Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/kc-ZCrpFtG9x51LpF4W3iw7kDzs.roa
File: kc-ZCrpFtG9x51LpF4W3iw7kDzs.roa (raw, json)
Hash identifier: aN11v2IUXg+LXUfyuCNuVklkgeIw5ckCn/DmdMCJWXk=
Subject key identifier: 91:CF:99:0A:BA:45:B4:6F:71:E7:52:E9:17:85:B7:8B:0E:E4:0F:3B
Certificate issuer: /CN=15cc880f0a12c7b94f71d9b2e5b028a70d1fa34a
Certificate serial: 01942669D99672BE208435A2BEE37E7CD5EE
Authority key identifier: 15:CC:88:0F:0A:12:C7:B9:4F:71:D9:B2:E5:B0:28:A7:0D:1F:A3:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FcyIDwoSx7lPcdmy5bAopw0fo0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/kc-ZCrpFtG9x51LpF4W3iw7kDzs.roa
Signing time: Thu 02 Jan 2025 09:47:38 +0000
ROA not before: Thu 02 Jan 2025 09:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35506
IP address blocks: 84.205.192.0/24 maxlen: 24
84.205.193.0/24 maxlen: 24
84.205.194.0/24 maxlen: 24
84.205.195.0/24 maxlen: 24
84.205.196.0/24 maxlen: 24
84.205.197.0/24 maxlen: 24
84.205.198.0/24 maxlen: 24
84.205.199.0/24 maxlen: 24
84.205.200.0/24 maxlen: 24
84.205.201.0/24 maxlen: 24
84.205.202.0/24 maxlen: 24
84.205.203.0/24 maxlen: 24
84.205.204.0/24 maxlen: 24
84.205.205.0/24 maxlen: 24
84.205.206.0/24 maxlen: 24
84.205.207.0/24 maxlen: 24
84.205.212.0/23 maxlen: 23
84.205.212.0/24 maxlen: 24
84.205.213.0/24 maxlen: 24
84.205.214.0/24 maxlen: 24
84.205.215.0/24 maxlen: 24
84.205.216.0/24 maxlen: 24
84.205.217.0/24 maxlen: 24
84.205.218.0/24 maxlen: 24
84.205.219.0/24 maxlen: 24
84.205.220.0/24 maxlen: 24
84.205.221.0/24 maxlen: 24
84.205.222.0/24 maxlen: 24
84.205.223.0/24 maxlen: 24
84.205.224.0/24 maxlen: 24
84.205.225.0/24 maxlen: 24
84.205.226.0/24 maxlen: 24
84.205.227.0/24 maxlen: 24
84.205.228.0/24 maxlen: 24
84.205.229.0/24 maxlen: 24
84.205.230.0/24 maxlen: 24
84.205.231.0/24 maxlen: 24
84.205.232.0/24 maxlen: 24
84.205.233.0/24 maxlen: 24
84.205.234.0/24 maxlen: 24
84.205.235.0/24 maxlen: 24
84.205.236.0/24 maxlen: 24
84.205.237.0/24 maxlen: 24
84.205.238.0/24 maxlen: 24
84.205.239.0/24 maxlen: 24
84.205.240.0/24 maxlen: 24
84.205.241.0/24 maxlen: 24
84.205.242.0/24 maxlen: 24
84.205.243.0/24 maxlen: 24
84.205.244.0/24 maxlen: 24
84.205.245.0/24 maxlen: 24
84.205.246.0/24 maxlen: 24
84.205.247.0/24 maxlen: 24
84.205.248.0/24 maxlen: 24
84.205.249.0/24 maxlen: 24
84.205.250.0/24 maxlen: 24
84.205.251.0/24 maxlen: 24
84.205.252.0/23 maxlen: 23
84.205.254.0/24 maxlen: 24
84.205.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/FcyIDwoSx7lPcdmy5bAopw0fo0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/FcyIDwoSx7lPcdmy5bAopw0fo0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/FcyIDwoSx7lPcdmy5bAopw0fo0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:d9:96:72:be:20:84:35:a2:be:e3:7e:7c:d5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cc880f0a12c7b94f71d9b2e5b028a70d1fa34a
Validity
Not Before: Jan 2 09:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91cf990aba45b46f71e752e91785b78b0ee40f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c3:00:23:a6:fc:d5:de:76:7c:e3:a3:2f:79:
35:16:7e:85:24:e8:64:8e:e4:99:17:fa:b3:9f:62:
07:ae:70:90:cd:d4:32:e5:4f:32:df:47:25:61:d8:
d2:ee:ab:50:e6:80:98:62:33:93:b8:9b:d1:42:bb:
ea:d4:7a:81:f7:1b:1b:16:b2:eb:90:06:0d:02:a7:
cb:55:86:df:0f:30:a6:93:27:c7:2b:7f:fc:56:9c:
36:ae:3d:39:83:7e:a5:5c:02:9b:d2:2b:4f:d3:db:
8a:2b:fc:6f:b8:92:f7:0a:cb:f9:c5:a6:66:60:8c:
48:da:0a:a0:55:05:21:13:e1:74:b4:ba:8a:67:9c:
56:15:64:ad:c0:2c:6b:2a:69:2e:5a:7e:a3:62:86:
