Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/kIN_jMTtiRLUszBNqKlNoyJk3dk.roa
File: kIN_jMTtiRLUszBNqKlNoyJk3dk.roa (raw, json)
Hash identifier: lHRqbJ9tYmnELEYhJx16n/sdjvBPGJLZ5vlonZ4KvjA=
Subject key identifier: 90:83:7F:8C:C4:ED:89:12:D4:B3:30:4D:A8:A9:4D:A3:22:64:DD:D9
Certificate issuer: /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial: 019517F89A3A11FD343F40BE47F53D775C7B
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/kIN_jMTtiRLUszBNqKlNoyJk3dk.roa
Signing time: Tue 18 Feb 2025 07:32:03 +0000
ROA not before: Tue 18 Feb 2025 07:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25454
IP address blocks: 46.166.0.0/18 maxlen: 24
77.89.192.0/18 maxlen: 24
94.243.64.0/18 maxlen: 24
185.8.68.0/22 maxlen: 22
185.8.68.0/23 maxlen: 23
185.167.132.0/22 maxlen: 24
188.131.0.0/17 maxlen: 24
193.239.182.0/23 maxlen: 24
195.22.224.0/19 maxlen: 24
212.56.192.0/19 maxlen: 24
217.12.112.0/20 maxlen: 24
217.12.126.0/24 maxlen: 24
2a00:1858::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:f8:9a:3a:11:fd:34:3f:40:be:47:f5:3d:77:5c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Validity
Not Before: Feb 18 07:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90837f8cc4ed8912d4b3304da8a94da32264ddd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dd:1f:8b:26:71:d9:50:c0:37:87:30:65:1a:
b4:8d:76:f8:51:f7:8e:a9:aa:a7:e5:61:8f:b0:9f:
8d:8f:c2:4f:de:e8:c3:30:26:3a:0f:5e:88:c7:ba:
8c:51:d1:cb:9f:a3:69:91:1e:05:0b:15:62:c9:b6:
d4:e9:95:11:1d:90:f7:94:ea:fa:b2:81:2a:3d:fc:
f6:0a:75:5f:96:30:65:80:5a:2c:d6:e1:17:9a:75:
a3:31:89:84:08:cb:ff:53:c1:33:f2:c2:6f:48:14:
d3:2a:00:d9:52:30:2c:67:0a:15:3b:fc:ff:0a:97:
ad:7b:39:39:47:8c:dc:78:04:44:c8:13:32:70:0f:
1d:26:ea:d3:4e:61:9e:66:fb:3b:53:ac:9e:e3:e0:
63:b9:12:5e:82:4a:da:5b:74:14:07:0d:3c:f6:34:
a7:7e:69:0d:03:e2:90:d1:7a:7b:10:ba:41:b5:ec:
48:d6:3f:26:d3:11:42:39:4d:a3:d8:b4:29:3f:4d:
d2:f6:10:56:1b:f2:62:9c:84:1f:67:8b:60:08:8f:
ca:0a:de:e4:3c:a8:dc:bd:ac:d5:ed:dd:91:ca:03:
88:4a:67:2b:7b:ca:4e:49:75:36:62:0d:f1:7a:84:
ea:e2:40:51:58:8e:3e:6d:f3:91:81:8f:01:c5:62:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:83:7F:8C:C4:ED:89:12:D4:B3:30:4D:A8:A9:4D:A3:22:64:DD:D9
X509v3 Authority Key Identifier:
keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/kIN_jMTtiRLUszBNqKlNoyJk3dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.0.0/18
77.89.192.0/18
94.243.64.0/18
