Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kDL6RSfuodxlZ7usb-NkAQUToMA.roa
File: kDL6RSfuodxlZ7usb-NkAQUToMA.roa (raw, json)
Hash identifier: XC+n0I2nAeW2zkOpOXXpDeD6t6vb4XoWDoWOnBQy15M=
Subject key identifier: 90:32:FA:45:27:EE:A1:DC:65:67:BB:AC:6F:E3:64:01:05:13:A0:C0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0197D4A6FF403F1C6708945DCF9F1F20F168
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kDL6RSfuodxlZ7usb-NkAQUToMA.roa
Signing time: Fri 04 Jul 2025 08:56:42 +0000
ROA not before: Fri 04 Jul 2025 08:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
62.76.238.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.106.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 20:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:a6:ff:40:3f:1c:67:08:94:5d:cf:9f:1f:20:f1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 4 08:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9032fa4527eea1dc6567bbac6fe364010513a0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:06:59:b1:e2:a7:67:32:a5:13:cc:c4:d9:
c5:90:a3:28:88:3f:9b:db:ad:da:ee:7b:43:a2:7b:
4c:ed:0c:2d:e8:d7:51:d4:82:e0:38:76:ba:0a:98:
4b:49:80:76:e2:65:1b:b2:1e:27:e1:ef:fd:ac:54:
37:32:ed:f5:4b:0c:05:e4:52:50:ef:88:e3:30:51:
b7:db:f8:89:a5:80:3c:a8:5d:b9:4b:42:06:b3:ee:
e0:84:c1:27:4c:2d:4c:0a:5f:14:35:a2:12:c3:3f:
08:c0:95:d9:4d:38:74:cc:1b:e4:03:e6:b4:65:80:
a6:2c:eb:52:05:a2:63:fe:3e:a8:ce:25:a2:80:7e:
81:95:f0:71:ab:3c:b0:d6:c6:4f:48:1e:8d:bb:fa:
f2:7d:24:cd:49:ce:4c:23:3a:30:d9:a6:2b:a1:31:
80:63:bd:64:6b:44:eb:6e:75:71:e2:4c:44:08:6b:
a2:d3:18:57:13:53:92:17:5a:03:ce:9b:04:bc:59:
8b:27:3e:24:27:1c:f4:a1:2e:c7:d4:a9:b7:db:03:
cb:5c:f6:0a:7d:69:27:a7:d0:51:a0:86:d6:99:48:
43:b7:69:ec:d3:33:64:77:69:dc:8a:52:02:c4:91:
e3:cc:c5:29:71:09:7e:b1:ef:44:a1:8a:aa:7b:4c:
2d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:32:FA:45:27:EE:A1:DC:65:67:BB:AC:6F:E3:64:01:05:13:A0:C0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kDL6RSfuodxlZ7usb-NkAQUToMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.234.0/24
62.76.238.0/23
192.124.175.0-192.124.176.255
192.124.209.0/24
193.108.112.0/24
193.124.2.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.2.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.41.0/24
194.87.47.0-194.87.48.255
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.89.0/24
194.87.105.0-194.87.106.255
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.137.0/24
194.87.162.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:13:ce:36:25:ca:3e:ae:b3:47:92:e3:88:c8:66:aa:26:a9:
