Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kl36awhzfsop7GgELsEJo3vTqlM.roa
File: kl36awhzfsop7GgELsEJo3vTqlM.roa (raw, json)
Hash identifier: i1Y1Q4V1qiBLr3d5jT6i7TzoPO+NTihTUU++FBZ5ox8=
Subject key identifier: 92:5D:FA:6B:08:73:7E:CA:29:EC:68:04:2E:C1:09:A3:7B:D3:AA:53
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019426D9F1FB36E519E2B882EE9E1E168421
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kl36awhzfsop7GgELsEJo3vTqlM.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205411
IP address blocks: 185.21.124.0/22 maxlen: 24
208.82.72.0/22 maxlen: 24
212.237.244.0/22 maxlen: 24
2a00:5560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:f1:fb:36:e5:19:e2:b8:82:ee:9e:1e:16:84:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=925dfa6b08737eca29ec68042ec109a37bd3aa53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:f2:d3:fe:18:0d:fd:15:40:cc:97:cc:8e:
87:1c:32:f1:ce:0a:39:2b:4c:e8:00:fd:07:95:23:
59:64:a7:ea:bf:66:5e:c6:d2:26:7e:30:82:e9:47:
11:6b:aa:9b:af:19:2b:af:03:41:38:20:d4:1e:cb:
e1:4a:f0:6d:03:e0:0c:b5:5e:5b:0c:67:a7:4b:6f:
80:ba:00:ff:04:f6:75:fa:ed:f0:35:a9:fd:29:77:
b4:b8:2b:59:09:8d:dc:9b:62:67:01:11:ff:6e:4d:
5a:d0:5f:d6:42:c2:c0:4f:3f:59:ce:5a:00:1a:e4:
ad:9e:fe:a8:96:09:97:d8:c8:a2:6a:9e:a6:77:fe:
9b:0c:7a:e9:0a:a2:27:b3:aa:86:0e:a5:bc:dd:f2:
2b:1b:da:55:08:4b:a8:7c:f4:7c:53:5a:c7:03:3e:
a7:b4:c6:8d:b6:94:2f:7d:45:70:f5:3b:1f:2f:41:
37:d3:ca:0e:fc:c3:a0:fe:41:41:57:e5:5f:e6:0a:
57:77:1c:1f:83:57:9c:81:13:a3:08:e6:f2:43:9c:
ff:c6:e5:39:03:b3:36:88:99:f9:5d:6a:1d:8d:db:
8a:9d:ff:d9:0b:e5:7d:85:f5:1e:56:68:6c:39:23:
07:e2:72:bd:d1:b0:97:6f:3f:19:c2:38:b2:c3:19:
8a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:5D:FA:6B:08:73:7E:CA:29:EC:68:04:2E:C1:09:A3:7B:D3:AA:53
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kl36awhzfsop7GgELsEJo3vTqlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.124.0/22
208.82.72.0/22
212.237.244.0/22
IPv6:
2a00:5560::/32
Signature Algorithm: sha256WithRSAEncryption
9f:b4:36:9d:a1:c4:d0:01:0e:d4:7e:00:08:d5:72:b7:60:27:
c8:25:38:99:2d:c1:02:f6:1f:23:80:00:83:77:33:e0:17:00:
9c:d7:62:53:8d:03:95:72:68:75:34:d9:2d:25:b4:f5:3e:54:
5a:06:ce:62:a9:d4:2b:ae:d6:14:8c:a7:f2:ec:f5:f0:ec:8e:
36:1e:d9:a5:eb:e9:83:ab:7e:e1:9c:22:5d:41:d3:94:87:8b:
ea:65:9b:86:ad:32:04:d6:0a:59:4f:61:7c:cf:13:e3:33:ba:
9d:8e:4f:63:5f:07:5e:9d:e8:11:bf:27:0a:1d:3c:1f:64:29:
81:35:30:90:37:36:89:61:9a:e5:f1:dc:09:f4:e6:d5:d7:5b:
23:4c:a4:c9:e4:44:87:3f:1b:86:e6:df:6c:ac:09:e0:e5:a8:
51:e0:e7:1f:97:4c:da:4d:3b:3d:20:81:eb:8c:c9:ee:8c:7f:
98:31:f6:83:c8:3b:3d:eb:5a:17:ca:c0:23:3b:2a:fb:ff:f5:
0f:dd:be:f8:5a:ad:4a:6d:02:df:b8:4f:77:73:ea:43:4c:c9:
25:10:2d:4a:a8:0c:39:3f:e9:b6:87:d3:30:00:68:d4:0c:36:
cb:84:9c:42:56:6b:52:e0:61:a0:75:b7:3f:a9:3c:65:6b:3e:
54:1b:63:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2fH7NuUZ4riC7p4eFoQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjVkZmE2YjA4NzM3ZWNhMjllYzY4MDQyZWMxMDlhMzdiZDNhYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyby0/4YDf0VQMyXzI6HHDLxzgo5
K0zoAP0HlSNZZKfqv2ZextImfjCC6UcRa6qbrxkrrwNBOCDUHsvhSvBtA+AMtV5b
DGenS2+AugD/BPZ1+u3wNan9KXe0uCtZCY3cm2JnARH/bk1a0F/WQsLATz9ZzloA
GuStnv6olgmX2Miiap6md/6bDHrpCqIns6qGDqW83fIrG9pVCEuofPR8U1rHAz6n
tMaNtpQvfUVw9TsfL0E308oO/MOg/kFBV+Vf5gpXdxwfg1ecgROjCObyQ5z/xuU5
A7M2iJn5XWodjduKnf/ZC+V9hfUeVmhsOSMH4nK90bCXbz8ZwjiywxmKWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJJd+msIc37KKexoBC7BCaN706pTMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEva2wzNmF3aHpmc29wN0dnRUxzRUpvM3ZUcWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRV8AwQC
0FJIAwQC1O30MA0EAgACMAcDBQAqAFVgMA0GCSqGSIb3DQEBCwUAA4IBAQCftDad
ocTQAQ7UfgAI1XK3YCfIJTiZLcEC9h8jgACDdzPgFwCc12JTjQOVcmh1NNktJbT1
PlRaBs5iqdQrrtYUjKfy7PXw7I42Html6+mDq37hnCJdQdOUh4vqZZuGrTIE1gpZ
T2F8zxPjM7qdjk9jXwdenegRvycKHTwfZCmBNTCQNzaJYZrl8dwJ9ObV11sjTKTJ
5ESHPxuG5t9srAng5ahR4Ocfl0zaTTs9IIHrjMnujH+YMfaDyDs961oXysAjOyr7
//UP3b74Wq1KbQLfuE93c+pDTMklEC1KqAw5P+m2h9MwAGjUDDbLhJxCVmtS4GGg
dbc/qTxlaz5UG2NV
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:03:53 2025 by rpki-client