Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/kLrHkvE4C0vYJ_I9mm47FT5Tbv0.roa
File: kLrHkvE4C0vYJ_I9mm47FT5Tbv0.roa (raw, json)
Hash identifier: wliDZ4/aTNMerRMfSzhrbSpYGq5mGBX1nX+LRd2XWsA=
Subject key identifier: 90:BA:C7:92:F1:38:0B:4B:D8:27:F2:3D:9A:6E:3B:15:3E:53:6E:FD
Certificate issuer: /CN=e6fc17bea555b6d38321f94028e515fba4fa74dc
Certificate serial: 019420D5CC4C527D9F7EA71046798A008E88
Authority key identifier: E6:FC:17:BE:A5:55:B6:D3:83:21:F9:40:28:E5:15:FB:A4:FA:74:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/kLrHkvE4C0vYJ_I9mm47FT5Tbv0.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205889
IP address blocks: 185.135.68.0/24 maxlen: 24
185.135.69.0/24 maxlen: 24
185.135.70.0/24 maxlen: 24
185.135.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:cc:4c:52:7d:9f:7e:a7:10:46:79:8a:00:8e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6fc17bea555b6d38321f94028e515fba4fa74dc
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90bac792f1380b4bd827f23d9a6e3b153e536efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:e4:48:26:af:70:9b:f4:8e:00:41:56:3c:
82:53:1d:0a:eb:a2:c1:1c:13:8e:05:4a:32:06:63:
09:af:b2:fd:1b:0c:c5:42:77:a8:58:7f:cc:9e:6e:
34:9d:97:8f:54:43:8d:23:57:26:22:7e:b7:99:43:
e3:40:1d:f6:59:ed:07:94:c6:c0:ff:cc:44:37:95:
28:78:7b:29:87:e6:e3:12:8e:51:69:78:0f:33:34:
4d:f4:5b:48:e7:e8:bc:3b:e4:be:d7:69:6a:de:da:
fe:a4:03:d3:1c:02:4e:5d:4e:aa:8c:4e:7e:0e:60:
ca:c8:28:97:9a:8d:71:d0:88:80:54:ef:66:71:44:
91:66:fb:a2:f5:31:c6:17:8a:87:4a:7d:41:e9:fc:
f1:7e:df:d2:1e:ff:fd:09:b5:cc:60:c6:b5:e8:de:
ee:41:7a:a1:e2:36:3e:f1:52:88:fc:09:5e:5f:a6:
31:d8:c6:18:c7:bd:94:76:07:8b:18:cb:90:13:e9:
64:31:28:d0:ce:f4:3f:51:89:5c:52:3a:e4:86:d6:
57:7d:8c:05:e9:11:74:7c:2e:52:04:1a:b9:08:f5:
5a:38:87:10:11:2d:9b:30:dc:62:2a:77:bf:b3:88:
47:75:ab:86:4d:01:73:8e:a6:35:06:7e:b9:92:07:
44:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BA:C7:92:F1:38:0B:4B:D8:27:F2:3D:9A:6E:3B:15:3E:53:6E:FD
X509v3 Authority Key Identifier:
keyid:E6:FC:17:BE:A5:55:B6:D3:83:21:F9:40:28:E5:15:FB:A4:FA:74:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/kLrHkvE4C0vYJ_I9mm47FT5Tbv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.68.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e1:2f:e2:c4:e0:03:7b:60:df:0c:97:cc:dc:97:bd:1b:fb:
0b:bd:d9:0a:27:cf:e9:bd:26:8a:c3:ac:6e:aa:41:ba:81:49:
