9a:e1:39:c6:11:80:86:19:ff:91:92:
8e:4b:33:87:74:29:53:3b:7a:e4:b1:79:6b:33:32:96:54:68:
1f:d5:93:69:9d:10:8c:c9:ab:b0:b6:94:d1:bd:61:56:c1:9c:
af:75:85:60:18:c4:a3:bf:74:6a:7a:52:f2:33:b4:39:73:f0:
4b:17:14:f7:69:b7:fe:6e:04:15:a6:e0:b9:b8:7a:de:dc:43:
4c:b7:97:c3
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZgNfPIGcbH+VXibJ5PgOY1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNzE1MDk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFiNTE0MWVjYzZkNmIzMDRjOGM0MmYzZjQ0NTE1ODg0ZTIwY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tM50JYAYSIT81kiNqPVHTc/rIK/
pCRBKxiiA8+Ke22odcNB9YbItD5xqFYzSoDtQVBeUVBsn6P29iS0QeXQF9tMyozC
1GNkX4qIJJpQgyF1t3bO6LtNkOFLn/uZyrA4QZOz1u1+SlzhAzAYJ/VD2fD5As2i
P8tpupqwVBmbF6Q5gzIzgrHMqxOU3j2Do3SNctD3SK7Mu7OTzhHi/iAHK/2nWAgM
GsmoZjATlOOw/Ze7c9gopPuT6aaag41GZOtr0DhUfl3li6TXz9R228a5xQLNjMks
59HbENuzOo3+YBnF2jvyL4Nk0wZRHX35mtz6g1u88HnInqTdcrsqQh93+QIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFJCrUUHsxtazBMjELz9EUViE4gzWMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEva0t0UlFlekcxck1FeU1RdlAwUlJXSVRpRE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABN
aQgDBABNaScDBABPr0IDBABPr3gDBABREjMwDAMEA1ESOAMEAFESOgMEAFESPwME
AF26QQMEAF26TQMEAW15MAMEAG15NQMEALLbAgMEALL91DAMAwQDsv3YAwQAsv3a
AwQAsv3rAwQAsv3uMAwDBACy/fUDBACy/fYDBAC8/7MDBAC8/74DBAG8/8AwDAME
ALz/wwMEA7z/wAMEALz/zwMEALz/2QMEALz/5AMEAbz/5jAMAwQB1EUCAwQB1EUE
AwQA1EUTAwQA1EUVAwQA1EUeMA0GCSqGSIb3DQEBCwUAA4IBAQBqAM8CIaw4m6lr
/OKYk8BejSPzH8rz1gMGxrMuQHP71f4DQxgFnMyIGyVRgIhCk4x3bg5WFTwFu0Jr
Swej0XbAbpXRHZFA31sp8P9AkUYF9bNHJgHO7wS14WE45pCulPe94LXY/wpef7O8
iNFH+spwpEdb5qDa7pHdpQRep9ik6Ctg7+w29WGlOdORjEyIhzrrdO+vNkjtgUah
JurwKS+K/PHxLNjyZ2ezmuE5xhGAhhn/kZKOSzOHdClTO3rksXlrMzKWVGgf1ZNp
nRCMyauwtpTRvWFWwZyvdYVgGMSjv3RqelLyM7Q5c/BLFxT3abf+bgQVpuC5uHre
3ENMt5fD
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:14:45 2025 by rpki-client