Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/kkI0VJ623ZMpCKAjZsrxAXz6PWk.roa
File: kkI0VJ623ZMpCKAjZsrxAXz6PWk.roa (raw, json)
Hash identifier: wTnvsnp3yJHDHnSTINs0tfqN/DigtBsLrefQ3ls6zYA=
Subject key identifier: 92:42:34:54:9E:B6:DD:93:29:08:A0:23:66:CA:F1:01:7C:FA:3D:69
Certificate issuer: /CN=36b413e536d99353f0b050ee746ffdd24edb5930
Certificate serial: 019428263D42A68CB492E9042B5163FC36AB
Authority key identifier: 36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/kkI0VJ623ZMpCKAjZsrxAXz6PWk.roa
Signing time: Thu 02 Jan 2025 17:53:02 +0000
ROA not before: Thu 02 Jan 2025 17:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47901
IP address blocks: 94.125.224.0/24 maxlen: 24
94.125.225.0/24 maxlen: 24
94.125.226.0/24 maxlen: 24
94.125.227.0/24 maxlen: 24
94.125.228.0/24 maxlen: 24
94.125.229.0/24 maxlen: 24
94.125.230.0/24 maxlen: 24
94.125.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:3d:42:a6:8c:b4:92:e9:04:2b:51:63:fc:36:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b413e536d99353f0b050ee746ffdd24edb5930
Validity
Not Before: Jan 2 17:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924234549eb6dd932908a02366caf1017cfa3d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:32:eb:74:a4:99:e8:ae:9f:5a:18:25:eb:8d:
48:4e:41:34:f8:61:b8:fb:2a:51:43:d9:7c:b0:5e:
ad:b8:e1:23:60:c2:be:44:3b:9d:6f:3a:c6:08:2d:
ed:d1:e1:cf:f2:e8:13:90:f5:dc:ce:19:b6:fb:a4:
7f:d2:39:ff:5f:32:5d:66:35:44:3a:6e:0a:d3:e2:
d7:56:e9:04:ae:3f:dc:59:19:f6:ba:50:d6:80:bc:
c0:c2:03:c6:22:b5:2c:22:47:83:a5:31:d0:ba:24:
6c:11:56:cd:c8:dd:e1:35:45:8b:f6:c3:2e:41:1e:
e2:04:10:7c:44:c0:9a:50:e7:67:de:32:36:99:03:
0d:5d:05:30:12:8d:2f:60:57:a1:73:73:c5:44:6f:
b1:ca:17:a1:bc:aa:c8:7e:90:5b:8f:42:e9:70:9e:
62:e4:b7:ed:cc:ff:29:91:43:b6:ff:52:d2:06:6a:
2b:d2:da:51:af:f3:70:1f:4b:73:c5:96:32:5f:eb:
52:06:78:f6:98:95:42:b9:bf:22:10:01:31:c7:2b:
28:29:eb:75:0b:cb:d1:15:e9:72:cf:99:29:87:8b:
ee:ef:31:9b:7f:f1:60:de:51:ad:f1:1e:7d:d2:af:
ec:54:50:bf:cc:d3:80:ce:40:b7:a6:fc:de:f8:e6:
f1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:42:34:54:9E:B6:DD:93:29:08:A0:23:66:CA:F1:01:7C:FA:3D:69
X509v3 Authority Key Identifier:
keyid:36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/kkI0VJ623ZMpCKAjZsrxAXz6PWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.224.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:99:9a:73:b6:e0:09:c3:b8:4a:18:e0:8c:ea:71:e0:6d:8c:
b3:e6:e7:6c:ba:90:1e:0e:1d:fc:23:da:ca:99:76:d2:b5:13:
34:ba:57:f4:01:4a:20:5c:51:8d:96:58:a2:51:05:f3:48:e4:
ad:73:20:49:f0:00:6e:b2:1f:57:72:40:70:a6:21:cc:e9:b3:
bc:81:a3:c6:e1:db:34:23:7a:b0:37:d9:9b:a2:f1:c8:77:63:
c2:16:68:55:88:ae:f6:db:4c:96:fa:c7:f0:9e:b3:c5:b8:8e:
19:ca:85:09:ff:7c:c0:b1:ef:e2:97:5e:86:6c:fe:0f:21:21:
c2:60:5d:fb:69:81:57:cc:56:10:e5:d9:10:c6:89:31:e8:1e:
70:20:12:2b:01:60:bf:84:6f:f4:27:a0:f5:5e:b7:f1:a6:19:
1f:52:d4:e2:a8:9a:1c:d4:20:3c:6a:df:de:57:d1:3c:3e:be:
c4:8f:de:d8:25:ce:53:2b:de:26:d0:50:e7:69:2d:d2:17:03:
61:e4:15:0b:de:01:f4:b4:d2:d6:36:99:ef:67:d6:38:e6:24:
bd:8a:e2:0f:8c:0f:a5:0b:04:c4:c5:a8:79:e8:fe:82:9e:29:
d6:b9:57:09:8d:16:49:53:4e:0b:8f:5e:00:b5:9c:d0:1d:b2:
5e:ea:5f:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJj1Cpoy0kukEK1Fj/DarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjQxM2U1MzZkOTkzNTNmMGIwNTBlZTc0NmZmZGQyNGVk
YjU5MzAwHhcNMjUwMTAyMTc1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQyMzQ1NDllYjZkZDkzMjkwOGEwMjM2NmNhZjEwMTdjZmEzZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DLrdKSZ6K6fWhgl641ITkE0+GG4
+ypRQ9l8sF6tuOEjYMK+RDudbzrGCC3t0eHP8ugTkPXczhm2+6R/0jn/XzJdZjVE
Om4K0+LXVukErj/cWRn2ulDWgLzAwgPGIrUsIkeDpTHQuiRsEVbNyN3hNUWL9sMu
QR7iBBB8RMCaUOdn3jI2mQMNXQUwEo0vYFehc3PFRG+xyhehvKrIfpBbj0LpcJ5i
5LftzP8pkUO2/1LSBmor0tpRr/NwH0tzxZYyX+tSBnj2mJVCub8iEAExxysoKet1
C8vRFelyz5kph4vu7zGbf/Fg3lGt8R590q/sVFC/zNOAzkC3pvze+Obx4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJCNFSett2TKQigI2bK8QF8+j1pMB8GA1UdIwQY
MBaAFDa0E+U22ZNT8LBQ7nRv/dJO21kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEt
YTFmNTczZDA2OWRhLzEva2tJMFZKNjIzWk1wQ0tBalpzcnhBWHo2UFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEtYTFmNTczZDA2OWRh
LzEvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn3gMA0G
CSqGSIb3DQEBCwUAA4IBAQBLmZpztuAJw7hKGOCM6nHgbYyz5udsupAeDh38I9rK
mXbStRM0ulf0AUogXFGNlliiUQXzSOStcyBJ8ABush9XckBwpiHM6bO8gaPG4ds0
I3qwN9mbovHId2PCFmhViK7220yW+sfwnrPFuI4ZyoUJ/3zAse/il16GbP4PISHC
YF37aYFXzFYQ5dkQxokx6B5wIBIrAWC/hG/0J6D1XrfxphkfUtTiqJoc1CA8at/e
V9E8Pr7Ej97YJc5TK94m0FDnaS3SFwNh5BUL3gH0tNLWNpnvZ9Y45iS9iuIPjA+l
CwTExah56P6CninWuVcJjRZJU04Lj14AtZzQHbJe6l/L
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:43:58 2025 by rpki-client