Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kJJhVBrKrDX_L10QicprPEgkqc0.roa
File: kJJhVBrKrDX_L10QicprPEgkqc0.roa (raw, json)
Hash identifier: GhFkxy1YBOxfhFoesIU6coUTRWprHVOAjzm3jThbPNE=
Subject key identifier: 90:92:61:54:1A:CA:AC:35:FF:2F:5D:10:89:CA:6B:3C:48:24:A9:CD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196E95A4987A544C18C8A9DD4191F3263A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kJJhVBrKrDX_L10QicprPEgkqc0.roa
Signing time: Mon 19 May 2025 16:22:10 +0000
ROA not before: Mon 19 May 2025 16:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
62.76.238.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:5a:49:87:a5:44:c1:8c:8a:9d:d4:19:1f:32:63:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 19 16:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=909261541acaac35ff2f5d1089ca6b3c4824a9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:94:6a:f0:30:0e:34:e2:c5:5a:af:0f:0c:
07:89:d6:a0:2e:cc:8b:74:bf:2e:86:cb:29:93:2a:
3f:38:fa:a8:a9:75:05:af:fe:3d:fa:a1:37:ad:63:
b5:a4:79:6c:04:b5:0c:59:33:74:fe:6d:66:da:f2:
23:1c:b0:6d:43:78:fb:ab:96:93:d5:7b:c8:1a:86:
fb:cb:3b:12:7f:8c:76:8e:65:7e:55:3a:f5:8b:50:
56:13:ba:0a:ab:21:27:90:58:2d:98:71:46:d7:f2:
5d:1c:78:a1:40:16:79:33:ff:a8:86:a5:53:c6:8a:
9d:6f:10:e1:a4:35:82:77:01:b5:02:b7:78:9f:3c:
0a:7d:00:86:0d:64:53:48:d8:3a:36:67:59:0c:bc:
d0:bf:a2:f1:fb:1b:dd:a7:63:b4:57:9b:e8:36:ed:
8e:38:16:4a:d0:18:97:dc:30:67:b8:e8:e1:10:5c:
41:08:7b:73:56:2d:a5:74:7a:fe:c6:90:bb:fc:10:
f0:4e:e8:a6:1d:74:38:26:2d:b7:29:60:38:63:58:
a0:fc:ea:10:22:0b:7b:2d:dc:e9:8b:f9:ec:38:eb:
29:e1:cb:7d:7f:8c:b0:14:aa:82:52:a4:e9:c2:97:
75:8b:53:7e:c1:35:92:30:34:eb:fb:03:41:9e:8b:
a9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:92:61:54:1A:CA:AC:35:FF:2F:5D:10:89:CA:6B:3C:48:24:A9:CD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kJJhVBrKrDX_L10QicprPEgkqc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.234.0/24
62.76.238.0/23
192.124.175.0-192.124.176.255
192.124.209.0/24
193.108.112.0/24
193.124.2.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.2.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.41.0/24
194.87.47.0-194.87.48.255
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.89.0/24
194.87.105.0/24
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.137.0/24
194.87.162.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
07:80:bb:99:50:63:7f:22:ca:02:83:69:99:52:4a:5d:87:85:
