Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/KSXk6_QixsbQCQ2GK1YJYLuVams.roa
File: KSXk6_QixsbQCQ2GK1YJYLuVams.roa (raw, json)
Hash identifier: GDt7z9XLr1rCQ6h4J11cfytv5T2PRyRC5L305CX1O3M=
Subject key identifier: 29:25:E4:EB:F4:22:C6:C6:D0:09:0D:86:2B:56:09:60:BB:95:6A:6B
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 01956A88B84DB070783E693A2CF2988530CA
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/KSXk6_QixsbQCQ2GK1YJYLuVams.roa
Signing time: Thu 06 Mar 2025 08:18:19 +0000
ROA not before: Thu 06 Mar 2025 08:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 31.210.64.0/18 maxlen: 24
46.45.128.0/18 maxlen: 24
46.45.185.0/24 maxlen: 24
46.45.186.0/24 maxlen: 24
46.45.187.0/24 maxlen: 24
46.45.188.0/24 maxlen: 24
77.75.32.0/21 maxlen: 24
79.98.128.0/21 maxlen: 24
94.101.80.0/20 maxlen: 24
94.101.90.0/24 maxlen: 24
176.53.0.0/17 maxlen: 24
176.53.74.0/24 maxlen: 24
176.53.96.0/24 maxlen: 24
178.211.32.0/19 maxlen: 24
178.211.61.0/24 maxlen: 24
185.25.100.0/24 maxlen: 24
185.25.101.0/24 maxlen: 24
185.25.102.0/24 maxlen: 24
185.25.103.0/24 maxlen: 24
185.157.40.0/22 maxlen: 24
185.184.208.0/22 maxlen: 24
213.128.64.0/19 maxlen: 24
213.128.93.0/24 maxlen: 24
213.128.94.0/24 maxlen: 24
213.128.95.0/24 maxlen: 24
2a00:56a0::/32 maxlen: 48
2a01:790::/32 maxlen: 48
2a0b:5f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:88:b8:4d:b0:70:78:3e:69:3a:2c:f2:98:85:30:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Mar 6 08:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2925e4ebf422c6c6d0090d862b560960bb956a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:af:f2:21:40:8f:52:74:50:0e:be:34:db:a3:
d1:2d:ee:b7:f5:ec:b4:b2:85:34:23:1c:db:28:6e:
f7:0d:79:a0:f9:3f:6e:3c:8c:0e:1f:9b:b7:88:fc:
f0:2f:54:e8:ee:08:3c:12:f8:b7:ca:1c:da:fa:2d:
c2:39:0a:b0:88:97:93:34:d9:0d:71:5e:cb:73:c9:
41:0a:19:02:d1:81:41:a3:d3:a6:b5:fa:66:a5:46:
14:85:66:49:a1:9c:fa:3a:0b:1d:c7:c5:50:59:29:
e3:e9:cb:fb:7b:3f:37:e3:1e:a8:c5:1e:d7:5a:05:
9d:73:c8:73:11:a8:c8:52:9d:99:c6:9f:86:a4:73:
3f:77:ec:6c:3a:87:75:ca:7c:03:95:00:b0:12:e4:
10:94:b8:10:d9:c4:5c:f4:c0:09:f2:d2:8e:bc:2f:
f5:28:57:a8:b1:e5:cf:d3:9a:41:81:db:f2:f3:55:
62:9f:50:b5:56:3f:51:9b:d6:88:29:9c:b9:5a:a6:
77:cb:ee:4a:03:f9:de:56:65:3f:ff:0a:0c:38:a0:
f4:32:7a:77:da:27:e7:fc:9c:a5:c5:86:1c:cd:bc:
de:6c:25:0a:e9:46:06:5f:25:16:2f:ab:dc:0e:63:
75:b7:cd:eb:d7:c7:43:eb:09:6d:7a:28:75:a2:57:
92:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:25:E4:EB:F4:22:C6:C6:D0:09:0D:86:2B:56:09:60:BB:95:6A:6B
