Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KcWyo6HDH_f-Oalgo-AMzFyAZhU.roa
File: KcWyo6HDH_f-Oalgo-AMzFyAZhU.roa (raw, json)
Hash identifier: lf0GIwDADpEwI5JyEJwH/aQKBfcwZ4TLIhoTMR/zw40=
Subject key identifier: 29:C5:B2:A3:A1:C3:1F:F7:FE:39:A9:60:A3:E0:0C:CC:5C:80:66:15
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 0196E850181AE9C6600DE41F7C7214B62E2A
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KcWyo6HDH_f-Oalgo-AMzFyAZhU.roa
Signing time: Mon 19 May 2025 11:31:25 +0000
ROA not before: Mon 19 May 2025 11:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50340
IP address blocks: 81.30.105.0/24 maxlen: 24
95.215.56.0/24 maxlen: 24
121.127.37.0/24 maxlen: 24
185.28.85.0/24 maxlen: 24
185.56.162.0/24 maxlen: 24
194.164.245.0/24 maxlen: 24
202.49.176.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
203.31.40.0/24 maxlen: 24
2a13:d207::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:50:18:1a:e9:c6:60:0d:e4:1f:7c:72:14:b6:2e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: May 19 11:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29c5b2a3a1c31ff7fe39a960a3e00ccc5c806615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:ec:9d:3b:4d:9e:7b:22:4f:50:e9:46:1d:
6a:71:11:18:87:ce:c0:6b:2b:74:9b:ed:0e:37:61:
c6:1a:5b:4e:73:7e:09:69:ed:68:3e:9f:a9:ff:e9:
d2:65:df:4a:b1:12:06:a8:ca:4c:37:71:40:de:24:
4b:bd:f5:e0:a8:16:db:ad:ef:2c:7d:ba:41:fb:79:
a8:05:9e:28:e7:e8:bf:34:82:c2:52:0e:df:38:94:
d7:cc:9b:67:39:d1:9f:93:0d:ce:56:e4:2b:82:c5:
88:c1:1a:66:2d:a3:84:f9:c7:9c:00:80:ea:4e:6e:
89:3f:b3:f1:59:24:c1:d5:ed:aa:c3:e4:ac:f9:c2:
95:68:19:e7:09:a0:e5:1f:f2:24:b2:da:20:81:21:
a3:94:82:23:06:a2:ff:89:90:f2:e7:62:80:bf:71:
cc:65:e8:f0:9a:1b:50:9a:09:5f:6c:7e:e0:40:d3:
6c:9a:10:de:4b:81:78:05:8f:6f:0c:c9:56:58:64:
1a:9c:76:2e:ed:43:6a:32:00:0e:d9:cf:e9:d4:4f:
97:64:cf:2e:09:18:c4:24:25:2b:d3:3c:eb:1e:93:
b6:5b:0c:0e:bf:ab:28:2e:a7:e8:3e:37:90:c6:22:
c5:35:1e:19:46:c1:4b:b3:08:c5:9b:ba:f0:28:b3:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C5:B2:A3:A1:C3:1F:F7:FE:39:A9:60:A3:E0:0C:CC:5C:80:66:15
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KcWyo6HDH_f-Oalgo-AMzFyAZhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.105.0/24
95.215.56.0/24
121.127.37.0/24
185.28.85.0/24
185.56.162.0/24
194.164.245.0/24
202.49.176.0/24
202.181.148.0/24
203.31.40.0/24
IPv6:
2a13:d207::/32
Signature Algorithm: sha256WithRSAEncryption
56:51:3f:5f:06:a4:91:1e:a5:fe:2e:30:e8:08:63:11:ae:ae:
dd:ce:1f:9d:e5:07:48:b7:65:be:eb:7f:eb:ab:a9:f5:c3:08:
5a:60:95:8b:80:c9:e8:0b:05:cd:93:8b:57:67:bb:d9:f6:d1:
96:38:1e:c7:7c:a5:e2:de:24:88:3a:14:b5:db:69:f6:78:1a:
a8:f7:5c:02:ca:72:de:40:30:32:6c:92:99:f4:d9:94:ea:49:
b2:9f:19:fa:93:35:83:4b:d0:49:d2:6c:70:39:b6:69:64:ac:
3d:1a:4f:3f:37:e4:57:dd:4f:e0:e3:fb:30:f0:ba:95:43:8e:
d9:d5:07:e0:bf:33:0a:2d:0d:02:fb:ec:d8:30:3e:1a:9c:e9:
b4:5b:a5:c9:c1:cd:04:07:01:e9:cf:13:11:4c:c5:dc:6c:4c:
05:d1:d5:c6:02:02:bc:c3:b0:c8:1c:0e:a4:b3:51:fa:8b:2b:
47:c1:d2:93:2a:de:f3:58:30:d3:f1:3f:75:9b:f1:51:66:16:
30:a7:18:f8:35:49:48:97:33:88:ed:b0:8c:4f:d6:1f:4a:4e:
18:eb:57:8f:20:61:d1:63:17:27:08:41:c4:50:1c:6e:eb:b8:
51:e5:48:bc:66:f7:d0:3b:20:f0:4d:c0:9b:4e:31:74:1a:c9:
29:85:f7:51
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZboUBga6cZgDeQffHIUti4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjUwNTE5MTEzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM1YjJhM2ExYzMxZmY3ZmUzOWE5NjBhM2UwMGNjYzVjODA2NjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PLsnTtNnnsiT1DpRh1qcREYh87A
ayt0m+0ON2HGGltOc34Jae1oPp+p/+nSZd9KsRIGqMpMN3FA3iRLvfXgqBbbre8s
fbpB+3moBZ4o5+i/NILCUg7fOJTXzJtnOdGfkw3OVuQrgsWIwRpmLaOE+cecAIDq
Tm6JP7PxWSTB1e2qw+Ss+cKVaBnnCaDlH/IkstoggSGjlIIjBqL/iZDy52KAv3HM
ZejwmhtQmglfbH7gQNNsmhDeS4F4BY9vDMlWWGQanHYu7UNqMgAO2c/p1E+XZM8u
CRjEJCUr0zzrHpO2WwwOv6soLqfoPjeQxiLFNR4ZRsFLswjFm7rwKLMlTwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCnFsqOhwx/3/jmpYKPgDMxcgGYVMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvS2NXeW82SERIX2YtT2FsZ28tQU16RnlBWmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAUR5pAwQA
X9c4AwQAeX8lAwQAuRxVAwQAuTiiAwQAwqT1AwQAyjGwAwQAyrWUAwQAyx8oMA0E
AgACMAcDBQAqE9IHMA0GCSqGSIb3DQEBCwUAA4IBAQBWUT9fBqSRHqX+LjDoCGMR
rq7dzh+d5QdIt2W+63/rq6n1wwhaYJWLgMnoCwXNk4tXZ7vZ9tGWOB7HfKXi3iSI
OhS122n2eBqo91wCynLeQDAybJKZ9NmU6kmynxn6kzWDS9BJ0mxwObZpZKw9Gk8/
N+RX3U/g4/sw8LqVQ47Z1QfgvzMKLQ0C++zYMD4anOm0W6XJwc0EBwHpzxMRTMXc
bEwF0dXGAgK8w7DIHA6ks1H6iytHwdKTKt7zWDDT8T91m/FRZhYwpxj4NUlIlzOI
7bCMT9YfSk4Y61ePIGHRYxcnCEHEUBxu67hR5Ui8ZvfQOyDwTcCbTjF0GskphfdR
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:55:45 2025 by rpki-client