Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KP--WWgxWH6qj6gHt9gDBTQcFCo.roa
File: KP--WWgxWH6qj6gHt9gDBTQcFCo.roa (raw, json)
Hash identifier: tkcCKU8r6vuSbQqvfzs3nVsf56jNqHgFxFAnDpHwccY=
Subject key identifier: 28:FF:BE:59:68:31:58:7E:AA:8F:A8:07:B7:D8:03:05:34:1C:14:2A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FDE9F2B45B532518770E1902C46E6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KP--WWgxWH6qj6gHt9gDBTQcFCo.roa
Signing time: Thu 02 Jan 2025 05:49:32 +0000
ROA not before: Thu 02 Jan 2025 05:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62069
IP address blocks: 31.148.5.0/24 maxlen: 24
92.38.3.0/24 maxlen: 24
95.47.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:de:9f:2b:45:b5:32:51:87:70:e1:90:2c:46:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28ffbe596831587eaa8fa807b7d80305341c142a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e1:73:45:6e:d6:22:04:e1:ac:5b:7c:1b:6d:
ed:97:b0:ad:44:9b:d2:b3:9e:8f:f1:ea:f6:74:67:
d2:9f:8d:d1:cf:6a:46:9a:fd:fc:d7:01:a9:06:79:
10:78:7f:43:55:40:18:c2:58:c6:ee:3e:4b:b3:81:
27:9c:80:19:86:ea:00:2a:83:d6:15:4b:31:43:18:
84:58:55:0b:36:fb:9c:49:77:04:9f:61:4c:41:db:
0a:73:76:7d:05:94:43:22:ec:81:9f:05:4f:77:99:
82:3b:08:6b:94:d1:e1:0e:f8:d9:ca:fc:66:3b:01:
1d:c0:3e:f3:65:b6:74:a4:f2:07:d3:45:a5:c4:4d:
a0:48:cc:39:34:c5:d8:6b:8a:e7:ff:bc:4c:e0:e9:
27:03:c6:0a:b2:75:f5:36:9f:fd:40:61:c2:2a:c6:
a5:33:9c:34:19:69:ec:32:b8:8f:ba:a1:44:13:31:
1f:94:0c:e8:2b:be:69:0d:0f:80:80:08:f7:4b:51:
a5:fa:b4:cd:45:ea:d3:09:20:ba:4a:ee:bf:40:88:
5a:bf:c5:b3:c2:18:4b:bc:c4:d9:47:c3:c3:d1:05:
9d:7b:54:cb:e4:92:80:7e:42:1a:c7:c8:96:2a:b6:
4b:af:83:85:7e:bd:a5:e8:e0:74:88:0a:24:51:26:
b5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FF:BE:59:68:31:58:7E:AA:8F:A8:07:B7:D8:03:05:34:1C:14:2A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KP--WWgxWH6qj6gHt9gDBTQcFCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.5.0/24
92.38.3.0/24
95.47.242.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:02:f9:7d:ca:fb:0f:8b:73:5c:a5:5c:f0:c3:33:bf:b6:8f:
db:6e:77:90:8a:31:af:ab:65:40:ef:d4:f7:c9:1f:55:14:62:
cf:4e:b3:3e:09:99:62:ea:75:bd:1f:db:4d:5c:3e:cb:2a:3f:
c1:79:9c:8f:42:5a:01:5d:18:4c:f8:67:20:e4:81:43:25:37:
de:cf:ff:b1:17:c6:38:00:8d:c0:bd:7a:23:8c:b8:3d:79:1e:
63:05:84:8d:d1:70:b2:a5:67:c0:65:92:2d:4e:c8:a0:18:4b:
c9:ce:5e:0b:86:d1:58:6a:24:a6:84:54:b9:92:a6:8e:5c:88:
98:a4:36:94:9e:04:a1:e1:9b:b9:7c:b5:0d:bc:7c:ed:ab:3b:
c7:97:52:83:6e:c0:f4:34:36:23:4f:2f:8e:9b:07:d4:64:5b:
df:fc:28:7b:34:fe:0c:7f:bd:8c:31:e0:7a:37:23:8c:c7:08:
2c:57:db:ed:ce:cc:4b:23:bd:93:27:3f:7a:7c:3f:f5:f3:d2:
4a:e9:bb:54:6d:40:ed:df:de:1c:bf:2b:f7:b8:b8:09:0f:50:
52:64:c6:9b:ae:9f:e4:2f:4d:6c:9f:f7:75:2a:17:c2:4f:63:
56:cc:cf:3d:bc:6c:0a:68:6a:49:8b:3d:8d:00:33:6a:9c:f6:
be:77:db:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj96fK0W1MlGHcOGQLEbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZmYmU1OTY4MzE1ODdlYWE4ZmE4MDdiN2Q4MDMwNTM0MWMxNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+FzRW7WIgThrFt8G23tl7CtRJvS
s56P8er2dGfSn43Rz2pGmv381wGpBnkQeH9DVUAYwljG7j5Ls4EnnIAZhuoAKoPW
FUsxQxiEWFULNvucSXcEn2FMQdsKc3Z9BZRDIuyBnwVPd5mCOwhrlNHhDvjZyvxm
OwEdwD7zZbZ0pPIH00WlxE2gSMw5NMXYa4rn/7xM4OknA8YKsnX1Np/9QGHCKsal
M5w0GWnsMriPuqFEEzEflAzoK75pDQ+AgAj3S1Gl+rTNRerTCSC6Su6/QIhav8Wz
whhLvMTZR8PD0QWde1TL5JKAfkIax8iWKrZLr4OFfr2l6OB0iAokUSa1QwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCj/vlloMVh+qo+oB7fYAwU0HBQqMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvS1AtLVdXZ3hXSDZxajZnSHQ5Z0RCVFFjRkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QFAwQA
XCYDAwQAXy/yMA0GCSqGSIb3DQEBCwUAA4IBAQA8Avl9yvsPi3NcpVzwwzO/to/b
bneQijGvq2VA79T3yR9VFGLPTrM+CZli6nW9H9tNXD7LKj/BeZyPQloBXRhM+Gcg
5IFDJTfez/+xF8Y4AI3AvXojjLg9eR5jBYSN0XCypWfAZZItTsigGEvJzl4LhtFY
aiSmhFS5kqaOXIiYpDaUngSh4Zu5fLUNvHztqzvHl1KDbsD0NDYjTy+OmwfUZFvf
/Ch7NP4Mf72MMeB6NyOMxwgsV9vtzsxLI72TJz96fD/189JK6btUbUDt394cvyv3
uLgJD1BSZMabrp/kL01sn/d1KhfCT2NWzM89vGwKaGpJiz2NADNqnPa+d9u/
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:16 2025 by rpki-client