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/KSXk6_QixsbQCQ2GK1YJYLuVams.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.64.0/18
46.45.128.0/18
77.75.32.0/21
79.98.128.0/21
94.101.80.0/20
176.53.0.0/17
178.211.32.0/19
185.25.100.0/22
185.157.40.0/22
185.184.208.0/22
213.128.64.0/19
IPv6:
2a00:56a0::/32
2a01:790::/32
2a0b:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
25:8e:ac:cd:62:4f:65:3a:5e:1a:82:04:cd:b9:6d:a7:cd:22:
7b:54:02:93:1e:23:e1:d2:04:14:2c:f4:fe:6c:33:29:dd:38:
88:a1:4e:f1:7c:35:a8:c3:8a:32:7f:76:82:aa:db:9f:2e:ca:
1d:c3:95:62:3b:ec:1d:1e:13:09:fb:ec:7c:3d:53:4d:d8:02:
c2:53:dd:f6:06:ae:09:86:d1:0b:3e:ee:e2:6e:d1:0b:e1:63:
0c:99:d4:22:6a:4d:6c:27:54:f3:65:d4:42:12:c5:2c:81:9c:
93:fd:ce:0c:33:88:90:3f:6a:62:c0:a0:26:ba:38:6a:de:07:
e7:88:ac:2f:bc:78:87:d6:95:00:56:c9:dc:96:8d:af:73:8b:
37:35:b4:94:92:2f:27:be:10:1b:c0:a5:4c:44:a7:87:5d:67:
3e:63:9f:53:e9:4f:cc:93:b8:9a:49:c9:ba:8c:e6:a7:56:f1:
2c:1d:b5:ea:98:55:aa:b9:92:be:bc:5e:5c:e0:06:e1:1d:51:
c2:4b:7e:7e:c8:c0:64:5f:2b:70:f6:dc:da:c5:54:37:c6:aa:
8b:28:46:1a:64:96:63:9e:31:97:2a:21:7f:5c:d8:8d:60:24:
c4:40:73:2a:a1:5d:79:c0:a1:2f:22:9e:7e:ea:c9:f0:f4:30:
ee:88:69:52
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZVqiLhNsHB4Pmk6LPKYhTDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjUwMzA2MDgxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTI1ZTRlYmY0MjJjNmM2ZDAwOTBkODYyYjU2MDk2MGJiOTU2YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK/yIUCPUnRQDr4026PRLe639ey0
soU0IxzbKG73DXmg+T9uPIwOH5u3iPzwL1To7gg8Evi3yhza+i3COQqwiJeTNNkN
cV7Lc8lBChkC0YFBo9OmtfpmpUYUhWZJoZz6Ogsdx8VQWSnj6cv7ez834x6oxR7X
WgWdc8hzEajIUp2Zxp+GpHM/d+xsOod1ynwDlQCwEuQQlLgQ2cRc9MAJ8tKOvC/1
KFeoseXP05pBgdvy81Vin1C1Vj9Rm9aIKZy5WqZ3y+5KA/neVmU//woMOKD0Mnp3
2ifn/JylxYYczbzebCUK6UYGXyUWL6vcDmN1t83r18dD6wlteih1oleSzQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFCkl5Ov0IsbG0AkNhitWCWC7lWprMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvS1NYazZfUWl4c2JRQ1EyR0sxWUpZTHVWYW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGH9JAAwQG
Li2AAwQDTUsgAwQDT2KAAwQEXmVQAwQHsDUAAwQFstMgAwQCuRlkAwQCuZ0oAwQC
ubjQAwQF1YBAMBsEAgACMBUDBQAqAFagAwUAKgEHkAMFAyoLX0AwDQYJKoZIhvcN
AQELBQADggEBACWOrM1iT2U6XhqCBM25bafNIntUApMeI+HSBBQs9P5sMyndOIih
TvF8NajDijJ/doKq258uyh3DlWI77B0eEwn77Hw9U03YAsJT3fYGrgmG0Qs+7uJu
0QvhYwyZ1CJqTWwnVPNl1EISxSyBnJP9zgwziJA/amLAoCa6OGreB+eIrC+8eIfW
lQBWydyWja9zizc1tJSSLye+EBvApUxEp4ddZz5jn1PpT8yTuJpJybqM5qdW8Swd
teqYVaq5kr68XlzgBuEdUcJLfn7IwGRfK3D23NrFVDfGqosoRhpklmOeMZcqIX9c
2I1gJMRAcyqhXXnAoS8inn7qyfD0MO6IaVI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:30 2025 by rpki-client