ed:de:c8:2a:e4:70:af:ae:80:c2:7d:4d:2d:c4:89:f6:32:19:
4d:6f:fc:1d:88:2a:4a:cb:f0:fd:82:49:58:a5:35:bb:da:6c:
1d:80:ca:4f:2f:5a:91:e6:e6:63:1a:ab:91:b7:b3:71:4c:13:
e1:5b:ab:09:1b:87:19:30:78:e6:69:f1:a1:9e:d2:49:f0:0a:
d8:3b:0c:39:6e:ac:b5:02:a1:bf:d4:99:a6:3a:08:94:00:cd:
b8:8e:1e:c3:dd:7f:3f:00:d4:24:ae:a6:ac:41:2f:39:d3:4c:
3c:1d:a2:88:1d:d1:2c:a6:de:b0:ac:4e:0a:8f:cf:e8:38:6b:
32:4f:04:2d:29:f9:62:9a:11:40:aa:a1:d7:47:36:16:34:e0:
88:59:32:df:4e:f7:8a:12:11:98:e9:e8:92:8b:8f:7a:d9:5b:
e6:4d:33:3b:9d:d5:ba:f2:6f:e1:ce:98:34:6d:c7:e8:a8:28:
67:ca:81:d2:2d:06:71:b5:6a:0c:c2:0c:89:43:55:63:e3:1c:
e5:25:2c:6f:06:3c:5f:94:77:e7:a0:b4:03:0a:48:b2:75:4b:
88:59:a2:0e:07:15:eb:6e:3a:8e:20:5d:44:75:e9:23:76:eb:
23:61:bf:71
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZfUpv9APxxnCJRdz58fIPFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNzA0MDg1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDMyZmE0NTI3ZWVhMWRjNjU2N2JiYWM2ZmUzNjQwMTA1MTNhMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovAGWbHip2cypRPMxNnFkKMoiD+b
263a7ntDontM7Qwt6NdR1ILgOHa6CphLSYB24mUbsh4n4e/9rFQ3Mu31SwwF5FJQ
74jjMFG32/iJpYA8qF25S0IGs+7ghMEnTC1MCl8UNaISwz8IwJXZTTh0zBvkA+a0
ZYCmLOtSBaJj/j6oziWigH6BlfBxqzyw1sZPSB6Nu/ryfSTNSc5MIzow2aYroTGA
Y71ka0TrbnVx4kxECGui0xhXE1OSF1oDzpsEvFmLJz4kJxz0oS7H1Km32wPLXPYK
fWknp9BRoIbWmUhDt2ns0zNkd2ncilICxJHjzMUpcQl+se9EoYqqe0wt6QIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFJAy+kUn7qHcZWe7rG/jZAEFE6DAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva0RMNlJTZnVvZHhsWjd1c2ItTmtBUVVUb01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAD5M6AMEAD5M6gMEAT5M7jAMAwQAwHyvAwQAwHywAwQAwHzRAwQAwWxwAwQA
wXwCAwQAwXwWAwQAwXwpAwQAwXwuMAwDBAHCOiYDBADCOigDBADCOjsDBADCOkID
BADCOkQDBADCVwIDBADCVwowDAMEAMJXEQMEAMJXEgMEAMJXFwMEAMJXHgMEAMJX
JwMEAMJXKTAMAwQAwlcvAwQAwlcwAwQAwlc6AwQAwldJAwQAwldSAwQAwldZMAwD
BADCV2kDBADCV2oDBADCV2wDBADCV3sDBADCV4ADBADCV4kDBADCV6IDBADCV7ID
BADCV8YDBADCV+MDBADCV+YDBADCV/ADBADCV/UDBADDhTcDBADDhUMDBADDhVMD
BADDhVwDBADUwN0DBADUwN8wDAMEANTBAQMEANTBAgMEANTBBjANBgkqhkiG9w0B
AQsFAAOCAQEALRPONiXKPq6zR5LjiMhmqiap7d7IKuRwr66Awn1NLcSJ9jIZTW/8
HYgqSsvw/YJJWKU1u9psHYDKTy9akebmYxqrkbezcUwT4VurCRuHGTB45mnxoZ7S
SfAK2DsMOW6stQKhv9SZpjoIlADNuI4ew91/PwDUJK6mrEEvOdNMPB2iiB3RLKbe
sKxOCo/P6DhrMk8ELSn5YpoRQKqh10c2FjTgiFky3073ihIRmOnokouPetlb5k0z
O53VuvJv4c6YNG3H6KgoZ8qB0i0GcbVqDMIMiUNVY+Mc5SUsbwY8X5R356C0AwpI
snVLiFmiDgcV6246jiBdRHXpI3brI2G/cQ==
-----END CERTIFICATE-----
Generated at Mon Jul 7 01:40:18 2025 by rpki-client