Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/KdXGUsS6YFFnPjVjyeI04m93TdQ.roa
File: KdXGUsS6YFFnPjVjyeI04m93TdQ.roa (raw, json)
Hash identifier: F1EV3pD+ahdpl3VAKymIXnj+Wbddg7Ey2m0ZW8zB4L0=
Subject key identifier: 29:D5:C6:52:C4:BA:60:51:67:3E:35:63:C9:E2:34:E2:6F:77:4D:D4
Certificate issuer: /CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Certificate serial: 0194E3D6EB15371C8B73BF202669388ADFB6
Authority key identifier: B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/KdXGUsS6YFFnPjVjyeI04m93TdQ.roa
Signing time: Sat 08 Feb 2025 04:35:00 +0000
ROA not before: Sat 08 Feb 2025 04:35:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39442
IP address blocks: 92.39.104.0/21 maxlen: 21
185.125.72.0/22 maxlen: 22
185.183.48.0/22 maxlen: 22
185.183.48.0/23 maxlen: 23
188.247.32.0/19 maxlen: 19
188.247.40.0/24 maxlen: 24
188.247.44.0/22 maxlen: 22
188.247.44.0/24 maxlen: 24
188.247.54.0/24 maxlen: 24
188.247.55.0/24 maxlen: 24
188.247.56.0/21 maxlen: 21
213.234.0.0/20 maxlen: 20
213.234.0.0/24 maxlen: 24
213.234.1.0/24 maxlen: 24
213.234.5.0/24 maxlen: 24
213.234.6.0/24 maxlen: 24
213.234.8.0/24 maxlen: 24
213.234.10.0/24 maxlen: 24
213.234.11.0/24 maxlen: 24
213.234.16.0/21 maxlen: 21
213.234.16.0/22 maxlen: 22
213.234.16.0/24 maxlen: 24
213.234.18.0/23 maxlen: 23
213.234.20.0/24 maxlen: 24
213.234.21.0/24 maxlen: 24
213.234.22.0/24 maxlen: 24
217.149.176.0/20 maxlen: 20
217.149.176.0/21 maxlen: 21
217.149.176.0/22 maxlen: 22
217.149.181.0/24 maxlen: 24
217.149.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e3:d6:eb:15:37:1c:8b:73:bf:20:26:69:38:8a:df:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Validity
Not Before: Feb 8 04:35:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29d5c652c4ba6051673e3563c9e234e26f774dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4c:4a:e5:26:29:88:79:86:b1:c8:c1:d4:04:
dd:23:85:5d:e9:9f:32:24:01:ad:c3:c1:14:09:16:
a7:1d:b2:9e:92:a6:4d:73:35:10:40:f5:9c:68:f4:
17:7d:81:a6:c3:b7:be:e8:54:89:ac:66:b2:e2:83:
f8:7b:f0:47:da:b1:50:cb:42:29:29:0a:24:4e:cf:
78:f6:53:a3:ec:4d:f6:0a:b1:7f:3d:c6:d2:e9:e0:
6c:09:2e:17:05:8b:7c:56:1c:6a:b5:73:55:64:4a:
18:88:e5:bc:f7:46:55:28:71:35:ac:77:ba:21:fc:
57:58:92:3a:4c:a5:e9:46:bf:e9:14:2d:39:13:d1:
3b:ce:41:cf:ef:96:d0:40:66:c8:52:f0:65:fe:76:
86:29:5d:9d:d3:2c:48:43:ce:7f:a9:5d:d1:13:0e:
b0:3a:0f:41:08:f6:a3:9e:4a:14:9c:db:0d:14:b0:
ce:97:ca:96:df:35:08:10:dd:3a:29:02:87:09:43:
23:b2:bf:26:09:34:e5:39:bb:32:c5:f9:56:16:4d:
76:48:05:98:b2:ce:e7:57:e1:11:f2:71:40:55:1a:
27:f2:84:af:a1:93:c0:c0:87:00:35:c9:78:da:97:
78:a9:6f:07:02:a5:22:02:13:d9:f0:ce:f8:89:2b:
14:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D5:C6:52:C4:BA:60:51:67:3E:35:63:C9:E2:34:E2:6F:77:4D:D4
