Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/JcGkGYckXHqchxV-L3gEKPNmYek.roa
File: JcGkGYckXHqchxV-L3gEKPNmYek.roa (raw, json)
Hash identifier: hS6zIHYKPfatfxedsYPXAwx9c3E6SxlRbWsKmbZdyAc=
Subject key identifier: 25:C1:A4:19:87:24:5C:7A:9C:87:15:7E:2F:78:04:28:F3:66:61:E9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0196F79FEF45D0AE472D8142C07EADC63B12
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/JcGkGYckXHqchxV-L3gEKPNmYek.roa
Signing time: Thu 22 May 2025 10:52:55 +0000
ROA not before: Thu 22 May 2025 10:52:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213029
IP address blocks: 93.170.6.0/24 maxlen: 24
95.46.210.0/23 maxlen: 24
95.47.124.0/23 maxlen: 24
95.47.127.0/24 maxlen: 24
95.47.238.0/23 maxlen: 24
146.120.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:9f:ef:45:d0:ae:47:2d:81:42:c0:7e:ad:c6:3b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 22 10:52:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25c1a41987245c7a9c87157e2f780428f36661e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:81:68:d9:08:d4:80:5f:e0:19:28:d0:ac:
98:2a:a0:7f:63:d8:04:46:ea:37:12:29:3f:9a:44:
df:21:63:ec:5c:b8:a1:b6:fa:b7:03:15:48:c0:b0:
01:35:ef:20:47:3f:12:1a:a0:8b:f8:e4:b4:20:cc:
28:6e:78:a0:40:83:77:69:a4:8b:2c:19:11:d7:df:
6f:cd:20:a3:47:11:eb:58:95:7a:fe:f5:74:af:f4:
f9:dd:c5:c7:db:48:fb:d4:f0:6d:98:bf:2b:43:1d:
8d:4f:56:4d:35:ce:b6:e8:59:10:ba:ae:6e:40:5d:
bb:db:03:24:99:85:a3:5a:74:17:03:94:43:b0:c5:
6f:ca:ea:85:07:b2:96:b1:f2:06:38:6c:24:97:2b:
38:a1:eb:98:02:a6:3a:86:54:1a:9a:4b:5c:e1:e5:
ad:12:f0:b5:f8:85:f9:8f:27:d8:79:89:9d:2b:ba:
db:e7:ee:c8:59:68:81:aa:a2:cd:50:2c:34:eb:5f:
80:1f:c3:18:a9:63:f2:51:84:32:e2:02:3b:66:d4:
e6:b7:5f:ab:32:4b:71:1c:81:d4:08:e0:f5:b5:79:
d4:b0:65:eb:c5:8c:15:1d:89:34:2e:b9:01:76:77:
eb:eb:64:ce:42:da:a6:c8:21:ab:6a:c6:46:7c:dc:
f0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C1:A4:19:87:24:5C:7A:9C:87:15:7E:2F:78:04:28:F3:66:61:E9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/JcGkGYckXHqchxV-L3gEKPNmYek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.6.0/24
95.46.210.0/23
95.47.124.0/23
95.47.127.0/24
95.47.238.0/23
146.120.240.0/24
Signature Algorithm: sha256WithRSAEncryption
84:39:58:ea:6a:d1:d8:24:98:dc:03:85:5b:6e:e7:bb:d8:36:
3b:6c:35:23:17:9f:27:90:86:9d:3f:5b:dd:d0:88:bf:aa:c8:
95:3c:69:23:77:9a:a4:d7:bd:09:60:e5:98:8b:ff:1d:c5:48:
20:7e:7a:9d:c8:ad:ed:0f:d4:c8:c3:ee:e7:e1:ce:06:39:be:
31:75:f0:92:53:2c:95:a6:12:62:f3:0f:7b:b0:b2:ad:08:8e:
e0:ac:71:3b:f4:e7:2b:79:db:b7:b2:43:16:2a:e1:2f:83:d9:
0c:f6:ea:f7:4b:7c:13:de:8b:b0:1a:e9:30:6c:12:ce:ee:99:
f4:71:7d:fc:81:a4:aa:8d:9b:8d:0f:72:a3:5d:73:b4:3e:3c:
39:76:5c:78:c2:ac:08:49:0e:e7:f8:26:06:e0:84:fa:75:f6:
4c:12:8c:5b:c2:5f:c4:59:3f:1e:84:5f:49:20:14:6e:58:e3:
ed:b0:d3:af:71:32:89:e5:a5:cb:2d:39:eb:ff:8c:4b:6b:00:
6c:4d:25:db:3f:9e:70:08:da:69:84:01:28:62:69:2c:44:39:
75:66:78:ac:36:79:9f:e8:73:86:aa:c4:c3:f7:ad:5b:39:a4:
2f:e0:df:44:ca:9a:1c:2f:a5:93:d1:7c:77:1c:6f:8a:6a:6f:
15:8b:da:a0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZb3n+9F0K5HLYFCwH6txjsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNTIyMTA1MjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMxYTQxOTg3MjQ1YzdhOWM4NzE1N2UyZjc4MDQyOGYzNjY2MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ+BaNkI1IBf4Bko0KyYKqB/Y9gE
Ruo3Eik/mkTfIWPsXLihtvq3AxVIwLABNe8gRz8SGqCL+OS0IMwobnigQIN3aaSL
LBkR199vzSCjRxHrWJV6/vV0r/T53cXH20j71PBtmL8rQx2NT1ZNNc626FkQuq5u
QF272wMkmYWjWnQXA5RDsMVvyuqFB7KWsfIGOGwklys4oeuYAqY6hlQamktc4eWt
EvC1+IX5jyfYeYmdK7rb5+7IWWiBqqLNUCw061+AH8MYqWPyUYQy4gI7ZtTmt1+r
MktxHIHUCOD1tXnUsGXrxYwVHYk0LrkBdnfr62TOQtqmyCGrasZGfNzwAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCXBpBmHJFx6nIcVfi94BCjzZmHpMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSmNHa0dZY2tYSHFjaHhWLUwzZ0VLUE5tWWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXaoGAwQB
Xy7SAwQBXy98AwQAXy9/AwQBXy/uAwQAknjwMA0GCSqGSIb3DQEBCwUAA4IBAQCE
OVjqatHYJJjcA4Vbbue72DY7bDUjF58nkIadP1vd0Ii/qsiVPGkjd5qk170JYOWY
i/8dxUggfnqdyK3tD9TIw+7n4c4GOb4xdfCSUyyVphJi8w97sLKtCI7grHE79Ocr
edu3skMWKuEvg9kM9ur3S3wT3ouwGukwbBLO7pn0cX38gaSqjZuND3KjXXO0Pjw5
dlx4wqwISQ7n+CYG4IT6dfZMEoxbwl/EWT8ehF9JIBRuWOPtsNOvcTKJ5aXLLTnr
/4xLawBsTSXbP55wCNpphAEoYmksRDl1ZnisNnmf6HOGqsTD961bOaQv4N9Eypoc
L6WT0Xx3HG+Kam8Vi9qg
-----END CERTIFICATE-----
Generated at Fri Jun 6 10:23:57 2025 by rpki-client