5f:7b:83:d6:0a:b6:e4:cc:27:42:28:ef:f4:54:ed:88:67:b8:
0b:4b:9a:96:9e:87:e4:39:08:18:c5:7a:ac:01:c4:af:59:ed:
ea:65:c6:58:0d:c7:aa:b3:7b:06:20:e2:9e:fe:72:7e:ee:6b:
7b:da:04:63:42:62:00:61:0b:c8:8c:5d:89:fe:05:86:8d:4c:
85:c2:25:21:aa:75:f6:4b:05:21:6a:e9:7f:76:34:df:9d:a9:
19:92:db:ed:19:6b:59:a8:ef:d6:e7:a9:39:ae:6a:89:55:98:
7a:12:9b:28:a3:bc:9b:e7:77:f0:81:03:ed:43:1e:e2:c2:42:
ce:ad:6d:67:8f:ca:1d:92:fd:c4:e2:49:45:8a:c0:c5:ee:a2:
fe:11:6a:ed:8f:78:3e:58:f8:8e:9d:02:1e:b2:d8:37:70:50:
66:df:e8:ef:56:1a:4f:fb:1e:74:fe:11:69:3b:6d:dc:1d:78:
c1:08:76:ad:dd:e0:11:1a:2f:a0:ae:a1:15:21:bc:fb:ff:01:
64:2e:b0:7f:2f:4e:80:a2:a1:92:e4:b9:f3:80:9a:da:9a:12:
8b:5a:58:53:34:4b:44:5c:90:bd:f1:03:85:07:e4:aa:21:80:
e1:c6:a0:2a
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZbpWkmHpUTBjIqd1BkfMmOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTE5MTYyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDkyNjE1NDFhY2FhYzM1ZmYyZjVkMTA4OWNhNmIzYzQ4MjRhOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnmUavAwDjTixVqvDwwHidagLsyL
dL8uhsspkyo/OPqoqXUFr/49+qE3rWO1pHlsBLUMWTN0/m1m2vIjHLBtQ3j7q5aT
1XvIGob7yzsSf4x2jmV+VTr1i1BWE7oKqyEnkFgtmHFG1/JdHHihQBZ5M/+ohqVT
xoqdbxDhpDWCdwG1Ard4nzwKfQCGDWRTSNg6NmdZDLzQv6Lx+xvdp2O0V5voNu2O
OBZK0BiX3DBnuOjhEFxBCHtzVi2ldHr+xpC7/BDwTuimHXQ4Ji23KWA4Y1ig/OoQ
Igt7Ldzpi/nsOOsp4ct9f4ywFKqCUqTpwpd1i1N+wTWSMDTr+wNBnoupLQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFJCSYVQayqw1/y9dEInKazxIJKnNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva0pKaFZCcktyRFhfTDEwUWljcHJQRWdrcWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAD5M6AMEAD5M6gMEAT5M7jAMAwQAwHyvAwQAwHywAwQAwHzRAwQAwWxwAwQA
wXwCAwQAwXwWAwQAwXwpAwQAwXwuMAwDBAHCOiYDBADCOigDBADCOjsDBADCOkID
BADCOkQDBADCVwIDBADCVwowDAMEAMJXEQMEAMJXEgMEAMJXFwMEAMJXHgMEAMJX
JwMEAMJXKTAMAwQAwlcvAwQAwlcwAwQAwlc6AwQAwldJAwQAwldSAwQAwldZAwQA
wldpAwQAwldsAwQAwld7AwQAwleAAwQAwleJAwQAwleiAwQAwleyAwQAwlfGAwQA
wlfjAwQAwlfmAwQAwlfwAwQAwlf1AwQAw4U3AwQAw4VDAwQAw4VTAwQAw4VcAwQA
1MDdAwQA1MDfMAwDBADUwQEDBADUwQIDBADUwQYwDQYJKoZIhvcNAQELBQADggEB
AAeAu5lQY38iygKDaZlSSl2HhV97g9YKtuTMJ0Io7/RU7YhnuAtLmpaeh+Q5CBjF
eqwBxK9Z7eplxlgNx6qzewYg4p7+cn7ua3vaBGNCYgBhC8iMXYn+BYaNTIXCJSGq
dfZLBSFq6X92NN+dqRmS2+0Za1mo79bnqTmuaolVmHoSmyijvJvnd/CBA+1DHuLC
Qs6tbWePyh2S/cTiSUWKwMXuov4Rau2PeD5Y+I6dAh6y2DdwUGbf6O9WGk/7HnT+
EWk7bdwdeMEIdq3d4BEaL6CuoRUhvPv/AWQusH8vToCioZLkufOAmtqaEotaWFM0
S0RckL3xA4UH5KohgOHGoCo=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:49:16 2025 by rpki-client