Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KpPs2aLyaBaC9q4BflqcrburtSE.roa
File: KpPs2aLyaBaC9q4BflqcrburtSE.roa (raw, json)
Hash identifier: bPqMpNWNCyRm4j388ufY+KY4YQkezAkc36SWBrPoHKQ=
Subject key identifier: 2A:93:EC:D9:A2:F2:68:16:82:F6:AE:01:7E:5A:9C:AD:BB:AB:B5:21
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5AAAD9667ECCBB5D7F77803F88E16
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KpPs2aLyaBaC9q4BflqcrburtSE.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25454
IP address blocks: 92.181.0.0/24 maxlen: 24
92.181.1.0/24 maxlen: 24
92.181.2.0/23 maxlen: 23
92.181.4.0/23 maxlen: 23
92.181.6.0/23 maxlen: 23
92.181.8.0/23 maxlen: 23
92.181.10.0/23 maxlen: 23
92.181.12.0/23 maxlen: 23
92.181.14.0/23 maxlen: 23
92.181.16.0/23 maxlen: 23
92.181.18.0/23 maxlen: 23
92.181.20.0/23 maxlen: 23
92.181.22.0/24 maxlen: 24
92.181.23.0/24 maxlen: 24
92.181.24.0/23 maxlen: 23
92.181.26.0/23 maxlen: 23
92.181.28.0/23 maxlen: 23
92.181.30.0/23 maxlen: 23
92.181.32.0/23 maxlen: 23
92.181.34.0/23 maxlen: 23
92.181.36.0/23 maxlen: 23
92.181.38.0/24 maxlen: 24
92.181.39.0/24 maxlen: 24
92.181.40.0/23 maxlen: 23
92.181.42.0/24 maxlen: 24
92.181.48.0/23 maxlen: 23
92.181.50.0/23 maxlen: 23
92.181.52.0/23 maxlen: 23
92.181.54.0/23 maxlen: 23
92.181.56.0/23 maxlen: 23
92.181.58.0/23 maxlen: 23
92.181.60.0/23 maxlen: 23
92.181.62.0/23 maxlen: 23
92.181.64.0/24 maxlen: 24
92.181.65.0/24 maxlen: 24
92.181.66.0/24 maxlen: 24
92.181.67.0/24 maxlen: 24
92.181.68.0/24 maxlen: 24
92.181.69.0/24 maxlen: 24
92.181.70.0/23 maxlen: 23
92.181.72.0/23 maxlen: 23
92.181.74.0/24 maxlen: 24
92.181.75.0/24 maxlen: 24
92.181.76.0/23 maxlen: 23
92.181.78.0/23 maxlen: 23
92.181.80.0/23 maxlen: 23
92.181.82.0/23 maxlen: 23
92.181.84.0/23 maxlen: 23
92.181.86.0/23 maxlen: 23
92.181.88.0/24 maxlen: 24
92.181.89.0/24 maxlen: 24
92.181.90.0/23 maxlen: 23
92.181.92.0/23 maxlen: 23
92.181.94.0/23 maxlen: 23
92.181.96.0/23 maxlen: 23
92.181.98.0/23 maxlen: 23
92.181.100.0/23 maxlen: 23
2a01:c8c0::/28 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:aa:ad:96:67:ec:cb:b5:d7:f7:78:03:f8:8e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a93ecd9a2f2681682f6ae017e5a9cadbbabb521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:38:47:7e:ac:1e:98:48:ce:ce:a7:c9:20:
57:ad:c0:da:fb:60:92:b3:1c:03:60:31:c1:75:63:
d0:81:35:39:18:92:65:20:fa:1b:83:e4:39:67:d3:
11:37:2e:6a:ce:8a:cc:06:ca:3d:2b:52:08:8d:cc:
b8:a5:f5:e4:5f:52:65:56:02:56:e5:6b:2d:52:93:
51:40:6f:28:53:4d:c7:0d:85:7c:4b:4b:58:40:d5:
ad:3e:37:c2:9e:4d:51:61:c4:9a:93:0d:92:70:15:
ba:c3:ab:e7:c1:6c:ba:1c:d6:b2:82:a3:a6:43:fa:
f5:fe:e6:ac:7a:37:fc:06:6c:32:52:58:f8:6f:50:
d2:ba:f6:de:d7:99:fb:ef:c5:33:84:f4:2f:a9:e2:
50:21:b4:38:b3:19:b4:8f:44:81:bf:81:88:74:80:
