Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dKOI_ah-9mVMMqXAlb3Mx6j-lHU.roa
File: dKOI_ah-9mVMMqXAlb3Mx6j-lHU.roa (raw, json)
Hash identifier: M93IMaHDPd3BgYj63kqyY0MvjpvUtyJJEmbkku7wx/I=
Subject key identifier: 74:A3:88:FD:A8:7E:F6:65:4C:32:A5:C0:95:BD:CC:C7:A8:FE:94:75
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0196FBC6DA050EA776ACF3AE1233FCF92259
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dKOI_ah-9mVMMqXAlb3Mx6j-lHU.roa
Signing time: Fri 23 May 2025 06:13:55 +0000
ROA not before: Fri 23 May 2025 06:13:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 14.102.53.0/24 maxlen: 24
212.32.68.0/24 maxlen: 24
212.32.69.0/24 maxlen: 24
212.32.72.0/24 maxlen: 24
213.254.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fb:c6:da:05:0e:a7:76:ac:f3:ae:12:33:fc:f9:22:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: May 23 06:13:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74a388fda87ef6654c32a5c095bdccc7a8fe9475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4a:6d:44:38:12:27:62:06:1d:e7:38:63:e3:
c4:7c:db:99:c3:4e:52:c2:c1:69:26:5e:5b:6a:ca:
d7:10:6d:11:4d:d1:38:86:dc:0e:28:0e:32:9a:d3:
ad:dd:a8:5f:01:86:7e:d7:5a:a5:7f:9f:7b:79:ee:
46:d4:a1:fc:84:d9:33:85:bb:7b:23:c3:58:fc:fb:
41:72:36:4e:54:1c:2f:1c:d8:38:c9:97:6c:ef:57:
be:01:96:cf:52:ab:18:ad:a5:07:6f:f0:d5:65:e8:
90:cb:87:87:fd:2e:57:4d:95:99:03:be:8b:97:78:
72:a1:0f:46:e7:4e:22:e1:7a:df:a1:d9:68:89:ee:
1e:86:12:e2:37:5b:22:31:30:8b:8d:5a:3a:95:e7:
d9:0f:18:8c:c4:90:25:a6:80:c2:ed:ef:ab:e4:2d:
06:a6:c9:c9:21:54:d8:53:b0:af:56:d2:40:4c:a5:
79:6f:10:32:72:7b:82:23:d4:d7:63:03:3d:92:5f:
0d:22:48:e6:13:6f:9b:6e:58:b3:59:85:03:97:5b:
b3:07:ba:7a:6b:ea:61:1a:68:75:81:57:f4:62:8e:
1d:4e:da:d6:20:1f:20:5d:ce:31:88:41:72:2f:73:
14:88:96:c9:b8:fd:06:fb:66:e4:71:78:f8:3a:27:
ac:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A3:88:FD:A8:7E:F6:65:4C:32:A5:C0:95:BD:CC:C7:A8:FE:94:75
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dKOI_ah-9mVMMqXAlb3Mx6j-lHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.53.0/24
212.32.68.0/23
212.32.72.0/24
213.254.161.0/24
Signature Algorithm: sha256WithRSAEncryption
db:a8:cb:70:0c:42:52:6e:23:fb:a3:ad:e0:bb:b2:8c:22:e8:
25:91:3f:f1:2f:3d:ac:30:90:39:9f:86:08:92:4e:a3:73:21:
3f:a1:d4:b5:64:ee:0f:0e:67:16:33:4a:5d:ea:06:41:7b:3b:
f9:36:07:93:7b:1a:3c:88:5d:ae:0d:f8:04:97:81:a5:18:26:
c5:c0:66:b3:cf:c1:97:b3:1c:01:5c:d8:f1:c5:ef:1b:4e:d8:
5f:cf:66:5a:71:c3:d6:d5:7f:89:21:21:f3:f5:8f:ab:be:5e:
a3:47:18:05:01:84:94:01:9a:d0:8e:bb:96:d6:b5:df:1a:dc:
5f:03:8f:11:21:9d:49:75:d3:07:f2:e2:2c:44:a1:00:c3:1e:
65:32:88:db:f5:8d:ec:5f:40:99:f8:5a:56:85:86:09:4d:2f:
71:d4:6b:a4:10:5b:1f:ff:96:0b:fa:1d:40:38:c8:a1:a6:5e:
2d:11:47:9c:86:bc:8e:94:0c:e0:ab:67:89:cc:c6:d1:cf:43:
5f:2b:9c:9e:c8:88:c7:dc:77:38:20:a6:d3:36:8f:be:7b:78:
3c:6b:2e:ff:8b:0e:86:5e:ba:c8:df:6e:ab:2b:27:6d:1b:7c:
10:fa:04:ac:17:32:1c:b9:df:6b:53:af:12:01:11:2e:df:de:
a6:88:2c:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZb7xtoFDqd2rPOuEjP8+SJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNTIzMDYxMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGEzODhmZGE4N2VmNjY1NGMzMmE1YzA5NWJkY2NjN2E4ZmU5NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEptRDgSJ2IGHec4Y+PEfNuZw05S
wsFpJl5basrXEG0RTdE4htwOKA4ymtOt3ahfAYZ+11qlf597ee5G1KH8hNkzhbt7
I8NY/PtBcjZOVBwvHNg4yZds71e+AZbPUqsYraUHb/DVZeiQy4eH/S5XTZWZA76L
l3hyoQ9G504i4Xrfodloie4ehhLiN1siMTCLjVo6lefZDxiMxJAlpoDC7e+r5C0G
psnJIVTYU7CvVtJATKV5bxAycnuCI9TXYwM9kl8NIkjmE2+bblizWYUDl1uzB7p6
a+phGmh1gVf0Yo4dTtrWIB8gXc4xiEFyL3MUiJbJuP0G+2bkcXj4Oies9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHSjiP2ofvZlTDKlwJW9zMeo/pR1MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZEtPSV9haC05bVZNTXFYQWxiM014NmotbEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQADmY1AwQB
1CBEAwQA1CBIAwQA1f6hMA0GCSqGSIb3DQEBCwUAA4IBAQDbqMtwDEJSbiP7o63g
u7KMIuglkT/xLz2sMJA5n4YIkk6jcyE/odS1ZO4PDmcWM0pd6gZBezv5NgeTexo8
iF2uDfgEl4GlGCbFwGazz8GXsxwBXNjxxe8bTthfz2ZaccPW1X+JISHz9Y+rvl6j
RxgFAYSUAZrQjruW1rXfGtxfA48RIZ1JddMH8uIsRKEAwx5lMojb9Y3sX0CZ+FpW
hYYJTS9x1GukEFsf/5YL+h1AOMihpl4tEUechryOlAzgq2eJzMbRz0NfK5yeyIjH
3Hc4IKbTNo++e3g8ay7/iw6GXrrI326rKydtG3wQ+gSsFzIcud9rU68SAREu396m
iCza
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:08:39 2025 by rpki-client