Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/KTYZQTlWjP9XQr0e3LhtXCLEZ_k.roa
File: KTYZQTlWjP9XQr0e3LhtXCLEZ_k.roa (raw, json)
Hash identifier: CsqMd7Sxcfm0IJ/aHqrJgqjKNt4MhZmVIfUNZE3N5tY=
Subject key identifier: 29:36:19:41:39:56:8C:FF:57:42:BD:1E:DC:B8:6D:5C:22:C4:67:F9
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 01954209F1B0137B365F7F8C0EC0AC7B4C31
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/KTYZQTlWjP9XQr0e3LhtXCLEZ_k.roa
Signing time: Wed 26 Feb 2025 11:35:02 +0000
ROA not before: Wed 26 Feb 2025 11:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200712
IP address blocks: 80.254.231.0/24 maxlen: 24
91.216.32.0/24 maxlen: 24
185.92.168.0/23 maxlen: 24
185.92.168.0/24 maxlen: 24
185.92.169.0/24 maxlen: 24
185.92.170.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
2a13:5242::/32 maxlen: 48
2a13:5243::/32 maxlen: 48
2a13:5244::/32 maxlen: 48
2a13:5245::/32 maxlen: 48
2a13:5246::/32 maxlen: 48
2a13:5247::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:09:f1:b0:13:7b:36:5f:7f:8c:0e:c0:ac:7b:4c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Feb 26 11:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2936194139568cff5742bd1edcb86d5c22c467f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:0a:c2:f8:24:4e:dc:8e:44:aa:0c:0a:62:
8a:4b:6e:80:bf:28:41:e8:a5:2f:46:ff:98:63:d3:
f8:83:17:e0:d0:1a:22:5e:72:3f:1e:4c:74:23:60:
f1:2b:1c:52:6d:c8:b9:9e:3f:fd:a2:14:60:8c:8d:
4d:af:94:0b:2d:7a:d7:44:e9:42:10:5e:2f:bd:69:
de:58:ad:8d:d0:8a:65:60:f9:25:f3:0b:3f:93:64:
fb:e0:22:ee:65:bf:8e:77:a3:67:da:8c:e2:03:85:
e3:e4:ad:30:52:29:b6:e3:9b:4f:5e:e0:ae:94:4f:
68:d6:12:04:e8:ea:96:e8:37:56:da:48:ce:ba:ac:
de:f4:45:c1:15:3e:e4:6d:c1:c2:39:c9:c3:16:b5:
59:9f:40:fc:78:d3:00:80:57:03:79:f8:5f:aa:8e:
f8:aa:c1:eb:0a:8e:20:78:26:e3:6f:19:96:78:74:
43:32:99:fa:3d:ad:78:7d:9f:f1:0b:84:f5:55:dd:
65:b5:e5:65:9c:27:3c:4f:9d:20:8d:63:ca:97:3f:
44:57:c3:6a:d4:18:46:cd:d5:05:a4:84:75:eb:37:
93:28:d2:79:24:5a:31:94:d4:af:72:fa:91:f4:8c:
92:61:65:02:6b:b8:84:c8:2f:2a:07:68:22:83:95:
67:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:36:19:41:39:56:8C:FF:57:42:BD:1E:DC:B8:6D:5C:22:C4:67:F9
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/KTYZQTlWjP9XQr0e3LhtXCLEZ_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
91.216.32.0/24
185.92.168.0-185.92.170.255
IPv6:
2001:67c:1084::/48
2a13:5240::/32
2a13:5242::-2a13:5247:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:fa:4f:ab:86:bb:be:4b:90:8f:13:7b:a3:05:55:23:f2:19:
4d:53:23:1c:c0:e8:f6:e1:0b:7d:c9:99:78:48:21:39:46:6c:
c9:f4:8a:80:1b:78:82:a8:bb:02:ee:b2:b3:bd:d2:57:77:4d:
7d:21:dd:1c:9e:be:89:f9:2b:dc:d1:2b:25:5e:f8:fa:b7:6e:
cb:57:24:78:07:04:68:e5:81:bd:07:31:23:43:f7:d9:c2:34:
50:e7:2c:99:d1:bb:cc:3c:89:19:c6:38:ad:c8:e5:cb:50:11:
61:55:3d:ce:70:80:a0:b0:43:6d:3e:81:14:5d:97:1e:fa:29:
d4:3a:17:1f:10:a6:5f:c9:57:1d:77:13:7c:62:4c:d6:1b:93:
f7:5d:bc:4a:d8:eb:0a:1f:99:5e:b0:ed:2f:dd:e6:ff:e7:65:
df:4a:8c:8d:16:f6:70:59:9e:bf:9a:61:df:55:33:60:10:d9:
8d:14:6f:a5:a8:63:01:8a:1b:28:0e:cb:87:38:38:53:6a:89:
9f:11:60:6b:e5:6a:81:22:86:ac:b6:ba:67:0a:f4:ff:b9:e9:
a9:25:d6:ce:ca:31:82:d8:68:42:24:01:da:38:1b:7d:78:37:
1a:c2:da:b9:bc:bf:23:fc:71:cc:87:55:b8:44:bd:59:fe:88:
7d:6e:d4:da
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZVCCfGwE3s2X3+MDsCse0wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwMjI2MTEzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM2MTk0MTM5NTY4Y2ZmNTc0MmJkMWVkY2I4NmQ1YzIyYzQ2N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvasKwvgkTtyORKoMCmKKS26AvyhB
6KUvRv+YY9P4gxfg0BoiXnI/Hkx0I2DxKxxSbci5nj/9ohRgjI1Nr5QLLXrXROlC
EF4vvWneWK2N0IplYPkl8ws/k2T74CLuZb+Od6Nn2oziA4Xj5K0wUim245tPXuCu
lE9o1hIE6OqW6DdW2kjOuqze9EXBFT7kbcHCOcnDFrVZn0D8eNMAgFcDefhfqo74
qsHrCo4geCbjbxmWeHRDMpn6Pa14fZ/xC4T1Vd1lteVlnCc8T50gjWPKlz9EV8Nq
1BhGzdUFpIR16zeTKNJ5JFoxlNSvcvqR9IySYWUCa7iEyC8qB2gig5VnlwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCk2GUE5Voz/V0K9Hty4bVwixGf5MB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvS1RZWlFUbFdqUDlYUXIwZTNMaHRYQ0xFWl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAgBAIAATAaAwQAUP7nAwQA
W9ggMAwDBAO5XKgDBAC5XKowJgQCAAIwIAMHACABBnwQhAMFACoTUkAwDgMFASoT
UkIDBQMqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQCl+k+rhru+S5CPE3ujBVUj8hlN
UyMcwOj24Qt9yZl4SCE5RmzJ9IqAG3iCqLsC7rKzvdJXd019Id0cnr6J+Svc0Ssl
Xvj6t27LVyR4BwRo5YG9BzEjQ/fZwjRQ5yyZ0bvMPIkZxjityOXLUBFhVT3OcICg
sENtPoEUXZce+inUOhcfEKZfyVcddxN8YkzWG5P3XbxK2OsKH5lesO0v3eb/52Xf
SoyNFvZwWZ6/mmHfVTNgENmNFG+lqGMBihsoDsuHODhTaomfEWBr5WqBIoastrpn
CvT/uempJdbOyjGC2GhCJAHaOBt9eDcawtq5vL8j/HHMh1W4RL1Z/oh9btTa
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:33 2025 by rpki-client