39:a4:21:10:ac:d0:6d:55:df:13:e6:d8:8d:2b:ae:
92:80:d6:4c:da:5d:4d:0b:35:16:7d:e1:25:a0:9d:
31:4a:37:57:3f:2c:75:0e:5d:c4:f0:fb:f3:14:97:
89:95:85:e4:68:77:44:6b:5b:b9:48:4f:96:32:11:
4c:4f:bb:3e:27:30:15:f5:09:e3:fa:01:d6:3d:0e:
c9:a7:c5:5f:f2:c4:d8:15:79:bb:cd:dd:9b:3d:6b:
d8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:EC:D9:A2:F2:68:16:82:F6:AE:01:7E:5A:9C:AD:BB:AB:B5:21
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KpPs2aLyaBaC9q4BflqcrburtSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.181.0.0-92.181.42.255
92.181.48.0-92.181.101.255
IPv6:
2a01:c8c0::/28
Signature Algorithm: sha256WithRSAEncryption
6e:92:53:08:7b:32:0c:8e:2d:b7:7c:99:c6:b7:21:10:68:f2:
ac:0a:16:dc:d7:ca:fd:6f:09:01:c3:4c:a5:7c:38:ed:21:d5:
a8:11:5d:e2:b1:f8:fb:c1:6c:c2:06:c8:ba:d3:a8:fa:ef:f1:
9b:fd:03:3e:5a:34:37:90:b6:a1:1a:b3:ab:3c:db:7d:c4:8b:
e5:37:41:b2:fb:84:8a:c5:5f:ed:a1:f3:b0:67:c6:df:2f:e8:
61:dc:f5:c6:93:1d:6a:37:5b:97:df:e7:9a:09:99:51:ef:a9:
80:12:1b:cf:b3:7f:01:33:53:10:45:83:07:c7:f7:b2:a4:92:
58:d6:7b:2d:1f:99:16:ae:a4:1d:53:65:43:20:9b:c7:12:07:
79:cf:ec:e8:6e:8f:d8:8f:19:c8:2d:d7:49:7b:88:bf:d1:76:
98:1b:42:6c:04:a8:ff:8b:17:58:c7:6b:b0:ed:4a:5d:47:a3:
70:32:0d:62:9e:19:42:1b:68:17:16:3d:5f:66:96:f0:76:13:
f2:c4:64:f6:d4:81:c6:60:49:81:51:ed:f1:19:55:db:7e:70:
68:cb:f4:af:0c:f8:59:1e:4e:40:12:25:fd:a0:8b:7e:85:81:
6f:53:2b:bd:8f:d0:60:0d:7d:c0:4d:fa:4c:b6:b1:09:60:b0:
95:96:11:52
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQg1aqtlmfsy7XX93gD+I4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzZWNkOWEyZjI2ODE2ODJmNmFlMDE3ZTVhOWNhZGJiYWJiNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aM4R36sHphIzs6nySBXrcDa+2CS
sxwDYDHBdWPQgTU5GJJlIPobg+Q5Z9MRNy5qzorMBso9K1IIjcy4pfXkX1JlVgJW
5WstUpNRQG8oU03HDYV8S0tYQNWtPjfCnk1RYcSakw2ScBW6w6vnwWy6HNaygqOm
Q/r1/uasejf8BmwyUlj4b1DSuvbe15n778UzhPQvqeJQIbQ4sxm0j0SBv4GIdIA5
pCEQrNBtVd8T5tiNK66SgNZM2l1NCzUWfeEloJ0xSjdXPyx1Dl3E8PvzFJeJlYXk
aHdEa1u5SE+WMhFMT7s+JzAV9Qnj+gHWPQ7Jp8Vf8sTYFXm7zd2bPWvYnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCqT7Nmi8mgWgvauAX5anK27q7UhMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvS3BQczJhTHlhQmFDOXE0QmZscWNyYnVydFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbMAsDAwBctQME
AFy1KjAMAwQEXLUwAwQBXLVkMA0EAgACMAcDBQQqAcjAMA0GCSqGSIb3DQEBCwUA
A4IBAQBuklMIezIMji23fJnGtyEQaPKsChbc18r9bwkBw0ylfDjtIdWoEV3isfj7
wWzCBsi606j67/Gb/QM+WjQ3kLahGrOrPNt9xIvlN0Gy+4SKxV/tofOwZ8bfL+hh
3PXGkx1qN1uX3+eaCZlR76mAEhvPs38BM1MQRYMHx/eypJJY1nstH5kWrqQdU2VD
IJvHEgd5z+zobo/YjxnILddJe4i/0XaYG0JsBKj/ixdYx2uw7UpdR6NwMg1inhlC
G2gXFj1fZpbwdhPyxGT21IHGYEmBUe3xGVXbfnBoy/SvDPhZHk5AEiX9oIt+hYFv
Uyu9j9BgDX3ATfpMtrEJYLCVlhFS
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:20:55 2025 by rpki-client