cf:39:f9:da:cc:b9:30:5d:7d:9c:b2:36:2b:ee:36:00:3b:01:
04:76:a4:84:e2:cc:11:58:92:ea:25:91:57:40:d5:41:93:ab:
84:54:43:af:98:e1:ff:ac:e2:4a:f7:8f:c6:8c:91:bc:dc:5b:
ba:98:20:b9:9b:e0:15:c2:f4:50:63:71:82:6f:92:d3:1c:2d:
06:27:ae:bc:1e:ad:89:f4:c7:0c:32:95:95:75:fd:77:2f:65:
dc:74:60:6a:b3:ff:2c:29:92:11:20:46:27:8f:ef:df:6c:88:
77:41:2d:22:f1:dc:e8:6b:3a:d4:ef:85:88:03:ab:6d:3e:69:
f2:87:36:f3:30:06:b6:7c:69:5a:d5:4f:2c:bb:1e:f4:35:1b:
8d:aa:9d:3d:db:01:71:3a:99:85:3e:aa:2d:31:54:e5:db:fd:
e9:26:da:af:1d:d7:91:aa:c8:78:4a:2b:8a:1c:a5:2b:42:25:
e0:69:d4:06:40:11:09:4c:4e:c4:26:4a:21:26:11:e7:e9:5b:
83:12:9e:34:20:6a:4f:08:af:2b:fe:23:3a:05:d8:e5:38:f6:
bc:21:c6:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cxMUn2ffqcQRnmKAI6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmMxN2JlYTU1NWI2ZDM4MzIxZjk0MDI4ZTUxNWZiYTRm
YTc0ZGMwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJhYzc5MmYxMzgwYjRiZDgyN2YyM2Q5YTZlM2IxNTNlNTM2ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFTkSCavcJv0jgBBVjyCUx0K66LB
HBOOBUoyBmMJr7L9GwzFQneoWH/Mnm40nZePVEONI1cmIn63mUPjQB32We0HlMbA
/8xEN5UoeHsph+bjEo5RaXgPMzRN9FtI5+i8O+S+12lq3tr+pAPTHAJOXU6qjE5+
DmDKyCiXmo1x0IiAVO9mcUSRZvui9THGF4qHSn1B6fzxft/SHv/9CbXMYMa16N7u
QXqh4jY+8VKI/AleX6Yx2MYYx72UdgeLGMuQE+lkMSjQzvQ/UYlcUjrkhtZXfYwF
6RF0fC5SBBq5CPVaOIcQES2bMNxiKne/s4hHdauGTQFzjqY1Bn65kgdEWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJC6x5LxOAtL2CfyPZpuOxU+U279MB8GA1UdIwQY
MBaAFOb8F76lVbbTgyH5QCjlFfuk+nTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZ3WHZxVlZ0dE9ESWZsQUtPVVYtNlQ2ZE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMGQ0NjMtYTE3NC00ZjVkLWI0ZWUt
OTY5NjdmY2Q0MmU5LzEva0xySGt2RTRDMHZZSl9JOW1tNDdGVDVUYnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMGQ0NjMtYTE3NC00ZjVkLWI0ZWUtOTY5NjdmY2Q0MmU5
LzEvNXZ3WHZxVlZ0dE9ESWZsQUtPVVYtNlQ2ZE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYdEMA0G
CSqGSIb3DQEBCwUAA4IBAQCR4S/ixOADe2DfDJfM3Je9G/sLvdkKJ8/pvSaKw6xu
qkG6gUnPOfnazLkwXX2csjYr7jYAOwEEdqSE4swRWJLqJZFXQNVBk6uEVEOvmOH/
rOJK94/GjJG83Fu6mCC5m+AVwvRQY3GCb5LTHC0GJ668Hq2J9McMMpWVdf13L2Xc
dGBqs/8sKZIRIEYnj+/fbIh3QS0i8dzoazrU74WIA6ttPmnyhzbzMAa2fGla1U8s
ux70NRuNqp092wFxOpmFPqotMVTl2/3pJtqvHdeRqsh4SiuKHKUrQiXgadQGQBEJ
TE7EJkohJhHn6VuDEp40IGpPCK8r/iM6BdjlOPa8Icai
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:35:23 2025 by rpki-client