185.8.68.0/22
185.167.132.0/22
188.131.0.0/17
193.239.182.0/23
195.22.224.0/19
212.56.192.0/19
217.12.112.0/20
IPv6:
2a00:1858::/32
Signature Algorithm: sha256WithRSAEncryption
78:a3:7c:28:fc:6f:a0:b8:44:9b:65:b4:c5:86:c9:c1:4b:6b:
b9:9e:f1:1f:f4:fd:cc:18:31:fe:19:6b:16:cb:22:e3:57:97:
c2:92:7f:ba:f9:72:94:6f:59:34:89:a8:d0:b1:49:82:6b:ed:
43:16:b7:f5:54:ea:5d:8c:60:79:49:7c:c2:49:f5:87:03:3d:
de:36:24:a3:e5:27:43:4f:ee:0b:f6:8f:2d:e6:4e:ed:bb:f2:
bb:19:24:91:c5:a5:08:cd:22:f4:01:b4:32:cd:50:8f:3b:69:
4d:c1:f9:57:02:71:d2:6e:56:53:1e:18:97:08:0c:c0:62:ee:
81:24:8b:45:66:e4:48:6e:bf:0b:53:cb:e0:08:97:c1:6a:4e:
69:4f:0d:a4:da:98:01:a9:67:07:9b:f0:ca:33:1b:dc:e8:ae:
f5:d7:b9:d5:25:0e:7c:91:82:73:d3:cc:52:99:99:65:04:32:
b0:c4:e3:55:b1:d5:bd:0c:3f:08:ca:0f:63:85:cb:f2:73:99:
fd:15:29:15:e7:f7:9d:b5:d0:03:7b:4b:d9:85:30:3b:a3:7c:
7d:22:60:a0:29:94:0a:6d:66:d3:64:28:7f:e2:20:8c:9a:d3:
72:34:37:db:d4:af:8d:17:5c:51:a8:12:d0:ae:a6:04:5d:73:
40:96:77:07
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZUX+Jo6Ef00P0C+R/U9d1x7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjUwMjE4MDczMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgzN2Y4Y2M0ZWQ4OTEyZDRiMzMwNGRhOGE5NGRhMzIyNjRkZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0d0fiyZx2VDAN4cwZRq0jXb4UfeO
qaqn5WGPsJ+Nj8JP3ujDMCY6D16Ix7qMUdHLn6NpkR4FCxViybbU6ZURHZD3lOr6
soEqPfz2CnVfljBlgFos1uEXmnWjMYmECMv/U8Ez8sJvSBTTKgDZUjAsZwoVO/z/
Cpetezk5R4zceAREyBMycA8dJurTTmGeZvs7U6ye4+BjuRJegkraW3QUBw089jSn
fmkNA+KQ0Xp7ELpBtexI1j8m0xFCOU2j2LQpP03S9hBWG/JinIQfZ4tgCI/KCt7k
PKjcvazV7d2RygOISmcre8pOSXU2Yg3xeoTq4kBRWI4+bfORgY8BxWI08QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJCDf4zE7YkS1LMwTaipTaMiZN3ZMB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEva0lOX2pNVHRpUkxVc3pCTnFLbE5veUprM2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQGLqYAAwQG
TVnAAwQGXvNAAwQCuQhEAwQCuaeEAwQHvIMAAwQBwe+2AwQFwxbgAwQF1DjAAwQE
2QxwMA0EAgACMAcDBQAqABhYMA0GCSqGSIb3DQEBCwUAA4IBAQB4o3wo/G+guESb
ZbTFhsnBS2u5nvEf9P3MGDH+GWsWyyLjV5fCkn+6+XKUb1k0iajQsUmCa+1DFrf1
VOpdjGB5SXzCSfWHAz3eNiSj5SdDT+4L9o8t5k7tu/K7GSSRxaUIzSL0AbQyzVCP
O2lNwflXAnHSblZTHhiXCAzAYu6BJItFZuRIbr8LU8vgCJfBak5pTw2k2pgBqWcH
m/DKMxvc6K7117nVJQ58kYJz08xSmZllBDKwxONVsdW9DD8Iyg9jhcvyc5n9FSkV
5/edtdADe0vZhTA7o3x9ImCgKZQKbWbTZCh/4iCMmtNyNDfb1K+NF1xRqBLQrqYE
XXNAlncH
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:51:46 2025 by rpki-client