Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/krks6C9REj8M_gHzn6hFi3S_Skg.roa
File: krks6C9REj8M_gHzn6hFi3S_Skg.roa (raw, json)
Hash identifier: GygsjxyP//HYKQINGkFpfbyTmj1FmIDGcflx1a5rTfo=
Subject key identifier: 92:B9:2C:E8:2F:51:12:3F:0C:FE:01:F3:9F:A8:45:8B:74:BF:4A:48
Certificate issuer: /CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Certificate serial: 0194236A38812F4F7043625D852B762643E3
Authority key identifier: C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/krks6C9REj8M_gHzn6hFi3S_Skg.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52155
IP address blocks: 178.21.44.0/24 maxlen: 24
178.21.45.0/24 maxlen: 24
178.21.46.0/24 maxlen: 24
178.21.47.0/24 maxlen: 24
2a01:9800:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/xqvTc8xZUGDxozB2tT4RYlEsPNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/xqvTc8xZUGDxozB2tT4RYlEsPNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 13:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:38:81:2f:4f:70:43:62:5d:85:2b:76:26:43:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92b92ce82f51123f0cfe01f39fa8458b74bf4a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:6a:ff:c9:ec:22:f8:5f:2e:9d:74:84:f6:
40:98:56:c8:d2:8d:07:df:1e:52:8b:95:33:e9:99:
b7:86:0f:1e:59:c4:eb:01:1b:ea:37:42:5b:24:2e:
3b:91:40:e5:34:ac:72:22:f4:9f:a5:8a:bb:cc:fd:
24:c1:7c:a8:22:91:cc:5c:a5:27:e6:07:0f:cc:08:
ee:ac:5f:c0:fa:58:3d:cf:ca:b8:4e:1f:aa:5c:4b:
3a:5e:b0:48:ef:4f:38:ea:58:c4:6e:03:47:76:c1:
14:e5:ce:dc:00:53:ef:8c:87:2e:a8:af:39:26:dc:
c8:4c:1d:b9:41:de:86:ac:07:82:55:11:27:72:88:
74:b2:7c:8d:e7:d7:48:32:fa:f0:c7:48:85:27:a4:
3f:88:2c:7c:f7:1d:e9:4c:68:fc:1d:fe:cd:89:e5:
01:86:16:5a:bc:76:f1:d7:7d:3a:05:06:f2:52:31:
6d:87:a5:3e:83:1b:31:c7:42:03:36:d8:4f:2c:ad:
ee:99:55:89:58:bf:43:e4:2d:ce:09:07:db:3f:86:
34:2a:42:e9:70:85:34:7d:72:24:b4:3c:ea:a8:04:
1c:a9:9c:d4:e8:0e:12:4a:fa:67:d9:5b:b1:90:ac:
69:7b:b6:95:8c:2b:2c:7e:8d:49:ae:56:84:b1:a5:
93:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:2C:E8:2F:51:12:3F:0C:FE:01:F3:9F:A8:45:8B:74:BF:4A:48
X509v3 Authority Key Identifier:
keyid:C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/krks6C9REj8M_gHzn6hFi3S_Skg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/xqvTc8xZUGDxozB2tT4RYlEsPNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.44.0/22
IPv6:
2a01:9800:8000::/36
Signature Algorithm: sha256WithRSAEncryption
38:d9:ce:7a:fe:69:61:be:b7:43:85:f3:75:97:ae:91:28:5e:
