Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KKJFn-DgHoGcGc7yHYPAtDy2ChU.roa
File: KKJFn-DgHoGcGc7yHYPAtDy2ChU.roa (raw, json)
Hash identifier: V3e6QBpANOaBk5ZRIIsFmI+mxLWFeE748K5TNCh8oWE=
Subject key identifier: 28:A2:45:9F:E0:E0:1E:81:9C:19:CE:F2:1D:83:C0:B4:3C:B6:0A:15
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD211973B1126AED04B22EC2A92EB0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KKJFn-DgHoGcGc7yHYPAtDy2ChU.roa
Signing time: Thu 02 Jan 2025 07:48:53 +0000
ROA not before: Thu 02 Jan 2025 07:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50304
IP address blocks: 64.137.64.0/23 maxlen: 23
64.137.68.0/24 maxlen: 24
64.137.79.0/24 maxlen: 24
64.137.87.0/24 maxlen: 24
104.143.252.0/24 maxlen: 24
104.239.52.0/23 maxlen: 23
104.250.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:21:19:73:b1:12:6a:ed:04:b2:2e:c2:a9:2e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28a2459fe0e01e819c19cef21d83c0b43cb60a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:85:4f:e8:fe:6e:dd:c3:f0:eb:f8:6b:2f:
0a:26:36:87:78:73:b2:8f:9a:68:a7:0b:24:bd:82:
21:32:55:66:85:b2:58:1f:d1:a6:b5:ef:31:01:ea:
c1:46:b7:c7:da:11:22:92:7e:2b:bb:7e:22:e4:2c:
5f:a1:85:90:f1:5a:6d:6d:51:7e:5c:01:78:d3:2f:
1b:24:c1:ca:66:7e:ef:e3:8c:71:0a:a1:fe:cd:0f:
9e:3c:0d:4f:e9:6a:8c:9e:89:e6:87:51:d6:6b:58:
aa:bb:39:c6:79:5f:7e:a5:6e:ff:4f:35:a5:4d:59:
00:75:f6:1a:1a:1c:03:6f:1c:33:59:7c:ee:5d:68:
48:d3:a5:f8:00:30:51:0e:1a:09:7a:4c:6f:8d:43:
fb:f9:1c:09:19:51:c3:02:66:60:5a:1a:83:e2:9e:
8c:54:c1:f8:c7:34:fc:e6:82:c3:06:0e:1e:ad:9e:
0a:d1:ca:26:90:10:4d:1f:a7:af:78:0e:0e:04:b9:
2d:fd:e5:99:a0:e2:bb:b2:2b:88:4c:0b:87:73:4e:
d7:d3:9f:89:d8:cf:fc:c1:2c:e6:91:1f:af:b6:2e:
f1:45:ac:84:e5:7b:13:af:83:55:70:94:ba:3a:86:
3c:09:a9:0f:f9:d6:78:7e:ed:b2:be:1f:de:3e:8b:
ce:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A2:45:9F:E0:E0:1E:81:9C:19:CE:F2:1D:83:C0:B4:3C:B6:0A:15
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KKJFn-DgHoGcGc7yHYPAtDy2ChU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.64.0/23
64.137.68.0/24
64.137.79.0/24
64.137.87.0/24
104.143.252.0/24
104.239.52.0/23
104.250.204.0/22
Signature Algorithm: sha256WithRSAEncryption
04:1e:8c:37:06:98:47:9d:f6:b7:14:1c:f0:d8:06:69:e4:76:
74:0d:4a:72:40:56:57:06:fd:8b:f3:92:5c:f7:10:1c:9e:e5:
cf:7b:3c:99:5e:a6:11:bb:71:0d:60:1d:fa:6b:8c:97:43:c0:
33:38:12:75:5d:10:d1:63:22:7a:21:d1:48:30:8b:bb:8b:e9:
4f:ef:c0:7c:88:15:45:f4:50:0d:0a:63:1e:3d:cd:03:c4:1c:
16:d3:1a:88:6c:1d:7d:26:4b:9b:83:59:ef:d9:0b:d8:95:ad:
bd:36:4f:54:ea:a8:28:60:07:1c:7b:46:2c:eb:ed:a4:79:07:
59:73:03:b2:2d:8a:c9:89:30:c0:cd:de:be:79:08:d5:5e:0f:
ab:11:9c:d7:fd:5d:d5:8b:da:28:69:59:96:52:7c:c7:95:f2:
58:d5:e6:b9:4c:8f:19:77:fa:a0:b4:9c:f4:d9:ce:c3:ee:56:
18:32:15:88:5e:06:b9:36:11:49:eb:83:04:d8:95:32:ed:db:
1b:9a:9f:8a:8f:3d:06:85:e7:5e:d7:66:37:8d:96:b7:8f:3a:
8d:07:04:1a:8e:68:1a:37:3f:b5:73:02:0d:fa:c5:aa:5f:7b:
46:da:f0:b2:75:16:c0:cb:bf:0e:fc:60:da:79:49:6c:95:42:
eb:92:5b:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQl/SEZc7ESau0Esi7CqS6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEyNDU5ZmUwZTAxZTgxOWMxOWNlZjIxZDgzYzBiNDNjYjYwYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYqFT+j+bt3D8Ov4ay8KJjaHeHOy
j5popwskvYIhMlVmhbJYH9Gmte8xAerBRrfH2hEikn4ru34i5CxfoYWQ8VptbVF+
XAF40y8bJMHKZn7v44xxCqH+zQ+ePA1P6WqMnonmh1HWa1iquznGeV9+pW7/TzWl
TVkAdfYaGhwDbxwzWXzuXWhI06X4ADBRDhoJekxvjUP7+RwJGVHDAmZgWhqD4p6M
VMH4xzT85oLDBg4erZ4K0comkBBNH6eveA4OBLkt/eWZoOK7siuITAuHc07X05+J
2M/8wSzmkR+vti7xRayE5XsTr4NVcJS6OoY8CakP+dZ4fu2yvh/ePovOLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCiiRZ/g4B6BnBnO8h2DwLQ8tgoVMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvS0tKRm4tRGdIb0djR2M3eUhZUEF0RHkyQ2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBQIlAAwQA
QIlEAwQAQIlPAwQAQIlXAwQAaI/8AwQBaO80AwQCaPrMMA0GCSqGSIb3DQEBCwUA
A4IBAQAEHow3BphHnfa3FBzw2AZp5HZ0DUpyQFZXBv2L85Jc9xAcnuXPezyZXqYR
u3ENYB36a4yXQ8AzOBJ1XRDRYyJ6IdFIMIu7i+lP78B8iBVF9FANCmMePc0DxBwW
0xqIbB19Jkubg1nv2QvYla29Nk9U6qgoYAcce0Ys6+2keQdZcwOyLYrJiTDAzd6+
eQjVXg+rEZzX/V3Vi9ooaVmWUnzHlfJY1ea5TI8Zd/qgtJz02c7D7lYYMhWIXga5
NhFJ64ME2JUy7dsbmp+Kjz0Ghede12Y3jZa3jzqNBwQajmgaNz+1cwIN+sWqX3tG
2vCydRbAy78O/GDaeUlslULrkls1
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:15:31 2025 by rpki-client