
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KzlycsYmSzefCw9JZEzoqU8Pbxs.roa
File: KzlycsYmSzefCw9JZEzoqU8Pbxs.roa (raw, json)
Hash identifier: PSaqquJEaRWJYtFehln/fxXFy3Tj4qAQhvia6IU/hwA=
Subject key identifier: 2B:39:72:72:C6:26:4B:37:9F:0B:0F:49:64:4C:E8:A9:4F:0F:6F:1B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197C9CA87DB4FF891FA9F97186439B0779D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KzlycsYmSzefCw9JZEzoqU8Pbxs.roa
Signing time: Wed 02 Jul 2025 06:19:42 +0000
ROA not before: Wed 02 Jul 2025 06:19:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:ca:87:db:4f:f8:91:fa:9f:97:18:64:39:b0:77:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 2 06:19:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b397272c6264b379f0b0f49644ce8a94f0f6f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:ab:72:18:6c:ea:af:fc:46:5f:34:0d:57:
1e:85:06:eb:ca:c3:8d:39:03:0e:12:6e:e7:05:e9:
ce:f3:a9:ac:29:21:f7:a0:5a:81:91:35:47:b0:be:
11:c1:85:82:cf:ad:c1:c2:3f:73:75:35:15:ef:68:
3b:67:88:6d:52:34:f6:ae:e3:c1:ca:02:c2:c7:20:
6a:71:b3:17:50:75:06:38:8f:15:d6:ed:22:2c:75:
15:6a:4d:3c:9a:c9:6e:5c:62:65:9f:a1:23:0d:45:
8e:48:61:08:64:87:84:e6:21:bc:ec:04:51:ad:8c:
91:3b:d5:aa:55:91:03:be:4d:cd:89:73:e7:4f:12:
fe:67:eb:66:0b:94:7c:29:e0:36:ab:ec:31:ba:6c:
5f:cd:aa:af:43:7a:27:55:ee:15:61:5c:a7:e5:b9:
9e:53:96:2a:7e:9a:f2:c2:34:9d:0a:b2:94:1e:06:
b8:b8:bf:5b:68:98:1d:72:3f:94:f6:eb:f3:cb:09:
f7:49:a5:c9:00:19:ee:c8:c0:24:19:fc:4d:a5:c0:
1c:a0:c9:47:ab:7f:d2:f1:e8:59:cf:99:60:42:df:
b3:fc:7e:34:28:8a:b5:20:7c:93:88:3d:f6:3f:55:
d7:56:d4:b7:4c:93:cf:62:89:f5:5d:2f:35:bd:3a:
87:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:39:72:72:C6:26:4B:37:9F:0B:0F:49:64:4C:E8:A9:4F:0F:6F:1B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KzlycsYmSzefCw9JZEzoqU8Pbxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.98.0/24
87.120.68.0/23
87.121.60.0/23
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:d9:9b:b2:92:d3:94:d5:7e:df:29:f5:ca:b9:e5:9a:d8:1c:
d5:a6:65:8e:e2:01:0f:50:06:99:36:20:d4:8b:71:20:63:7f:
2b:a5:90:37:49:b0:2a:0d:04:a4:56:30:a8:36:ec:61:85:ed:
18:41:10:66:e2:83:38:ee:e1:73:c8:b0:b3:d0:b4:da:77:89:
f4:a6:d9:ab:75:b0:29:52:a0:7e:71:14:64:66:84:5f:46:3e:
5c:e4:3a:d0:8c:ff:e2:42:65:4d:18:aa:f5:d2:d3:63:45:65:
bc:b3:b6:f6:e1:95:e0:d0:d9:ad:27:75:51:e7:de:f6:5c:08:
56:ec:fc:7f:d0:ae:87:ab:43:54:56:be:22:f6:09:2b:96:ab:
8a:79:b9:b7:bb:a3:b7:76:98:11:09:05:a0:c7:71:44:c1:60:
40:d4:92:a5:d2:3d:49:f8:e7:c6:1d:94:a8:33:fc:aa:7a:65:
42:c7:6d:9f:5d:e4:f1:75:c3:b8:ae:03:8a:90:ff:ca:cb:76:
a2:e3:f4:cb:97:4e:03:1f:0e:79:30:93:99:bf:0e:12:aa:1e:
02:c0:14:f2:5c:4f:71:31:cf:0c:90:0d:6d:bf:86:0f:d0:ef:
de:cf:c4:c6:be:ab:5f:50:27:04:92:9d:30:31:8e:03:29:89:
76:26:f2:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfJyofbT/iR+p+XGGQ5sHedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzAyMDYxOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM5NzI3MmM2MjY0YjM3OWYwYjBmNDk2NDRjZThhOTRmMGY2ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnurchhs6q/8Rl80DVcehQbrysON
OQMOEm7nBenO86msKSH3oFqBkTVHsL4RwYWCz63Bwj9zdTUV72g7Z4htUjT2ruPB
ygLCxyBqcbMXUHUGOI8V1u0iLHUVak08msluXGJln6EjDUWOSGEIZIeE5iG87ARR
rYyRO9WqVZEDvk3NiXPnTxL+Z+tmC5R8KeA2q+wxumxfzaqvQ3onVe4VYVyn5bme
U5YqfprywjSdCrKUHga4uL9baJgdcj+U9uvzywn3SaXJABnuyMAkGfxNpcAcoMlH
q3/S8ehZz5lgQt+z/H40KIq1IHyTiD32P1XXVtS3TJPPYon1XS81vTqHTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCs5cnLGJks3nwsPSWRM6KlPD28bMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS3pseWNzWW1TemVmQ3c5SlpFem9xVThQYnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU9tiAwQB
V3hEAwQBV3k8AwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCe2ZuyktOU
1X7fKfXKueWa2BzVpmWO4gEPUAaZNiDUi3EgY38rpZA3SbAqDQSkVjCoNuxhhe0Y
QRBm4oM47uFzyLCz0LTad4n0ptmrdbApUqB+cRRkZoRfRj5c5DrQjP/iQmVNGKr1
0tNjRWW8s7b24ZXg0NmtJ3VR5972XAhW7Px/0K6Hq0NUVr4i9gkrlquKebm3u6O3
dpgRCQWgx3FEwWBA1JKl0j1J+OfGHZSoM/yqemVCx22fXeTxdcO4rgOKkP/Ky3ai
4/TLl04DHw55MJOZvw4Sqh4CwBTyXE9xMc8MkA1tv4YP0O/ez8TGvqtfUCcEkp0w
MY4DKYl2JvJb
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:46:22 2025 by rpki-client