Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/krfTk4Cnlk-xW9hhgPgOA6I3f94.roa
File: krfTk4Cnlk-xW9hhgPgOA6I3f94.roa (raw, json)
Hash identifier: OmQ9jI0YlHVX6eOJN0i3D+1YBrNwoXQDS22GOt1XVWo=
Subject key identifier: 92:B7:D3:93:80:A7:96:4F:B1:5B:D8:61:80:F8:0E:03:A2:37:7F:DE
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01942797AC6FCA05CB36FD82B162595F325F
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/krfTk4Cnlk-xW9hhgPgOA6I3f94.roa
Signing time: Thu 02 Jan 2025 15:17:19 +0000
ROA not before: Thu 02 Jan 2025 15:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34837
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.64.0/24 maxlen: 24
212.16.65.0/24 maxlen: 24
212.16.67.0/24 maxlen: 24
212.16.75.0/24 maxlen: 24
212.16.82.0/24 maxlen: 24
212.16.83.0/24 maxlen: 24
212.16.88.0/24 maxlen: 24
212.16.90.0/24 maxlen: 24
212.16.91.0/24 maxlen: 24
212.80.0.0/19 maxlen: 19
212.80.1.0/24 maxlen: 24
212.80.3.0/24 maxlen: 24
212.80.5.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
212.80.16.0/24 maxlen: 24
212.80.28.0/24 maxlen: 24
212.80.30.0/24 maxlen: 24
212.80.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:97:ac:6f:ca:05:cb:36:fd:82:b1:62:59:5f:32:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 2 15:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92b7d39380a7964fb15bd86180f80e03a2377fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3c:17:11:56:6f:1a:3e:c6:73:f5:9e:ea:ea:
83:f2:55:cb:a3:49:5f:2a:94:f5:bd:e0:00:ea:48:
5d:ec:d4:e9:d0:5e:f7:d6:0b:66:e5:c8:e9:b2:8d:
65:59:04:0d:72:cc:9b:67:01:8e:b3:5f:9e:e1:46:
c7:2f:a5:3e:d1:67:69:f3:d6:fd:9c:45:f5:2c:56:
b6:3f:1a:f4:ee:1c:8a:4a:f4:71:90:e7:1e:1f:b4:
d6:9a:d6:de:9c:7a:92:bb:d2:72:72:4a:22:ba:80:
a7:40:4d:ed:a3:c3:68:85:3b:56:9d:03:50:a3:e6:
87:7b:ec:d6:56:a2:91:ac:da:2f:e3:5c:43:c9:c9:
00:13:e8:e5:ec:2c:c6:0c:26:2a:5c:fc:0e:99:15:
31:7b:07:33:6d:2a:a8:f5:1a:a6:05:22:6c:e8:38:
54:80:4e:0e:d5:81:df:51:62:2a:80:3b:cd:cc:2b:
40:6a:45:34:86:e4:fa:34:0f:b4:a8:82:b4:fd:fe:
e6:f5:a0:49:a6:a0:83:63:48:07:d6:d5:66:e8:26:
20:af:48:70:49:c2:ef:8a:24:c5:0d:99:41:1e:cc:
fc:8f:dd:dd:36:87:6a:19:cf:a6:24:1f:3f:c2:81:
ca:76:0b:53:39:31:c8:35:64:90:cd:ee:b8:a5:1a:
8e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B7:D3:93:80:A7:96:4F:B1:5B:D8:61:80:F8:0E:03:A2:37:7F:DE
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/krfTk4Cnlk-xW9hhgPgOA6I3f94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
212.16.64.0/23
212.16.67.0/24
212.16.75.0/24
212.16.82.0/23
212.16.88.0/24
212.16.90.0/23
212.80.0.0/19
Signature Algorithm: sha256WithRSAEncryption
07:81:5b:d2:7f:1e:8c:b5:98:b5:6f:72:13:36:b2:0b:a4:3a:
ef:a0:52:f1:f9:55:24:32:c4:49:a1:da:31:80:ab:af:66:51:
75:94:87:ce:1f:72:30:b9:17:25:3f:53:3c:9d:77:4f:f8:f4:
28:1f:35:16:74:78:24:20:20:fd:a2:a3:14:e9:9c:1c:4c:db:
a8:18:e5:c4:f2:8c:fd:5f:32:74:07:10:52:32:dd:7f:94:45:
e9:5a:da:98:d0:7b:de:ad:1f:8f:0e:4d:44:56:b4:35:98:84:
30:2d:bd:f2:0d:71:e0:bd:84:92:8e:88:84:dd:ae:41:f0:8e:
14:09:4e:90:ab:6a:ee:8e:58:32:3c:2b:cf:cb:eb:a1:e4:1c:
bf:a7:b8:5a:03:65:80:1b:f6:19:bf:fb:8e:fb:79:d9:58:0f:
4f:9b:32:d4:91:b5:c1:05:95:a2:f9:dd:34:0e:87:69:cd:e5:
4d:5c:d5:95:31:d2:21:97:61:07:1f:02:71:17:95:a0:e4:fb:
9c:fc:79:8a:b6:93:42:98:4d:33:15:4b:51:1f:8d:99:59:6a:
30:75:75:f4:f5:42:72:5c:b5:38:44:16:2e:0a:be:e7:da:98:
9b:2b:86:b9:9c:2f:a0:85:aa:4c:0f:af:44:a8:7d:f7:cb:dd:
a6:c5:ae:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQnl6xvygXLNv2CsWJZXzJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAyMTUxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI3ZDM5MzgwYTc5NjRmYjE1YmQ4NjE4MGY4MGUwM2EyMzc3ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jwXEVZvGj7Gc/We6uqD8lXLo0lf
KpT1veAA6khd7NTp0F731gtm5cjpso1lWQQNcsybZwGOs1+e4UbHL6U+0Wdp89b9
nEX1LFa2Pxr07hyKSvRxkOceH7TWmtbenHqSu9JyckoiuoCnQE3to8NohTtWnQNQ
o+aHe+zWVqKRrNov41xDyckAE+jl7CzGDCYqXPwOmRUxewczbSqo9RqmBSJs6DhU
gE4O1YHfUWIqgDvNzCtAakU0huT6NA+0qIK0/f7m9aBJpqCDY0gH1tVm6CYgr0hw
ScLviiTFDZlBHsz8j93dNodqGc+mJB8/woHKdgtTOTHINWSQze64pRqODwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJK305OAp5ZPsVvYYYD4DgOiN3/eMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEva3JmVGs0Q25say14VzloaGdQZ09BNkkzZjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALiaBAwQA
LiaDAwQALiaMAwQB1BBAAwQA1BBDAwQA1BBLAwQB1BBSAwQA1BBYAwQB1BBaAwQF
1FAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHgVvSfx6MtZi1b3ITNrILpDrvoFLx+VUk
MsRJodoxgKuvZlF1lIfOH3IwuRclP1M8nXdP+PQoHzUWdHgkICD9oqMU6ZwcTNuo
GOXE8oz9XzJ0BxBSMt1/lEXpWtqY0HverR+PDk1EVrQ1mIQwLb3yDXHgvYSSjoiE
3a5B8I4UCU6Qq2rujlgyPCvPy+uh5By/p7haA2WAG/YZv/uO+3nZWA9PmzLUkbXB
BZWi+d00DodpzeVNXNWVMdIhl2EHHwJxF5Wg5Puc/HmKtpNCmE0zFUtRH42ZWWow
dXX09UJyXLU4RBYuCr7n2pibK4a5nC+ghapMD69EqH33y92mxa59
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:29:26 2025 by rpki-client