Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kMts3hx-qWKJDtFLvIyyQmj1MsU.roa
File: kMts3hx-qWKJDtFLvIyyQmj1MsU.roa (raw, json)
Hash identifier: 1mgCcrqsDFQy+qo6HuaIVhE6BHRje2bNOQ89LKJX5P8=
Subject key identifier: 90:CB:6C:DE:1C:7E:A9:62:89:0E:D1:4B:BC:8C:B2:42:68:F5:32:C5
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019700937B6A478F8939A3E92A1285ACD5C5
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kMts3hx-qWKJDtFLvIyyQmj1MsU.roa
Signing time: Sat 24 May 2025 04:35:54 +0000
ROA not before: Sat 24 May 2025 04:35:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213807
IP address blocks: 37.202.224.0/22 maxlen: 24
37.202.228.0/22 maxlen: 24
37.202.232.0/22 maxlen: 24
37.202.236.0/22 maxlen: 24
37.202.240.0/23 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
94.182.101.0/24 maxlen: 24
94.182.104.0/22 maxlen: 24
94.182.108.0/24 maxlen: 24
94.182.128.0/23 maxlen: 24
94.182.131.0/24 maxlen: 24
94.182.134.0/24 maxlen: 24
94.182.136.0/23 maxlen: 24
94.182.145.0/24 maxlen: 24
94.182.147.0/24 maxlen: 24
94.182.149.0/24 maxlen: 24
94.182.150.0/24 maxlen: 24
94.182.152.0/24 maxlen: 24
94.182.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:00:93:7b:6a:47:8f:89:39:a3:e9:2a:12:85:ac:d5:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 24 04:35:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90cb6cde1c7ea962890ed14bbc8cb24268f532c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e0:50:a7:23:37:05:80:7c:b8:54:82:44:14:
c4:78:67:4c:34:8b:e3:0d:5c:80:8f:97:a0:ba:80:
31:3c:83:e3:43:2d:84:e8:58:75:16:ba:5f:41:bc:
f4:07:2f:88:e2:35:15:bf:e1:1b:63:e3:85:a1:08:
77:cc:60:e6:de:e0:b3:00:39:e3:3c:e3:1e:15:91:
15:f4:a4:42:33:00:e3:ac:6e:18:9b:31:5c:70:cb:
40:16:83:5f:ec:89:99:81:31:3e:d5:c0:51:8a:b2:
b1:76:d5:d6:6d:29:cc:97:44:92:d6:ab:a1:e4:30:
d8:7b:fd:85:f6:ee:67:b9:91:06:d2:f1:cb:0a:61:
27:df:ad:47:48:c0:3a:07:b7:47:2a:02:2d:9c:23:
ba:e0:f8:83:fc:5c:0f:2a:55:75:d1:f3:91:d0:c5:
3f:0b:04:72:3b:f8:95:d4:f5:ac:be:9d:d7:3a:0f:
03:2d:d0:cd:bd:7e:38:70:2d:3e:3b:39:ec:e7:86:
a4:0c:dd:ea:88:35:13:2e:24:eb:58:9b:fb:36:f0:
74:11:2b:82:4a:7d:aa:62:91:c0:14:64:2b:07:45:
44:33:a0:93:cb:bc:26:e1:db:0f:bf:a0:32:aa:f3:
77:2b:cd:dd:b5:10:49:d5:29:09:61:72:4d:fb:51:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CB:6C:DE:1C:7E:A9:62:89:0E:D1:4B:BC:8C:B2:42:68:F5:32:C5
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kMts3hx-qWKJDtFLvIyyQmj1MsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.224.0-37.202.242.255
