Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kLq7SqUeKI2DIUAAWUSXfOrIc2Y.roa
File: kLq7SqUeKI2DIUAAWUSXfOrIc2Y.roa (raw, json)
Hash identifier: rGBOCgBJX1i/E1elpdsBPlkFxELh0gIOeC6WMkdyhOw=
Subject key identifier: 90:BA:BB:4A:A5:1E:28:8D:83:21:40:00:59:44:97:7C:EA:C8:73:66
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 01961B0F8E96431FC8A5F47A2504E5F1487F
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kLq7SqUeKI2DIUAAWUSXfOrIc2Y.roa
Signing time: Wed 09 Apr 2025 14:58:46 +0000
ROA not before: Wed 09 Apr 2025 14:58:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50952
IP address blocks: 95.161.252.0/24 maxlen: 24
178.18.224.0/22 maxlen: 22
178.18.235.0/24 maxlen: 24
178.18.236.0/22 maxlen: 22
2a03:5f80:9::/48 maxlen: 48
2a03:5f80:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:0f:8e:96:43:1f:c8:a5:f4:7a:25:04:e5:f1:48:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Apr 9 14:58:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90babb4aa51e288d832140005944977ceac87366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9f:13:1c:86:15:d6:1e:88:43:f9:c0:25:c8:
34:8f:08:e1:a4:5b:10:0f:97:de:e8:72:14:72:6e:
b4:73:3d:ef:e6:4b:3d:55:e0:24:0d:41:05:ff:14:
29:93:62:f7:51:5d:bc:28:35:8b:98:bb:d7:03:04:
80:09:cc:84:fa:d3:fe:ea:7a:63:4b:05:8c:92:2a:
f5:df:25:87:a1:d4:ac:02:f1:d6:01:2b:87:3f:e4:
3a:9f:98:20:c7:89:f3:cf:ef:0b:d0:3e:16:ba:0a:
f7:42:a9:c3:77:8b:7b:d8:b8:a4:32:dc:bd:69:a0:
51:7d:b3:a3:34:7d:ee:ae:d2:02:7f:bb:4e:03:19:
c5:af:5f:08:8b:cd:eb:75:ed:d9:ef:11:67:2b:67:
25:ad:9e:71:4d:c8:9f:f3:05:0f:4a:10:58:96:de:
03:b6:d8:60:e3:ba:98:56:38:7d:2a:76:be:32:97:
73:43:e5:3f:f0:ef:10:58:26:f6:8f:e8:0a:8b:94:
50:85:3e:c0:75:af:b5:75:8c:ad:b3:ab:6e:4f:f4:
56:76:24:ff:bd:71:2e:06:37:fc:cc:9f:71:03:6b:
ad:39:99:f7:9a:4b:86:41:55:0a:f7:b9:b0:1d:e2:
bb:10:e7:19:77:94:c7:78:85:0b:32:35:f7:3a:fd:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BA:BB:4A:A5:1E:28:8D:83:21:40:00:59:44:97:7C:EA:C8:73:66
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kLq7SqUeKI2DIUAAWUSXfOrIc2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.252.0/24
178.18.224.0/22
178.18.235.0-178.18.239.255
IPv6:
2a03:5f80:9::/48
2a03:5f80:b::/48
Signature Algorithm: sha256WithRSAEncryption
16:a5:52:fc:fd:2d:b5:69:99:9f:12:8d:c1:7e:15:3c:37:ff:
4a:ab:1d:35:24:72:82:78:9c:1e:09:fe:c9:6d:53:0b:86:e0:
74:8e:45:9e:82:7d:fa:f2:46:9d:e5:40:28:62:7a:0f:81:07:
73:7e:df:95:cc:c9:96:ae:8d:0e:ca:05:44:17:79:d7:13:27:
b5:e7:79:d7:9e:39:28:c6:7c:2c:bc:55:cb:fe:22:26:ee:5c:
9a:bc:76:3b:de:54:65:f9:86:b9:2c:0f:e4:b8:36:d9:76:c7:
0f:66:1c:3c:89:58:68:43:ba:88:73:3b:28:83:b3:f3:fd:71:
6c:27:c5:47:f3:93:28:e8:4e:b2:55:68:b3:19:9a:ca:b7:01:
52:b7:99:ac:5c:d8:df:6d:df:54:1b:8c:95:55:0a:0b:6a:d5:
7a:53:ce:29:25:f6:7a:b9:75:3d:f5:d2:af:08:dd:c6:d8:2b:
6f:2f:23:94:28:63:be:0f:4a:c3:8c:d3:bc:94:58:8d:ac:72:
58:ee:4e:f0:2c:07:11:9d:b1:ce:2e:89:9f:85:8d:ac:ac:c8:
5c:f5:9e:75:fe:fb:76:a1:93:fa:07:ee:72:16:4d:89:7f:9c:
da:f6:cf:cc:4e:88:ad:36:a8:91:73:b6:b7:82:8a:98:1d:79:
69:89:4e:c7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZYbD46WQx/IpfR6JQTl8Uh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwNDA5MTQ1ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJhYmI0YWE1MWUyODhkODMyMTQwMDA1OTQ0OTc3Y2VhYzg3MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ8THIYV1h6IQ/nAJcg0jwjhpFsQ
D5fe6HIUcm60cz3v5ks9VeAkDUEF/xQpk2L3UV28KDWLmLvXAwSACcyE+tP+6npj
SwWMkir13yWHodSsAvHWASuHP+Q6n5ggx4nzz+8L0D4Wugr3QqnDd4t72LikMty9
aaBRfbOjNH3urtICf7tOAxnFr18Ii83rde3Z7xFnK2clrZ5xTcif8wUPShBYlt4D
tthg47qYVjh9Kna+MpdzQ+U/8O8QWCb2j+gKi5RQhT7Ada+1dYyts6tuT/RWdiT/
vXEuBjf8zJ9xA2utOZn3mkuGQVUK97mwHeK7EOcZd5THeIULMjX3Ov2LAwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJC6u0qlHiiNgyFAAFlEl3zqyHNmMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEva0xxN1NxVWVLSTJESVVBQVdVU1hmT3JJYzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQAX6H8AwQC
shLgMAwDBACyEusDBASyEuAwGAQCAAIwEgMHACoDX4AACQMHACoDX4AACzANBgkq
hkiG9w0BAQsFAAOCAQEAFqVS/P0ttWmZnxKNwX4VPDf/SqsdNSRygnicHgn+yW1T
C4bgdI5FnoJ9+vJGneVAKGJ6D4EHc37flczJlq6NDsoFRBd51xMnted51545KMZ8
LLxVy/4iJu5cmrx2O95UZfmGuSwP5Lg22XbHD2YcPIlYaEO6iHM7KIOz8/1xbCfF
R/OTKOhOslVosxmayrcBUreZrFzY323fVBuMlVUKC2rVelPOKSX2erl1PfXSrwjd
xtgrby8jlChjvg9Kw4zTvJRYjaxyWO5O8CwHEZ2xzi6Jn4WNrKzIXPWedf77dqGT
+gfuchZNiX+c2vbPzE6IrTaokXO2t4KKmB15aYlOxw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:37:19 2025 by rpki-client