Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/c9AU5dwP8sQuOBrK2TPaexkm-2w.roa
File: c9AU5dwP8sQuOBrK2TPaexkm-2w.roa (raw, json)
Hash identifier: rSgCsdAaOy2GK2SsQ0HASyv7OgScD7Kz2kXb5Hn5ibY=
Subject key identifier: 73:D0:14:E5:DC:0F:F2:C4:2E:38:1A:CA:D9:33:DA:7B:19:26:FB:6C
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0197204A6136DD6CFB8550249AE477789779
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/c9AU5dwP8sQuOBrK2TPaexkm-2w.roa
Signing time: Fri 30 May 2025 08:23:54 +0000
ROA not before: Fri 30 May 2025 08:23:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21107
IP address blocks: 62.101.144.0/21 maxlen: 21
81.93.92.0/24 maxlen: 24
89.111.225.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.38.0/23 maxlen: 23
94.250.38.0/24 maxlen: 24
94.250.40.0/22 maxlen: 22
94.250.44.0/22 maxlen: 22
94.250.48.0/21 maxlen: 24
94.250.56.0/22 maxlen: 24
94.250.68.0/22 maxlen: 22
94.250.88.0/21 maxlen: 24
94.250.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:4a:61:36:dd:6c:fb:85:50:24:9a:e4:77:78:97:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: May 30 08:23:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73d014e5dc0ff2c42e381acad933da7b1926fb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:fa:bd:2f:c1:1b:2b:75:a6:72:0d:53:bd:
a6:c3:ca:1f:95:0b:3e:af:54:22:16:cd:93:f8:3a:
d9:89:83:49:39:78:f2:fc:5c:f4:3e:3c:60:16:51:
c0:b9:ee:6f:24:6b:c7:64:a3:11:89:9c:c3:35:99:
b1:cc:c9:52:a1:fb:ce:b4:c7:81:4b:ff:63:36:31:
78:c3:6f:54:86:db:70:31:89:17:a1:61:b8:06:e0:
bf:ca:b0:d5:ca:13:34:50:d5:30:65:f0:60:ca:d7:
25:3e:14:ba:46:90:df:f0:ac:e5:48:44:a6:db:a9:
0b:2f:6c:a1:1a:f7:40:b1:fb:9c:51:45:71:ce:0a:
bb:58:6e:d0:76:3c:fc:11:2c:93:f6:e5:e9:16:2c:
2a:4b:1a:8d:19:e0:a8:f3:2e:1e:c3:19:28:cc:56:
f3:9c:f3:03:e0:78:c3:e8:1e:76:6a:cb:08:67:f2:
c0:aa:df:cc:4a:43:0b:04:ee:52:3c:88:47:2b:82:
14:f2:4e:50:5e:26:e1:0f:3d:b4:cc:13:e5:37:b0:
d0:8b:e2:fd:ab:b5:53:53:96:79:01:74:6e:ac:f3:
6c:55:c4:1d:ef:af:57:d4:39:32:7c:89:6e:fa:9e:
38:83:73:92:84:58:d3:ec:17:d7:34:26:b9:86:96:
96:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D0:14:E5:DC:0F:F2:C4:2E:38:1A:CA:D9:33:DA:7B:19:26:FB:6C
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/c9AU5dwP8sQuOBrK2TPaexkm-2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.101.144.0/21
81.93.92.0/24
89.111.225.0/24
94.250.37.0-94.250.59.255
94.250.68.0/22
94.250.88.0-94.250.111.255
Signature Algorithm: sha256WithRSAEncryption
c5:e7:45:ff:d8:32:31:ef:ed:cf:37:72:da:d2:3f:8d:1f:d9:
85:43:5b:0c:48:d9:3b:dd:1c:49:e5:76:ec:73:07:02:a4:7a:
61:2d:d8:3a:b9:39:05:2e:b8:41:88:c0:83:6a:45:ed:ce:80:
90:ee:a8:7f:1f:1d:4b:c5:db:8e:64:e0:80:10:63:84:c0:93:
c5:3a:34:4f:b7:2b:13:97:ce:fc:3c:16:6f:12:cc:ec:ab:2e:
eb:0a:3e:93:aa:49:23:e3:89:73:78:de:c1:14:33:55:1e:cf:
c8:cc:4f:c3:6d:59:9e:a0:8e:4c:92:8b:7e:c9:1b:fa:1b:ee:
7f:50:09:6f:f9:99:80:b1:35:66:d4:fc:41:8c:db:14:10:80:
4a:fb:4e:56:ee:6e:d8:37:9c:02:b5:1b:d0:ff:ca:aa:95:dc:
11:76:9d:0a:a9:70:50:df:fb:92:12:f5:01:dd:87:0a:d3:46:
e9:a6:36:18:cd:65:f8:d0:2d:76:fc:82:87:0d:fe:e1:bc:b7:
7e:40:63:e8:78:db:e4:ec:60:f0:db:6b:f4:62:00:b3:05:78:
5b:a9:83:c2:4e:75:56:45:b2:f1:33:c8:c3:5b:41:b1:31:a2:
59:34:2f:01:dc:83:cc:7a:27:83:27:cd:8c:00:6c:36:cd:d6:
21:cb:1f:6f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZcgSmE23Wz7hVAkmuR3eJd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjUwNTMwMDgyMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QwMTRlNWRjMGZmMmM0MmUzODFhY2FkOTMzZGE3YjE5MjZmYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjP6vS/BGyt1pnINU72mw8oflQs+
r1QiFs2T+DrZiYNJOXjy/Fz0PjxgFlHAue5vJGvHZKMRiZzDNZmxzMlSofvOtMeB
S/9jNjF4w29UhttwMYkXoWG4BuC/yrDVyhM0UNUwZfBgytclPhS6RpDf8KzlSESm
26kLL2yhGvdAsfucUUVxzgq7WG7Qdjz8ESyT9uXpFiwqSxqNGeCo8y4ewxkozFbz
nPMD4HjD6B52assIZ/LAqt/MSkMLBO5SPIhHK4IU8k5QXibhDz20zBPlN7DQi+L9
q7VTU5Z5AXRurPNsVcQd769X1DkyfIlu+p44g3OShFjT7BfXNCa5hpaW/wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHPQFOXcD/LELjgaytkz2nsZJvtsMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvYzlBVTVkd1A4c1F1T0JySzJUUGFleGttLTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQDPmWQAwQA
UV1cAwQAWW/hMAwDBABe+iUDBAJe+jgDBAJe+kQwDAMEA176WAMEBF76YDANBgkq
hkiG9w0BAQsFAAOCAQEAxedF/9gyMe/tzzdy2tI/jR/ZhUNbDEjZO90cSeV27HMH
AqR6YS3YOrk5BS64QYjAg2pF7c6AkO6ofx8dS8XbjmTggBBjhMCTxTo0T7crE5fO
/DwWbxLM7Ksu6wo+k6pJI+OJc3jewRQzVR7PyMxPw21ZnqCOTJKLfskb+hvuf1AJ
b/mZgLE1ZtT8QYzbFBCASvtOVu5u2DecArUb0P/KqpXcEXadCqlwUN/7khL1Ad2H
CtNG6aY2GM1l+NAtdvyChw3+4by3fkBj6Hjb5Oxg8Ntr9GIAswV4W6mDwk51VkWy
8TPIw1tBsTGiWTQvAdyDzHongyfNjABsNs3WIcsfbw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:29:43 2025 by rpki-client