94.182.101.0/24
94.182.104.0-94.182.108.255
94.182.128.0/23
94.182.131.0/24
94.182.134.0/24
94.182.136.0/23
94.182.145.0/24
94.182.147.0/24
94.182.149.0-94.182.150.255
94.182.152.0/24
94.182.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:a5:5f:99:36:b7:46:35:a6:3a:56:ea:be:2f:1f:b2:81:76:
87:83:9a:f1:69:db:76:52:2e:c5:ce:4e:11:bc:0f:92:bd:64:
42:71:93:ae:81:b1:53:23:29:00:fe:c3:1b:dc:1b:7c:90:78:
68:06:af:8a:5e:03:5d:e2:41:c0:4b:f6:da:db:a2:7c:35:c1:
6f:40:db:2c:99:25:41:58:ca:be:d1:e3:e3:5b:b3:f8:4a:9e:
45:58:fd:95:91:63:c0:1a:ae:56:52:ae:80:96:fa:fa:4f:e5:
a1:1a:76:7e:91:60:75:26:a6:1d:a8:f8:2c:41:44:5a:c8:46:
08:2d:d3:0f:2d:a7:3b:6b:1c:d8:d9:2e:50:1d:5a:40:41:82:
df:e2:3a:db:b3:fa:f1:22:24:dd:d4:f7:a2:d2:ef:ac:87:9b:
6b:de:f5:69:7b:f3:6f:00:8f:6c:f1:98:ee:57:78:c4:04:f2:
28:87:ab:64:c8:c8:e6:35:51:70:04:24:aa:e2:62:a4:24:fb:
86:4e:a3:c6:86:f3:4e:83:ff:fe:42:cf:a8:a7:b9:77:9b:bc:
6f:82:e0:95:27:ba:87:36:70:77:ba:83:54:25:1e:bf:da:66:
e5:83:1a:70:15:34:aa:72:67:9a:7a:a7:89:c1:f5:47:e8:cf:
3a:7b:6e:84
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZcAk3tqR4+JOaPpKhKFrNXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNTI0MDQzNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNiNmNkZTFjN2VhOTYyODkwZWQxNGJiYzhjYjI0MjY4ZjUzMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueBQpyM3BYB8uFSCRBTEeGdMNIvj
DVyAj5eguoAxPIPjQy2E6Fh1FrpfQbz0By+I4jUVv+EbY+OFoQh3zGDm3uCzADnj
POMeFZEV9KRCMwDjrG4YmzFccMtAFoNf7ImZgTE+1cBRirKxdtXWbSnMl0SS1quh
5DDYe/2F9u5nuZEG0vHLCmEn361HSMA6B7dHKgItnCO64PiD/FwPKlV10fOR0MU/
CwRyO/iV1PWsvp3XOg8DLdDNvX44cC0+Ozns54akDN3qiDUTLiTrWJv7NvB0ESuC
Sn2qYpHAFGQrB0VEM6CTy7wm4dsPv6AyqvN3K83dtRBJ1SkJYXJN+1EAlwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFJDLbN4cfqliiQ7RS7yMskJo9TLFMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEva010czNoeC1xV0tKRHRGTHZJeXlRbWoxTXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgMAwDBAUlyuAD
BAAlyvIDBABetmUwDAMEA162aAMEAF62bAMEAV62gAMEAF62gwMEAF62hgMEAV62
iAMEAF62kQMEAF62kzAMAwQAXraVAwQAXraWAwQAXraYAwQAXrbfMA0GCSqGSIb3
DQEBCwUAA4IBAQAqpV+ZNrdGNaY6Vuq+Lx+ygXaHg5rxadt2Ui7Fzk4RvA+SvWRC
cZOugbFTIykA/sMb3Bt8kHhoBq+KXgNd4kHAS/ba26J8NcFvQNssmSVBWMq+0ePj
W7P4Sp5FWP2VkWPAGq5WUq6Alvr6T+WhGnZ+kWB1JqYdqPgsQURayEYILdMPLac7
axzY2S5QHVpAQYLf4jrbs/rxIiTd1Pei0u+sh5tr3vVpe/NvAI9s8ZjuV3jEBPIo
h6tkyMjmNVFwBCSq4mKkJPuGTqPGhvNOg//+Qs+op7l3m7xvguCVJ7qHNnB3uoNU
JR6/2mblgxpwFTSqcmeaeqeJwfVH6M86e26E
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:57:19 2025 by rpki-client