Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/K99kIqgkksx5PxBMKeT17J3awdM.roa
File: K99kIqgkksx5PxBMKeT17J3awdM.roa (raw, json)
Hash identifier: W9w7qqEalIrYLduT+V4g5MsAkQQkLz4QX34KbddM9k8=
Subject key identifier: 2B:DF:64:22:A8:24:92:CC:79:3F:10:4C:29:E4:F5:EC:9D:DA:C1:D3
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428282B9DE64C17CBA6C13FF690D07B1D
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/K99kIqgkksx5PxBMKeT17J3awdM.roa
Signing time: Thu 02 Jan 2025 17:55:08 +0000
ROA not before: Thu 02 Jan 2025 17:55:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202209
IP address blocks: 62.204.129.0/24 maxlen: 24
82.103.82.0/24 maxlen: 24
82.103.93.0/24 maxlen: 24
85.118.85.0/24 maxlen: 24
85.118.86.0/24 maxlen: 24
212.91.177.0/24 maxlen: 24
217.79.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:2b:9d:e6:4c:17:cb:a6:c1:3f:f6:90:d0:7b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bdf6422a82492cc793f104c29e4f5ec9ddac1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cc:f4:6d:9b:0a:04:18:af:91:b1:c6:d2:4c:
77:d4:90:cc:bb:b9:f3:bc:e7:1b:81:83:26:db:9a:
bf:84:37:5d:60:bf:a7:d4:1b:88:ff:8f:aa:8f:3e:
a1:74:6e:5d:6e:a1:85:cf:3c:2e:07:62:07:f0:8f:
ce:ec:f4:c2:ed:3f:25:4f:3b:a4:50:8b:99:30:32:
d2:a6:06:2a:16:69:fd:00:75:1c:5b:31:38:84:18:
6f:64:6c:ac:88:67:7c:e4:de:3d:c6:64:4c:c6:91:
95:26:45:f0:8d:f3:81:98:cd:ce:86:20:53:85:f0:
4d:3f:5d:ae:17:9b:cc:86:16:7b:e2:06:f7:cc:e7:
cc:eb:f3:df:d1:c7:58:18:1f:74:83:a6:98:b5:0f:
04:40:3a:51:dc:58:28:4b:86:0f:55:51:9d:43:a8:
41:87:0b:f2:1b:4b:74:a8:d4:5e:cf:33:be:3a:d3:
be:a4:5c:66:a7:ed:07:82:b4:fc:5b:64:22:ff:0d:
e1:8c:e6:cd:c3:27:bd:05:3e:f0:58:70:cc:a5:f3:
76:62:24:4e:6b:d0:52:ba:32:b1:2d:ee:d9:ae:a3:
43:cd:ba:c7:48:d2:1a:6a:d3:f1:ae:d5:27:3e:26:
19:10:43:20:31:04:1d:5c:1c:80:69:5a:b2:e1:75:
e4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DF:64:22:A8:24:92:CC:79:3F:10:4C:29:E4:F5:EC:9D:DA:C1:D3
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/K99kIqgkksx5PxBMKeT17J3awdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.129.0/24
82.103.82.0/24
82.103.93.0/24
85.118.85.0-85.118.86.255
212.91.177.0/24
217.79.33.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:b1:e2:16:ef:35:8f:d7:3f:0b:05:cb:cc:aa:fa:b7:ee:e6:
47:71:c8:fe:80:8c:c9:a8:d2:2b:6f:29:36:44:10:e6:fa:1d:
63:17:38:00:dc:4d:7e:2d:c6:1d:a1:95:17:56:f6:d0:56:fd:
24:df:92:52:fb:ad:86:63:9a:a2:b0:32:e0:3c:dd:db:ca:6e:
3e:c4:32:8e:1b:99:34:2a:9c:50:4c:74:90:93:eb:48:6a:f3:
fe:86:ee:b1:65:d7:c7:23:42:f0:43:52:9d:e3:c0:36:c1:b8:
3e:d1:65:60:aa:8b:90:ec:73:7a:37:a6:ea:80:0b:98:e0:80:
7d:84:98:11:d0:82:d1:17:97:ab:36:16:b8:74:30:97:0c:66:
ac:ce:b3:9b:da:7d:ce:a8:b7:0d:b8:bd:14:2a:08:53:62:98:
3c:2e:24:fb:dd:3e:db:11:bb:ff:16:69:f8:2c:d8:6f:22:bf:
ac:7f:c7:1e:6f:9c:e2:d6:fa:d4:71:6d:fe:f5:9d:a0:25:37:
4b:56:dd:1a:3b:e5:60:0e:7b:5b:ee:05:b0:4d:4c:60:9f:1c:
33:f3:fe:2d:91:cf:54:57:df:2e:03:90:31:77:b3:89:e3:68:
b8:78:3e:76:a6:f0:16:1d:f9:9f:96:04:b4:a6:90:b1:69:1c:
95:85:2f:f6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQoKCud5kwXy6bBP/aQ0HsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRmNjQyMmE4MjQ5MmNjNzkzZjEwNGMyOWU0ZjVlYzlkZGFjMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mz0bZsKBBivkbHG0kx31JDMu7nz
vOcbgYMm25q/hDddYL+n1BuI/4+qjz6hdG5dbqGFzzwuB2IH8I/O7PTC7T8lTzuk
UIuZMDLSpgYqFmn9AHUcWzE4hBhvZGysiGd85N49xmRMxpGVJkXwjfOBmM3OhiBT
hfBNP12uF5vMhhZ74gb3zOfM6/Pf0cdYGB90g6aYtQ8EQDpR3FgoS4YPVVGdQ6hB
hwvyG0t0qNRezzO+OtO+pFxmp+0HgrT8W2Qi/w3hjObNwye9BT7wWHDMpfN2YiRO
a9BSujKxLe7ZrqNDzbrHSNIaatPxrtUnPiYZEEMgMQQdXByAaVqy4XXkrwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCvfZCKoJJLMeT8QTCnk9eyd2sHTMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvSzk5a0lxZ2trc3g1UHhCTUtlVDE3SjNhd2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPsyBAwQA
UmdSAwQAUmddMAwDBABVdlUDBABVdlYDBADUW7EDBADZTyEwDQYJKoZIhvcNAQEL
BQADggEBAIyx4hbvNY/XPwsFy8yq+rfu5kdxyP6AjMmo0itvKTZEEOb6HWMXOADc
TX4txh2hlRdW9tBW/STfklL7rYZjmqKwMuA83dvKbj7EMo4bmTQqnFBMdJCT60hq
8/6G7rFl18cjQvBDUp3jwDbBuD7RZWCqi5Dsc3o3puqAC5jggH2EmBHQgtEXl6s2
Frh0MJcMZqzOs5vafc6otw24vRQqCFNimDwuJPvdPtsRu/8Wafgs2G8iv6x/xx5v
nOLW+tRxbf71naAlN0tW3Ro75WAOe1vuBbBNTGCfHDPz/i2Rz1RX3y4DkDF3s4nj
aLh4Pnam8BYd+Z+WBLSmkLFpHJWFL/Y=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:05:36 2025 by rpki-client