Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/kVcJYJ6Q63B4lKtQ5vKu6QeoxFU.roa
File: kVcJYJ6Q63B4lKtQ5vKu6QeoxFU.roa (raw, json)
Hash identifier: zBFFe6GTU3Rj12iW+TDrkgjiFgVWN+v43RC3XAW3nrQ=
Subject key identifier: 91:57:09:60:9E:90:EB:70:78:94:AB:50:E6:F2:AE:E9:07:A8:C4:55
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 0194221FD3621227422B1BB436AAB28341D7
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/kVcJYJ6Q63B4lKtQ5vKu6QeoxFU.roa
Signing time: Wed 01 Jan 2025 13:48:18 +0000
ROA not before: Wed 01 Jan 2025 13:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.96.0/20 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.102.0/24 maxlen: 24
94.228.103.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
94.228.107.0/24 maxlen: 24
94.228.108.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
185.251.52.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
2a00:e30::/41 maxlen: 41
2a00:e30:64::/64 maxlen: 64
2a00:e30:80::/41 maxlen: 64
2a00:e30:280::/41 maxlen: 41
2a00:e30:a00::/40 maxlen: 48
2a00:e30:2100::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:6900::/41 maxlen: 41
2a00:e30:ed00::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.mft
rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d3:62:12:27:42:2b:1b:b4:36:aa:b2:83:41:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Jan 1 13:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=915709609e90eb707894ab50e6f2aee907a8c455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:64:d9:19:87:ce:d5:57:54:22:f1:ed:dd:
7c:76:db:d7:9c:0e:9a:34:9a:63:32:92:e3:97:d0:
53:9c:a6:c9:f2:82:44:55:d8:44:56:17:32:bd:52:
be:3b:30:c1:f8:af:3e:ae:11:d7:9f:a3:0f:f2:93:
1a:03:b4:97:90:bf:17:56:1c:71:6f:51:44:ca:64:
4e:65:17:2b:04:f5:5f:9d:11:09:f0:e7:ac:95:2f:
ad:b1:a9:86:a6:4d:00:17:41:f6:b1:11:44:4f:36:
f0:b6:1d:99:04:6c:23:b7:b8:af:41:43:50:3a:95:
ff:ed:f0:9c:26:dc:df:98:c3:6f:6d:b4:95:66:39:
93:48:99:d9:b5:3c:5a:26:38:ea:35:d7:c5:28:2f:
62:05:cb:82:25:61:1f:95:56:3d:82:46:2e:6a:a7:
01:b0:13:04:8c:25:ab:d8:16:dc:92:ed:e9:6e:6a:
7b:0c:64:2a:fc:d2:7e:40:d3:79:bb:a7:54:19:07:
8c:da:de:41:b4:e6:dc:90:65:ad:01:86:f7:3e:54:
63:d4:de:88:88:cc:2f:f5:2f:8f:38:b6:6f:f3:32:
6d:01:93:77:ed:64:38:d3:da:b0:f1:6e:8f:18:f0:
f8:52:43:bb:a7:f1:d4:75:15:41:58:c1:60:fd:aa:
f8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:57:09:60:9E:90:EB:70:78:94:AB:50:E6:F2:AE:E9:07:A8:C4:55
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/kVcJYJ6Q63B4lKtQ5vKu6QeoxFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.52.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30::/40
2a00:e30:280::/41
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
3c:13:bd:18:f6:8f:6c:be:cf:63:f8:09:34:16:78:5d:18:e6:
79:3f:3d:16:b2:bc:b9:4f:06:86:c5:46:97:97:a6:7d:d2:57:
c9:09:21:2b:1c:6f:19:25:81:64:bb:f0:c1:79:54:58:c5:25:
1a:43:cf:56:22:83:a6:b7:21:5a:bb:3e:93:56:7b:ac:58:c7:
98:78:e9:88:9b:22:6b:46:d3:eb:4d:26:bd:c9:5f:62:c3:6e:
3f:69:d3:66:3d:14:a1:1a:86:6f:03:26:e3:91:44:8a:26:55:
bd:c6:ff:a8:a1:1d:1e:e9:6c:6f:a9:05:f1:41:79:3e:e8:63:
af:63:c3:d4:78:2d:38:e6:d2:3a:e9:f5:59:e4:a9:f1:b1:42:
05:8e:ee:ac:d1:97:08:0f:db:78:60:15:3b:e7:10:9f:63:87:
14:80:49:4c:5f:b2:b8:71:d3:5a:3c:34:44:ab:3f:2d:c8:15:
0c:b9:2c:a2:3e:90:7b:e6:45:25:62:32:aa:8c:15:6b:4c:e6:
c2:4c:90:f7:dd:54:35:28:94:31:c8:6c:c0:be:85:67:60:44:
92:14:b1:19:73:60:7a:56:b5:2c:b0:f1:e8:1c:b2:38:e0:23:
4e:a8:71:cb:a9:1a:4e:f1:70:a9:ea:16:2a:9d:77:8b:77:76:
f6:43:e8:6b
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZQiH9NiEidCKxu0Nqqyg0HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjUwMTAxMTM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU3MDk2MDllOTBlYjcwNzg5NGFiNTBlNmYyYWVlOTA3YThjNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf1k2RmHztVXVCLx7d18dtvXnA6a
NJpjMpLjl9BTnKbJ8oJEVdhEVhcyvVK+OzDB+K8+rhHXn6MP8pMaA7SXkL8XVhxx
b1FEymROZRcrBPVfnREJ8OeslS+tsamGpk0AF0H2sRFETzbwth2ZBGwjt7ivQUNQ
OpX/7fCcJtzfmMNvbbSVZjmTSJnZtTxaJjjqNdfFKC9iBcuCJWEflVY9gkYuaqcB
sBMEjCWr2Bbcku3pbmp7DGQq/NJ+QNN5u6dUGQeM2t5BtObckGWtAYb3PlRj1N6I
iMwv9S+POLZv8zJtAZN37WQ409qw8W6PGPD4UkO7p/HUdRVBWMFg/ar4mQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFJFXCWCekOtweJSrUObyrukHqMRVMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEva1ZjSllKNlE2M0I0bEt0UTV2S3U2UWVveEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwLAQCAAEwJgMEBF7kYAME
A5V+QDAMAwQCufs0AwQAufs2AwQAwcj5AwQAwqnGMEMEAgACMD0DBgAqAA4wAAMH
ByoADjACgAMGACoADjAKAwcHKgAOMCEAAwcHKgAOMDAAAwcHKgAOMGkAAwcHKgAO
MO0AMA0GCSqGSIb3DQEBCwUAA4IBAQA8E70Y9o9svs9j+Ak0FnhdGOZ5Pz0Wsry5
TwaGxUaXl6Z90lfJCSErHG8ZJYFku/DBeVRYxSUaQ89WIoOmtyFauz6TVnusWMeY
eOmImyJrRtPrTSa9yV9iw24/adNmPRShGoZvAybjkUSKJlW9xv+ooR0e6WxvqQXx
QXk+6GOvY8PUeC045tI66fVZ5KnxsUIFju6s0ZcID9t4YBU75xCfY4cUgElMX7K4
cdNaPDREqz8tyBUMuSyiPpB75kUlYjKqjBVrTObCTJD33VQ1KJQxyGzAvoVnYESS
FLEZc2B6VrUssPHoHLI44CNOqHHLqRpO8XCp6hYqnXeLd3b2Q+hr
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:59:51 2025 by rpki-client