Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/kQIT49dupYkJvGGi58HCZAP0nfk.roa
File: kQIT49dupYkJvGGi58HCZAP0nfk.roa (raw, json)
Hash identifier: lcSVm0RalnAYkcxEjJeJDglItFkRZv2M8qe+S7D6bEQ=
Subject key identifier: 91:02:13:E3:D7:6E:A5:89:09:BC:61:A2:E7:C1:C2:64:03:F4:9D:F9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0196916E0C07981F3993125483D76137B7B5
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/kQIT49dupYkJvGGi58HCZAP0nfk.roa
Signing time: Fri 02 May 2025 14:37:10 +0000
ROA not before: Fri 02 May 2025 14:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209309
IP address blocks: 85.208.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:6e:0c:07:98:1f:39:93:12:54:83:d7:61:37:b7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 2 14:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=910213e3d76ea58909bc61a2e7c1c26403f49df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:71:5d:50:6f:60:25:1c:a8:59:4f:de:50:
42:83:74:86:66:3c:53:cb:59:8c:25:d5:3a:e1:c8:
15:b7:73:30:eb:be:63:18:dd:d3:4a:2c:c1:fc:44:
91:af:33:f6:ef:da:f8:e5:c5:29:23:e5:e7:86:a1:
a0:6e:80:f1:db:59:eb:3e:cb:28:dd:66:8d:f3:79:
46:23:d8:a5:8c:ed:e0:83:06:1b:05:5c:ef:cc:d3:
8f:a3:42:bf:d8:dd:54:b6:45:44:f4:b9:2b:83:3b:
5d:38:2c:fa:04:a2:e1:4b:6b:92:02:86:02:f7:ab:
57:2d:6b:b1:c5:fd:02:3a:35:f2:68:bd:78:25:f1:
ec:e7:f5:d4:a3:7e:e5:ee:66:ab:3a:76:af:3c:88:
1f:26:20:d9:65:03:b7:d9:f1:d9:e1:0c:0e:b0:e4:
4d:62:ef:c2:ad:30:3a:fe:0a:66:da:72:86:ea:7c:
f8:ee:c1:f3:0e:04:2d:c9:4b:f5:aa:9a:93:59:c3:
ff:27:43:ef:e9:b8:e8:1f:e4:22:e8:3e:e8:c2:0e:
35:6a:d2:78:99:b7:03:37:48:b5:70:1d:0b:a4:a8:
5e:6a:c3:35:5b:cf:9c:87:39:82:a5:ea:f2:df:ee:
a9:52:98:59:6c:d3:5e:d9:00:70:fc:28:ce:4d:a2:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:02:13:E3:D7:6E:A5:89:09:BC:61:A2:E7:C1:C2:64:03:F4:9D:F9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/kQIT49dupYkJvGGi58HCZAP0nfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.84.0/24
Signature Algorithm: sha256WithRSAEncryption
48:61:b1:9c:52:89:9f:da:1d:67:f8:ba:74:2e:02:8c:af:23:
67:5e:83:d8:e1:42:8a:7e:3a:6e:d0:b3:87:e9:a2:48:3d:72:
e4:19:29:ab:09:a8:57:da:fe:59:67:0e:c9:f2:a6:39:72:aa:
a2:46:b3:46:20:2c:e7:a3:f8:e8:f6:3f:30:fc:7a:36:ff:68:
2d:5a:a1:61:2e:24:c3:cb:ee:c1:7f:35:6e:ef:e9:6f:7d:35:
01:2e:47:82:48:be:dd:23:49:03:39:c9:f0:fc:21:bc:67:05:
6b:9f:dd:00:54:50:a0:93:bb:ee:0f:d6:44:d1:c3:52:78:c0:
1b:49:f0:17:4d:e1:c0:f8:d1:ca:98:6f:7d:6d:5b:d0:cb:55:
f2:c2:34:0b:df:67:88:f4:a6:28:38:1c:84:69:f5:c0:d1:4a:
41:40:d9:b9:38:cf:3b:6f:43:8e:2d:17:fa:2b:15:4e:99:44:
7d:e4:43:6a:6c:50:61:2a:a9:c1:a3:36:75:6f:ef:85:af:cd:
18:20:2e:10:da:e7:f3:54:6e:9d:20:46:17:50:ff:2e:b7:83:
cd:bb:87:53:1b:ac:42:c6:f7:8b:4c:e0:0e:55:dd:9d:e2:25:
cb:a5:22:7f:7c:68:16:61:51:0e:d3:78:61:f0:ef:b8:f9:ef:
de:d3:58:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaRbgwHmB85kxJUg9dhN7e1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNTAyMTQzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTAyMTNlM2Q3NmVhNTg5MDliYzYxYTJlN2MxYzI2NDAzZjQ5ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspJxXVBvYCUcqFlP3lBCg3SGZjxT
y1mMJdU64cgVt3Mw675jGN3TSizB/ESRrzP279r45cUpI+XnhqGgboDx21nrPsso
3WaN83lGI9iljO3ggwYbBVzvzNOPo0K/2N1UtkVE9LkrgztdOCz6BKLhS2uSAoYC
96tXLWuxxf0COjXyaL14JfHs5/XUo37l7marOnavPIgfJiDZZQO32fHZ4QwOsORN
Yu/CrTA6/gpm2nKG6nz47sHzDgQtyUv1qpqTWcP/J0Pv6bjoH+Qi6D7owg41atJ4
mbcDN0i1cB0LpKheasM1W8+chzmCpery3+6pUphZbNNe2QBw/CjOTaKylQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJECE+PXbqWJCbxhoufBwmQD9J35MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEva1FJVDQ5ZHVwWWtKdkdHaTU4SENaQVAwbmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBUMA0G
CSqGSIb3DQEBCwUAA4IBAQBIYbGcUomf2h1n+Lp0LgKMryNnXoPY4UKKfjpu0LOH
6aJIPXLkGSmrCahX2v5ZZw7J8qY5cqqiRrNGICzno/jo9j8w/Ho2/2gtWqFhLiTD
y+7BfzVu7+lvfTUBLkeCSL7dI0kDOcnw/CG8ZwVrn90AVFCgk7vuD9ZE0cNSeMAb
SfAXTeHA+NHKmG99bVvQy1XywjQL32eI9KYoOByEafXA0UpBQNm5OM87b0OOLRf6
KxVOmUR95ENqbFBhKqnBozZ1b++Fr80YIC4Q2ufzVG6dIEYXUP8ut4PNu4dTG6xC
xveLTOAOVd2d4iXLpSJ/fGgWYVEO03hh8O+4+e/e01hk
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:21:01 2025 by rpki-client