X509v3 Authority Key Identifier:
keyid:B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/KdXGUsS6YFFnPjVjyeI04m93TdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.104.0/21
185.125.72.0/22
185.183.48.0/22
188.247.32.0/19
213.234.0.0-213.234.23.255
217.149.176.0/20
Signature Algorithm: sha256WithRSAEncryption
87:aa:e9:fb:b4:57:e4:c7:66:b2:78:43:d3:2b:0b:2e:79:e9:
4c:fe:e2:c0:d4:28:5b:b2:3c:b0:f6:8b:df:b2:45:04:8c:d6:
cf:18:d5:a4:21:f8:d9:f7:5f:86:d3:16:c7:38:e8:7d:62:7f:
36:19:79:a6:5f:04:da:21:6a:c5:f2:36:db:50:1a:48:54:cd:
a7:de:1e:bb:22:53:00:4a:13:33:32:86:51:f5:b1:97:6c:1d:
2c:e8:c7:f3:e8:cf:0b:83:93:9a:e4:fe:7c:76:e4:68:45:ce:
fe:05:52:bb:2a:63:cc:07:6e:08:c2:1e:7e:d1:dd:64:2c:0d:
ce:16:7d:a0:4f:51:7e:18:68:4f:57:04:3a:b0:cb:33:47:42:
07:4e:6f:75:69:07:d0:22:76:94:a2:b6:6e:4f:f0:3b:2f:6b:
80:eb:00:f8:5b:90:9d:15:b3:1f:c6:63:18:61:11:82:96:a0:
d5:f3:07:78:1f:92:2b:a2:90:8b:c6:d4:d8:97:2d:f8:af:5e:
ae:e4:be:3f:3d:db:0b:04:25:a4:6a:0c:83:e9:c3:20:3a:de:
c7:09:66:74:36:e2:94:39:41:b7:8c:f2:3c:79:58:e7:66:0d:
11:31:74:c1:1f:d1:59:06:d6:94:79:70:7d:97:f3:92:b7:d4:
e6:94:0c:07
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZTj1usVNxyLc78gJmk4it+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjgxMzk5OTNiZTY2NWYzYjVkMGY2OTA5ZWYwNThmYThm
OTc5MjIwHhcNMjUwMjA4MDQzNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ1YzY1MmM0YmE2MDUxNjczZTM1NjNjOWUyMzRlMjZmNzc0ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlExK5SYpiHmGscjB1ATdI4Vd6Z8y
JAGtw8EUCRanHbKekqZNczUQQPWcaPQXfYGmw7e+6FSJrGay4oP4e/BH2rFQy0Ip
KQokTs949lOj7E32CrF/PcbS6eBsCS4XBYt8VhxqtXNVZEoYiOW890ZVKHE1rHe6
IfxXWJI6TKXpRr/pFC05E9E7zkHP75bQQGbIUvBl/naGKV2d0yxIQ85/qV3REw6w
Og9BCPajnkoUnNsNFLDOl8qW3zUIEN06KQKHCUMjsr8mCTTlObsyxflWFk12SAWY
ss7nV+ER8nFAVRon8oSvoZPAwIcANcl42pd4qW8HAqUiAhPZ8M74iSsUQQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCnVxlLEumBRZz41Y8niNOJvd03UMB8GA1UdIwQY
MBaAFLm4E5mTvmZfO10PaQnvBY+o+XkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEt
N2JjNzNlZWUxNDQ3LzEvS2RYR1VzUzZZRkZuUGpWanllSTA0bTkzVGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEtN2JjNzNlZWUxNDQ3
LzEvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQDXCdoAwQC
uX1IAwQCubcwAwQFvPcgMAsDAwHV6gMEA9XqEAMEBNmVsDANBgkqhkiG9w0BAQsF
AAOCAQEAh6rp+7RX5MdmsnhD0ysLLnnpTP7iwNQoW7I8sPaL37JFBIzWzxjVpCH4
2fdfhtMWxzjofWJ/Nhl5pl8E2iFqxfI221AaSFTNp94euyJTAEoTMzKGUfWxl2wd
LOjH8+jPC4OTmuT+fHbkaEXO/gVSuypjzAduCMIeftHdZCwNzhZ9oE9RfhhoT1cE
OrDLM0dCB05vdWkH0CJ2lKK2bk/wOy9rgOsA+FuQnRWzH8ZjGGERgpag1fMHeB+S
K6KQi8bU2Jct+K9eruS+Pz3bCwQlpGoMg+nDIDrexwlmdDbilDlBt4zyPHlY52YN
ETF0wR/RWQbWlHlwfZfzkrfU5pQMBw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:55:35 2025 by rpki-client