Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KtPtCnsNO7KrNH_mi8irxAh2a64.roa
File: KtPtCnsNO7KrNH_mi8irxAh2a64.roa (raw, json)
Hash identifier: 0X6VJNdKzEQIN2KQI1h+LTGHgQgh9YXQ8FCAd7HKCL4=
Subject key identifier: 2A:D3:ED:0A:7B:0D:3B:B2:AB:34:7F:E6:8B:C8:AB:C4:08:76:6B:AE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0194FF74A75D51CEC87C5EB888C4941F3E07
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KtPtCnsNO7KrNH_mi8irxAh2a64.roa
Signing time: Thu 13 Feb 2025 13:17:02 +0000
ROA not before: Thu 13 Feb 2025 13:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 77.90.153.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:74:a7:5d:51:ce:c8:7c:5e:b8:88:c4:94:1f:3e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 13 13:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ad3ed0a7b0d3bb2ab347fe68bc8abc408766bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:46:fe:d9:ab:05:4e:c6:26:2a:5e:f0:97:6c:
00:04:44:6e:9a:fc:96:a4:fc:68:51:8e:8b:8e:e1:
19:e8:36:4d:58:de:49:92:ce:cf:59:5d:de:bf:b0:
98:2c:cd:5f:88:e0:99:43:d8:98:4d:a3:a0:e2:0c:
c5:26:b5:0a:60:d8:41:7c:e7:e9:f9:44:ab:4a:05:
5d:f6:6c:93:56:bb:f0:f0:37:54:49:2e:59:56:3e:
c2:3d:59:c4:14:94:0a:18:c0:86:1f:92:39:92:a7:
f1:97:79:f6:c6:f9:eb:96:a9:4b:25:e9:8c:18:c0:
54:37:dd:03:43:71:88:80:94:bd:fd:14:35:b6:50:
c9:83:55:92:e8:4d:4e:c1:29:1c:fb:9b:cb:1a:b3:
12:f8:7b:6e:97:58:1e:15:e3:fd:b3:1c:53:1d:70:
6c:f1:3d:c4:29:38:a8:bb:71:02:bf:49:42:88:ef:
dd:20:3e:cd:c2:3e:d6:b0:b1:81:b1:74:fd:c6:9a:
19:a2:65:14:20:38:cd:6f:95:3e:24:2c:ec:e2:2d:
f2:43:6a:c7:67:5a:21:b7:8c:d9:36:c8:85:3c:fd:
d8:fb:79:64:99:66:d5:02:0b:a1:47:31:d3:ad:d3:
cd:c8:ed:49:ec:83:70:40:2e:83:a0:98:00:2c:05:
48:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:ED:0A:7B:0D:3B:B2:AB:34:7F:E6:8B:C8:AB:C4:08:76:6B:AE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KtPtCnsNO7KrNH_mi8irxAh2a64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
213.209.129.0/24
213.209.143.0/24
213.209.150.0/24
Signature Algorithm: sha256WithRSAEncryption
17:dc:0f:51:e2:8c:79:15:89:aa:bf:fd:7b:d5:ee:d9:f4:b4:
76:ab:a7:55:55:58:eb:ab:c0:e3:8b:05:5a:f5:9e:14:01:80:
fd:b3:3a:c1:d5:26:0a:2e:06:ec:7b:00:74:c5:a4:1c:e3:eb:
ed:50:73:00:ad:76:89:39:d8:6c:24:f1:68:a5:83:70:1f:4d:
d0:0d:f1:20:0a:8f:0f:8f:2a:c5:ac:36:db:e7:05:67:16:0b:
35:1b:bc:df:1d:ec:3c:f6:c1:f1:d1:f1:ee:f2:11:62:bd:a3:
53:40:01:e4:ff:0f:b5:e7:e2:3d:82:d1:bd:a1:25:ab:42:cf:
8f:26:65:e3:46:21:4c:ea:82:df:02:d1:a8:1a:9a:58:f3:1c:
f1:18:d3:49:73:3d:38:f1:3f:dc:5e:33:61:2b:68:42:6a:3f:
b0:5d:85:f3:28:46:8f:5a:21:d2:72:f2:9f:43:cd:4f:d9:7f:
bb:34:ba:d9:5c:73:74:52:44:03:fa:e9:47:0d:0b:fa:e1:c2:
9b:b6:fe:fc:b4:c5:a6:43:08:ef:b7:62:81:a5:8a:e6:c4:cb:
a2:67:6e:e5:a4:8f:5a:a7:37:8a:71:d0:c0:f6:f7:4b:5a:d0:
81:c8:09:60:b1:28:5f:44:13:0c:cc:c4:a1:05:51:7d:29:a7:
04:a9:20:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT/dKddUc7IfF64iMSUHz4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMjEzMTMxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzZWQwYTdiMGQzYmIyYWIzNDdmZTY4YmM4YWJjNDA4NzY2YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0b+2asFTsYmKl7wl2wABERumvyW
pPxoUY6LjuEZ6DZNWN5Jks7PWV3ev7CYLM1fiOCZQ9iYTaOg4gzFJrUKYNhBfOfp
+USrSgVd9myTVrvw8DdUSS5ZVj7CPVnEFJQKGMCGH5I5kqfxl3n2xvnrlqlLJemM
GMBUN90DQ3GIgJS9/RQ1tlDJg1WS6E1OwSkc+5vLGrMS+Htul1geFeP9sxxTHXBs
8T3EKTiou3ECv0lCiO/dID7Nwj7WsLGBsXT9xpoZomUUIDjNb5U+JCzs4i3yQ2rH
Z1oht4zZNsiFPP3Y+3lkmWbVAguhRzHTrdPNyO1J7INwQC6DoJgALAVIDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCrT7Qp7DTuyqzR/5ovIq8QIdmuuMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS3RQdENuc05PN0tyTkhfbWk4aXJ4QWgyYTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqZAwQA
1dGBAwQA1dGPAwQA1dGWMA0GCSqGSIb3DQEBCwUAA4IBAQAX3A9R4ox5FYmqv/17
1e7Z9LR2q6dVVVjrq8DjiwVa9Z4UAYD9szrB1SYKLgbsewB0xaQc4+vtUHMArXaJ
OdhsJPFopYNwH03QDfEgCo8PjyrFrDbb5wVnFgs1G7zfHew89sHx0fHu8hFivaNT
QAHk/w+15+I9gtG9oSWrQs+PJmXjRiFM6oLfAtGoGppY8xzxGNNJcz048T/cXjNh
K2hCaj+wXYXzKEaPWiHScvKfQ81P2X+7NLrZXHN0UkQD+ulHDQv64cKbtv78tMWm
Qwjvt2KBpYrmxMuiZ27lpI9apzeKcdDA9vdLWtCByAlgsShfRBMMzMShBVF9KacE
qSBy
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:16 2025 by rpki-client