Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KQ6w-Nuj6JmHB2urYIE6Ans5p4I.roa
File: KQ6w-Nuj6JmHB2urYIE6Ans5p4I.roa (raw, json)
Hash identifier: fzjlh3LYEJ5kpuFagOYGVsckJ7yJtkOgHTUEKjogNSQ=
Subject key identifier: 29:0E:B0:F8:DB:A3:E8:99:87:07:6B:AB:60:81:3A:02:7B:39:A7:82
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019720529EE0E08B12AAE0BF3209928D6BD2
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KQ6w-Nuj6JmHB2urYIE6Ans5p4I.roa
Signing time: Fri 30 May 2025 08:32:54 +0000
ROA not before: Fri 30 May 2025 08:32:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.1.0/24 maxlen: 24
193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.22.0/23 maxlen: 24
193.232.27.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.30.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:52:9e:e0:e0:8b:12:aa:e0:bf:32:09:92:8d:6b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: May 30 08:32:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=290eb0f8dba3e89987076bab60813a027b39a782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:91:8e:f1:41:21:d5:8f:5d:6a:f8:8a:51:6a:
df:ba:9a:8e:fb:04:ba:3a:ee:f7:02:a8:f3:09:b7:
16:c0:0a:4f:26:5f:15:55:34:9b:62:1f:a2:5f:b8:
5d:8d:fb:88:99:68:37:2d:a9:c7:a9:ed:20:28:c3:
5f:d3:24:b0:0d:04:86:01:59:e9:e5:8a:f6:02:5b:
f2:5b:ea:9c:91:9b:4b:ec:41:7e:5f:fe:27:e8:af:
ae:3b:cd:90:ec:ae:10:10:cd:de:72:74:ac:44:52:
ca:8b:e8:cb:1e:eb:84:8b:6f:f4:11:e2:55:81:a5:
b8:9d:ec:3d:7e:ae:58:5d:79:ac:c7:83:47:2b:5d:
7c:21:93:91:9c:d4:a5:16:6f:2d:91:30:1c:da:9b:
14:90:55:5a:43:23:af:55:6b:ec:a6:c4:1a:12:b0:
d0:ea:c7:a8:db:60:5e:ab:e5:4a:07:aa:78:9f:3f:
cd:d7:2c:14:5c:d3:8c:e3:31:0a:39:48:b5:c2:9e:
22:34:fe:75:e7:55:dd:d9:3c:41:08:bf:b7:15:8e:
a3:5f:d6:16:ed:65:a7:8d:c1:1f:c0:63:29:d7:e3:
0f:c8:4b:76:25:1b:4f:9c:01:05:cc:78:89:17:b4:
45:a1:cf:51:e9:94:ac:20:82:02:76:0e:ed:5e:13:
39:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0E:B0:F8:DB:A3:E8:99:87:07:6B:AB:60:81:3A:02:7B:39:A7:82
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KQ6w-Nuj6JmHB2urYIE6Ans5p4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.1.0-193.232.4.255
193.232.6.0/24
193.232.8.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.22.0/23
193.232.27.0-193.232.28.255
193.232.30.0/23
193.232.192.0-193.232.197.255
193.232.207.0/24
193.232.212.0/24
193.232.218.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:4f:55:5e:0b:8b:d0:76:4e:37:34:47:2b:cd:80:5f:39:8b:
10:21:53:88:58:dd:58:36:69:5f:5e:6d:b8:88:9a:a4:05:29:
0d:e6:1f:37:58:e0:11:bc:1f:41:dd:c1:a1:b9:b6:df:e9:6b:
54:f3:80:29:26:bf:07:3a:45:83:e1:de:fe:c2:96:91:ba:8b:
98:ad:b0:bc:4b:cd:4d:14:a6:bc:6d:f9:c3:95:07:b0:d0:7b:
7d:4d:e9:b0:3e:eb:87:c4:83:7e:10:5d:80:83:ac:77:bd:f1:
bf:55:f4:b0:7e:ce:63:bb:75:71:ad:f9:00:fb:cd:d9:98:3f:
67:bd:b1:e0:c4:5c:3e:fe:c3:41:84:b8:ab:23:d5:51:ad:c7:
f9:74:d6:d6:96:91:26:20:a5:d6:41:58:92:3e:09:bf:ec:4e:
25:da:04:85:e6:8c:e8:27:c9:79:f9:58:6f:f5:14:ee:c4:0d:
46:d0:4c:ff:49:46:2a:e9:d5:03:7e:e7:d1:44:51:0a:38:59:
18:43:c9:3a:5d:2b:52:f1:8d:66:80:ad:f0:c3:60:7c:ad:57:
d2:bd:0a:3b:0a:db:51:1e:59:1d:db:ad:e1:33:70:e4:6a:30:
b0:49:b3:75:f4:04:fb:c9:26:9a:83:0d:2a:94:ee:6d:51:88:
96:2a:7e:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZcgUp7g4IsSquC/MgmSjWvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNTMwMDgzMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBlYjBmOGRiYTNlODk5ODcwNzZiYWI2MDgxM2EwMjdiMzlhNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJGO8UEh1Y9daviKUWrfupqO+wS6
Ou73AqjzCbcWwApPJl8VVTSbYh+iX7hdjfuImWg3LanHqe0gKMNf0ySwDQSGAVnp
5Yr2AlvyW+qckZtL7EF+X/4n6K+uO82Q7K4QEM3ecnSsRFLKi+jLHuuEi2/0EeJV
gaW4new9fq5YXXmsx4NHK118IZORnNSlFm8tkTAc2psUkFVaQyOvVWvspsQaErDQ
6seo22Beq+VKB6p4nz/N1ywUXNOM4zEKOUi1wp4iNP5151Xd2TxBCL+3FY6jX9YW
7WWnjcEfwGMp1+MPyEt2JRtPnAEFzHiJF7RFoc9R6ZSsIIICdg7tXhM5vwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCkOsPjbo+iZhwdrq2CBOgJ7OaeCMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvS1E2dy1OdWo2Sm1IQjJ1cllJRTZBbnM1cDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAMAwQAwegB
AwQAwegEAwQAwegGMAwDBAPB6AgDBAHB6AwDBADB6BEDBADB6BMDBAHB6BYwDAME
AMHoGwMEAMHoHAMEAcHoHjAMAwQGwejAAwQBwejEAwQAwejPAwQAwejUAwQBweja
MA0GCSqGSIb3DQEBCwUAA4IBAQAKT1VeC4vQdk43NEcrzYBfOYsQIVOIWN1YNmlf
Xm24iJqkBSkN5h83WOARvB9B3cGhubbf6WtU84ApJr8HOkWD4d7+wpaRuouYrbC8
S81NFKa8bfnDlQew0Ht9TemwPuuHxIN+EF2Ag6x3vfG/VfSwfs5ju3VxrfkA+83Z
mD9nvbHgxFw+/sNBhLirI9VRrcf5dNbWlpEmIKXWQViSPgm/7E4l2gSF5ozoJ8l5
+Vhv9RTuxA1G0Ez/SUYq6dUDfufRRFEKOFkYQ8k6XStS8Y1mgK3ww2B8rVfSvQo7
CttRHlkd263hM3DkajCwSbN19AT7ySaagw0qlO5tUYiWKn49
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:49:54 2025 by rpki-client