71:73:46:57:b7:b4:48:5a:17:d7:11:e4:79:52:99:76:eb:e9:
58:b3:b7:08:1f:16:62:d7:00:17:38:10:70:4e:49:c6:8a:c4:
93:ff:26:63:a9:5c:40:fc:3c:a9:38:20:a6:94:25:e3:7d:03:
1d:e5:46:8c:80:a6:38:c2:93:e4:d9:f7:7e:fe:d9:a4:ba:f8:
bf:6e:1f:dd:2d:1b:c7:39:d7:1b:cf:b4:c2:0e:b1:e0:da:5c:
b2:68:5d:0d:a6:0f:d2:b1:a1:3c:73:b1:6f:8a:9d:4b:cc:08:
d3:b8:ed:22:cc:dd:e9:74:72:85:e7:6e:a4:f7:77:cf:4b:89:
d4:4d:43:a6:c7:3a:3f:6c:f5:31:7d:40:6b:6a:b2:dd:89:01:
50:fc:a4:0c:17:bc:02:11:b4:68:1a:a2:ed:65:43:ec:bb:cd:
ae:01:84:40:58:6a:82:59:cd:af:35:bd:f4:80:95:5f:31:3b:
9b:70:fa:e4:39:e4:43:6d:79:20:c0:8d:14:7b:2c:1f:92:e0:
8a:c0:54:29:19:4d:21:c2:bd:74:1e:83:47:ee:51:18:f5:e9:
87:0d:d9:79:91:e7:8a:28:34:5a:f9:fa:9b:68:e1:2c:d6:a3:
d0:d6:f5:7b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQjajiBL09wQ2JdhSt2JkPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWJkMzczY2M1OTUwNjBmMWEzMzA3NmI1M2UxMTYyNTEy
YzNjZDcwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI5MmNlODJmNTExMjNmMGNmZTAxZjM5ZmE4NDU4Yjc0YmY0YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisxq/8nsIvhfLp10hPZAmFbI0o0H
3x5Si5Uz6Zm3hg8eWcTrARvqN0JbJC47kUDlNKxyIvSfpYq7zP0kwXyoIpHMXKUn
5gcPzAjurF/A+lg9z8q4Th+qXEs6XrBI70846ljEbgNHdsEU5c7cAFPvjIcuqK85
JtzITB25Qd6GrAeCVREncoh0snyN59dIMvrwx0iFJ6Q/iCx89x3pTGj8Hf7NieUB
hhZavHbx1306BQbyUjFth6U+gxsxx0IDNthPLK3umVWJWL9D5C3OCQfbP4Y0KkLp
cIU0fXIktDzqqAQcqZzU6A4SSvpn2VuxkKxpe7aVjCssfo1JrlaEsaWTBQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJK5LOgvURI/DP4B85+oRYt0v0pIMB8GA1UdIwQY
MBaAFMar03PMWVBg8aMwdrU+EWJRLDzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHF2VGM4eFpVR0R4b3pCMnRUNFJZbEVzUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kZDJjZGQtOTY4NC00MWNhLTgwMTUt
OWYxNTBjOGVhOTcxLzEva3JrczZDOVJFajhNX2dIem42aEZpM1NfU2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kZDJjZGQtOTY4NC00MWNhLTgwMTUtOWYxNTBjOGVhOTcx
LzEveHF2VGM4eFpVR0R4b3pCMnRUNFJZbEVzUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCshUsMA4E
AgACMAgDBgQqAZgAgDANBgkqhkiG9w0BAQsFAAOCAQEAONnOev5pYb63Q4XzdZeu
kShecXNGV7e0SFoX1xHkeVKZduvpWLO3CB8WYtcAFzgQcE5JxorEk/8mY6lcQPw8
qTggppQl430DHeVGjICmOMKT5Nn3fv7ZpLr4v24f3S0bxznXG8+0wg6x4Npcsmhd
DaYP0rGhPHOxb4qdS8wI07jtIszd6XRyhedupPd3z0uJ1E1Dpsc6P2z1MX1Aa2qy
3YkBUPykDBe8AhG0aBqi7WVD7LvNrgGEQFhqglnNrzW99ICVXzE7m3D65DnkQ215
IMCNFHssH5LgisBUKRlNIcK9dB6DR+5RGPXphw3ZeZHniig0Wvn6m2jhLNaj0Nb1
ew==
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:59 2025 by rpki-client