Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ks2hVCKo5L2_k6S_zV6eRtIk08s.roa
File: ks2hVCKo5L2_k6S_zV6eRtIk08s.roa (raw, json)
Hash identifier: AubqwiwyO56j7tK5kMsMak20PtpZIKM+JW8QUxZj/AU=
Subject key identifier: 92:CD:A1:54:22:A8:E4:BD:BF:93:A4:BF:CD:5E:9E:46:D2:24:D3:CB
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019734D75A1957ADF91C590BF786D9EA184D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ks2hVCKo5L2_k6S_zV6eRtIk08s.roa
Signing time: Tue 03 Jun 2025 08:10:17 +0000
ROA not before: Tue 03 Jun 2025 08:10:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202561
IP address blocks: 188.132.152.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
188.132.221.0/24 maxlen: 24
188.132.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:d7:5a:19:57:ad:f9:1c:59:0b:f7:86:d9:ea:18:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jun 3 08:10:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92cda15422a8e4bdbf93a4bfcd5e9e46d224d3cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7a:d5:96:44:b1:ca:52:a9:17:55:02:7f:06:
12:a9:5f:8c:bc:a9:7d:8a:de:25:b5:6b:b6:3e:6a:
72:a7:05:04:60:3c:38:6a:79:5f:26:63:22:cc:a2:
9b:3a:41:b3:c7:52:38:b1:2b:fb:54:4d:c5:85:5a:
63:00:14:b5:04:2f:f8:2f:77:52:e0:6a:93:8f:70:
ab:9b:46:01:a5:0f:ad:37:e2:d5:69:af:c8:73:9a:
89:84:f8:c6:19:8b:94:a4:f6:86:15:d2:8d:c2:ed:
4b:6e:fe:d5:66:a8:6b:a0:26:5b:ea:74:27:85:c9:
48:32:c3:79:f3:4e:48:3d:07:68:02:78:27:cd:6a:
28:eb:69:25:a7:80:0e:16:49:2e:69:f1:51:24:e8:
ad:6e:38:e9:4b:8e:48:77:ca:4e:38:5d:58:7b:f4:
5d:58:e9:6b:fe:69:cf:b4:19:8a:1d:73:40:0a:eb:
d9:23:26:b9:67:f7:3a:32:e4:58:22:15:36:df:74:
74:17:69:90:83:31:58:7d:fa:3a:36:86:30:63:ee:
9b:40:d3:88:ff:05:7d:b1:66:88:63:6f:78:4d:7f:
de:17:c5:f9:b9:8d:c2:11:e3:a3:12:2a:ce:07:8c:
9d:a4:77:6b:68:81:31:a0:47:24:35:a4:3e:47:95:
3b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CD:A1:54:22:A8:E4:BD:BF:93:A4:BF:CD:5E:9E:46:D2:24:D3:CB
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ks2hVCKo5L2_k6S_zV6eRtIk08s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.152.0/24
188.132.203.0/24
188.132.221.0-188.132.222.255
Signature Algorithm: sha256WithRSAEncryption
29:54:04:e8:d5:3b:48:4c:de:c6:f7:7a:4b:9b:ed:e3:7d:16:
72:36:a8:97:65:d0:b5:a9:c8:81:e8:f7:e1:e7:88:d5:66:3c:
e1:8d:99:29:06:19:ec:25:82:0e:f6:65:03:39:d8:04:5f:73:
69:9f:5c:08:d3:16:55:9f:30:30:6c:96:95:02:f3:92:0c:91:
af:c8:7c:e1:a4:a9:7d:8e:b6:9e:52:92:41:a9:b4:42:c2:98:
a8:2b:26:b4:50:12:c6:4b:c0:27:6b:7a:20:ad:dd:6d:71:84:
72:e6:46:36:97:f6:88:80:24:0e:b7:3a:91:2b:1d:3b:08:fa:
17:e1:3c:d5:26:08:d0:c4:5b:cb:c9:f8:93:55:be:e7:1d:14:
4e:85:65:78:6d:8a:36:bd:52:a4:0f:10:8d:27:25:db:92:ba:
fe:bc:c9:58:bb:3b:fc:ee:d4:a0:d1:f3:0a:bc:2a:d9:02:da:
fc:9b:d6:29:18:51:65:35:ea:1b:59:c1:ae:ae:cd:7d:0a:52:
15:2b:3e:32:8e:ff:3f:af:be:0f:20:df:df:1b:c6:07:09:12:
28:16:3e:3f:1c:3f:23:76:f9:8e:7f:2c:13:79:0e:52:ca:c5:
60:df:d4:de:33:6f:10:3e:ed:78:60:b9:5c:d9:5e:62:46:d3:
77:1e:41:aa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZc011oZV635HFkL94bZ6hhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNjAzMDgxMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNkYTE1NDIyYThlNGJkYmY5M2E0YmZjZDVlOWU0NmQyMjRkM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHrVlkSxylKpF1UCfwYSqV+MvKl9
it4ltWu2PmpypwUEYDw4anlfJmMizKKbOkGzx1I4sSv7VE3FhVpjABS1BC/4L3dS
4GqTj3Crm0YBpQ+tN+LVaa/Ic5qJhPjGGYuUpPaGFdKNwu1Lbv7VZqhroCZb6nQn
hclIMsN5805IPQdoAngnzWoo62klp4AOFkkuafFRJOitbjjpS45Id8pOOF1Ye/Rd
WOlr/mnPtBmKHXNACuvZIya5Z/c6MuRYIhU233R0F2mQgzFYffo6NoYwY+6bQNOI
/wV9sWaIY294TX/eF8X5uY3CEeOjEirOB4ydpHdraIExoEckNaQ+R5U7KQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJLNoVQiqOS9v5Okv81enkbSJNPLMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEva3MyaFZDS281TDJfazZTX3pWNmVSdElrMDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAvISYAwQA
vITLMAwDBAC8hN0DBAC8hN4wDQYJKoZIhvcNAQELBQADggEBAClUBOjVO0hM3sb3
ekub7eN9FnI2qJdl0LWpyIHo9+HniNVmPOGNmSkGGewlgg72ZQM52ARfc2mfXAjT
FlWfMDBslpUC85IMka/IfOGkqX2Otp5SkkGptELCmKgrJrRQEsZLwCdreiCt3W1x
hHLmRjaX9oiAJA63OpErHTsI+hfhPNUmCNDEW8vJ+JNVvucdFE6FZXhtija9UqQP
EI0nJduSuv68yVi7O/zu1KDR8wq8KtkC2vyb1ikYUWU16htZwa6uzX0KUhUrPjKO
/z+vvg8g398bxgcJEigWPj8cPyN2+Y5/LBN5DlLKxWDf1N4zbxA+7XhguVzZXmJG
03ceQao=
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:30:17 2025 by rpki-client