Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/kMJn1HheqQ9Rsacjsd3PZ6CXhTk.roa
File: kMJn1HheqQ9Rsacjsd3PZ6CXhTk.roa (raw, json)
Hash identifier: QHx3y/n5TxjTD6iBbFsTYJr5O+YrfK0OyTuVkyzqTiI=
Subject key identifier: 90:C2:67:D4:78:5E:A9:0F:51:B1:A7:23:B1:DD:CF:67:A0:97:85:39
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019726460EDA35582AD760E0E0B9B6F80204
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/kMJn1HheqQ9Rsacjsd3PZ6CXhTk.roa
Signing time: Sat 31 May 2025 12:16:54 +0000
ROA not before: Sat 31 May 2025 12:16:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47596
IP address blocks: 185.120.56.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:26:46:0e:da:35:58:2a:d7:60:e0:e0:b9:b6:f8:02:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: May 31 12:16:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90c267d4785ea90f51b1a723b1ddcf67a0978539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a2:d4:5a:33:d1:b4:6b:47:71:84:20:68:72:
0c:c6:4b:d0:88:7a:dc:f2:5e:6f:45:f4:83:f5:d4:
17:55:3e:3d:ad:31:3f:14:82:0b:5d:b6:f6:46:d4:
88:1a:d2:43:91:9b:a9:19:e4:ac:35:1f:5c:8a:64:
f1:25:a5:12:db:b0:3e:f5:42:e2:ff:81:17:a9:60:
8e:50:e0:48:ac:cd:79:2a:b3:6c:6f:ea:47:6c:c7:
73:c9:93:b8:42:88:ac:70:19:c1:b7:55:3f:a8:e7:
93:52:8a:c5:3c:20:85:51:f3:d8:3d:ab:f4:00:55:
40:98:d7:1a:66:8e:82:b2:f8:ce:52:9a:90:f5:40:
34:5f:64:36:ef:fd:32:bd:7b:b5:e4:47:a9:98:ac:
8b:c9:c4:c0:eb:c1:50:28:0f:22:39:fe:98:f7:78:
b0:29:09:7b:3f:f6:a8:e9:72:14:07:a2:59:3a:2b:
66:96:39:dd:af:ff:72:86:4d:1e:25:71:9f:23:54:
2c:93:23:ab:97:ce:e4:3a:52:e3:1d:c3:38:6c:47:
7a:90:e0:8a:99:0b:fc:53:57:d3:ae:e0:96:50:dd:
d4:9c:f9:e5:4b:73:a2:ff:83:e0:c8:02:cb:cf:d6:
2b:d2:06:a2:8d:76:4d:db:84:84:69:a4:6b:17:de:
a3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C2:67:D4:78:5E:A9:0F:51:B1:A7:23:B1:DD:CF:67:A0:97:85:39
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/kMJn1HheqQ9Rsacjsd3PZ6CXhTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0-185.120.58.255
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
99:18:98:27:e8:ec:32:00:e6:ab:cc:f4:69:8a:f3:b8:a3:51:
c4:8a:ef:7e:cd:97:04:99:29:05:d8:b9:94:84:f6:45:5f:68:
7b:22:e3:2e:d7:03:72:01:80:ae:8c:80:9e:38:26:0e:e4:b8:
d0:ba:f7:75:7a:bb:0c:51:83:7f:81:6f:9d:cf:27:6c:2c:49:
61:ac:27:b7:a6:4b:e3:f7:4b:2d:cb:85:6f:18:c2:de:bd:17:
60:76:33:de:32:a7:df:08:d0:1d:75:e3:65:73:cc:a7:9c:24:
60:7e:4a:da:38:5c:e8:d1:10:68:f8:ad:14:36:7d:af:01:6a:
3b:ed:f3:f0:c6:3d:70:3a:ef:b3:47:ff:aa:6e:27:7c:2c:7e:
39:0b:ed:c7:bf:1e:fb:c7:f6:31:8a:f3:e0:76:06:83:6c:d2:
bf:36:85:b8:ac:ea:3b:5c:b9:c6:a5:8c:8a:8d:bc:65:f5:88:
bc:07:0e:bf:c6:da:81:4d:3f:ef:39:cb:a8:4c:fa:0b:5c:40:
39:d4:d6:5a:aa:51:a6:68:1f:9d:df:8a:ca:95:bc:04:d2:67:
50:91:58:fd:da:3e:45:47:87:ff:50:70:58:d0:b6:ab:58:ae:
f2:5a:78:8f:71:e0:40:ca:4c:32:19:b7:44:c2:d9:21:f7:11:
7b:5e:b3:6a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZcmRg7aNVgq12Dg4Lm2+AIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjUwNTMxMTIxNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGMyNjdkNDc4NWVhOTBmNTFiMWE3MjNiMWRkY2Y2N2EwOTc4NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06LUWjPRtGtHcYQgaHIMxkvQiHrc
8l5vRfSD9dQXVT49rTE/FIILXbb2RtSIGtJDkZupGeSsNR9cimTxJaUS27A+9ULi
/4EXqWCOUOBIrM15KrNsb+pHbMdzyZO4QoiscBnBt1U/qOeTUorFPCCFUfPYPav0
AFVAmNcaZo6CsvjOUpqQ9UA0X2Q27/0yvXu15EepmKyLycTA68FQKA8iOf6Y93iw
KQl7P/ao6XIUB6JZOitmljndr/9yhk0eJXGfI1QskyOrl87kOlLjHcM4bEd6kOCK
mQv8U1fTruCWUN3UnPnlS3Oi/4PgyALLz9Yr0gaijXZN24SEaaRrF96jBwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJDCZ9R4XqkPUbGnI7Hdz2egl4U5MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEva01KbjFIaGVxUTlSc2FjanNkM1BaNkNYaFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAO5eDgD
BAC5eDoDBADUFk0wDwQCAAIwCQMHACoGw8AAATANBgkqhkiG9w0BAQsFAAOCAQEA
mRiYJ+jsMgDmq8z0aYrzuKNRxIrvfs2XBJkpBdi5lIT2RV9oeyLjLtcDcgGAroyA
njgmDuS40Lr3dXq7DFGDf4Fvnc8nbCxJYawnt6ZL4/dLLcuFbxjC3r0XYHYz3jKn
3wjQHXXjZXPMp5wkYH5K2jhc6NEQaPitFDZ9rwFqO+3z8MY9cDrvs0f/qm4nfCx+
OQvtx78e+8f2MYrz4HYGg2zSvzaFuKzqO1y5xqWMio28ZfWIvAcOv8bagU0/7znL
qEz6C1xAOdTWWqpRpmgfnd+KypW8BNJnUJFY/do+RUeH/1BwWNC2q1iu8lp4j3Hg
QMpMMhm3RMLZIfcRe16zag==
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:17:41 2025 by rpki-client