eb:af:0e:4f:67:03:b2:a2:0a:97:1f:e3:30:73:e1:
a6:4a:12:a0:ee:36:0b:a0:b6:55:38:f9:18:98:af:
ce:db:d9:50:49:71:7b:2e:10:b9:6e:96:c0:4e:4f:
bc:5f:ed:39:80:28:e6:20:98:97:5a:61:fb:25:b4:
bb:df:10:7d:61:90:b2:6f:1e:fe:41:39:24:b6:8d:
3d:19:cd:71:25:ec:f3:10:68:a8:e8:62:ae:f1:ab:
56:e3:d7:eb:bf:1c:f2:be:5c:75:fa:33:32:e6:36:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CF:99:0A:BA:45:B4:6F:71:E7:52:E9:17:85:B7:8B:0E:E4:0F:3B
X509v3 Authority Key Identifier:
keyid:15:CC:88:0F:0A:12:C7:B9:4F:71:D9:B2:E5:B0:28:A7:0D:1F:A3:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FcyIDwoSx7lPcdmy5bAopw0fo0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/kc-ZCrpFtG9x51LpF4W3iw7kDzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5986f1-863f-4eec-8551-0a8fe6434bf8/1/FcyIDwoSx7lPcdmy5bAopw0fo0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.205.192.0/20
84.205.212.0-84.205.255.255
Signature Algorithm: sha256WithRSAEncryption
37:d1:8e:c1:64:42:fc:22:4a:81:ce:2c:f3:76:c4:bd:6a:b9:
c1:58:9b:36:47:a3:91:31:44:ef:78:77:86:67:d2:c7:22:9c:
2a:dd:e2:9f:c5:fa:8a:82:76:22:50:b4:53:0c:e1:8b:b6:d1:
b2:4f:d5:c0:65:4d:a1:4b:e1:ef:e4:9c:d9:a7:b1:46:08:ce:
d4:31:67:d2:e9:a7:ea:02:19:06:d6:36:a3:10:02:e8:4b:13:
41:ec:f6:64:a4:16:e5:98:04:b0:9a:85:cb:0e:94:07:df:68:
13:dd:84:de:cf:30:9a:cd:32:fd:2f:b2:c1:70:2e:bd:b2:13:
3c:36:26:14:d7:77:76:ac:84:98:02:05:75:d5:7c:f4:9f:f3:
78:8d:c2:18:cc:b1:13:84:e9:ad:aa:7b:0d:8b:59:5c:cf:4a:
5b:7f:f5:c7:01:7f:58:b7:38:ea:32:d2:2e:f8:8a:7e:18:fe:
b9:47:be:8d:65:95:12:38:9f:9e:92:3e:72:a0:f5:3c:9e:3a:
8a:73:53:27:28:65:e4:96:17:6a:30:01:45:4a:de:bd:4e:89:
8a:0a:df:d1:63:13:f2:5a:83:11:cd:8b:96:03:5c:6b:6e:67:
1b:df:cf:a0:c9:86:67:96:c6:22:b5:97:e4:19:bd:ec:7d:e3:
02:10:bd:b7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQmadmWcr4ghDWivuN+fNXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2M4ODBmMGExMmM3Yjk0ZjcxZDliMmU1YjAyOGE3MGQx
ZmEzNGEwHhcNMjUwMTAyMDk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNmOTkwYWJhNDViNDZmNzFlNzUyZTkxNzg1Yjc4YjBlZTQwZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA88MAI6b81d52fOOjL3k1Fn6FJOhk
juSZF/qzn2IHrnCQzdQy5U8y30clYdjS7qtQ5oCYYjOTuJvRQrvq1HqB9xsbFrLr
kAYNAqfLVYbfDzCmkyfHK3/8Vpw2rj05g36lXAKb0itP09uKK/xvuJL3Csv5xaZm
YIxI2gqgVQUhE+F0tLqKZ5xWFWStwCxrKmkuWn6jYobrrw5PZwOyogqXH+Mwc+Gm
ShKg7jYLoLZVOPkYmK/O29lQSXF7LhC5bpbATk+8X+05gCjmIJiXWmH7JbS73xB9
YZCybx7+QTkkto09Gc1xJezzEGio6GKu8atW49frvxzyvlx1+jMy5jbzOQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJHPmQq6RbRvcedS6ReFt4sO5A87MB8GA1UdIwQY
MBaAFBXMiA8KEse5T3HZsuWwKKcNH6NKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmN5SUR3b1N4N2xQY2RteTViQW9wdzBmbzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81OTg2ZjEtODYzZi00ZWVjLTg1NTEt
MGE4ZmU2NDM0YmY4LzEva2MtWkNycEZ0Rzl4NTFMcEY0VzNpdzdrRHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81OTg2ZjEtODYzZi00ZWVjLTg1NTEtMGE4ZmU2NDM0YmY4
LzEvRmN5SUR3b1N4N2xQY2RteTViQW9wdzBmbzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQEVM3AMAsD
BAJUzdQDAwFUzDANBgkqhkiG9w0BAQsFAAOCAQEAN9GOwWRC/CJKgc4s83bEvWq5
wVibNkejkTFE73h3hmfSxyKcKt3in8X6ioJ2IlC0Uwzhi7bRsk/VwGVNoUvh7+Sc
2aexRgjO1DFn0umn6gIZBtY2oxAC6EsTQez2ZKQW5ZgEsJqFyw6UB99oE92E3s8w
ms0y/S+ywXAuvbITPDYmFNd3dqyEmAIFddV89J/zeI3CGMyxE4Tprap7DYtZXM9K
W3/1xwF/WLc46jLSLviKfhj+uUe+jWWVEjifnpI+cqD1PJ46inNTJyhl5JYXajAB
RUrevU6Jigrf0WMT8lqDEc2LlgNca25nG9/PoMmGZ5bGIrWX5Bm97H3jAhC9tw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:41:48 2025 by rpki-client