Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/K0VVkly9aNi0yGL2uwtJHWinFa0.roa
File: K0VVkly9aNi0yGL2uwtJHWinFa0.roa (raw, json)
Hash identifier: gUjyIMB+jt8lh1mExnA7oGVCKt6v3R2m9uw5LrUvVCY=
Subject key identifier: 2B:45:55:92:5C:BD:68:D8:B4:C8:62:F6:BB:0B:49:1D:68:A7:15:AD
Certificate issuer: /CN=3d563e205ad217433709b200a0dcd30c70961c96
Certificate serial: 019425216277FAE48E745FC191ADAA9E0BAA
Authority key identifier: 3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/K0VVkly9aNi0yGL2uwtJHWinFa0.roa
Signing time: Thu 02 Jan 2025 03:48:52 +0000
ROA not before: Thu 02 Jan 2025 03:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34612
IP address blocks: 91.215.148.0/22 maxlen: 22
141.138.216.0/21 maxlen: 21
178.20.56.0/21 maxlen: 21
185.50.208.0/22 maxlen: 22
2a03:5380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:62:77:fa:e4:8e:74:5f:c1:91:ad:aa:9e:0b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d563e205ad217433709b200a0dcd30c70961c96
Validity
Not Before: Jan 2 03:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b4555925cbd68d8b4c862f6bb0b491d68a715ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:df:ae:18:bb:52:32:71:e2:4b:14:77:0d:
a8:6f:cc:08:12:72:48:c7:d7:29:80:03:a2:95:38:
31:48:53:f4:10:9c:d3:2e:64:c7:cf:cd:fc:a1:8f:
c9:24:99:b5:8d:e9:36:15:08:a1:37:2b:b4:68:5d:
00:e8:4a:7c:94:41:35:23:72:ed:f9:79:cb:21:af:
5b:0f:26:94:59:a8:aa:dd:ba:15:34:fc:f6:42:c5:
41:5d:40:ce:38:a3:08:05:b3:ff:3c:c0:4f:b9:3c:
f9:58:f2:92:2b:8d:6c:65:05:3d:a3:a4:1e:80:15:
f2:13:2c:46:69:25:ea:e8:ba:06:d7:df:73:6b:98:
44:4b:c5:3f:fa:a5:48:a2:b8:fc:4d:8c:ff:13:e7:
ff:a7:59:78:d5:17:e1:1c:bc:60:a5:d4:6d:2d:a2:
cd:b0:a9:70:ba:ef:21:37:34:1d:46:ca:19:3a:fa:
6c:14:5c:02:5b:4f:24:92:fa:fb:b7:d0:c7:83:60:
d3:83:88:53:43:03:54:2c:bd:8e:06:44:85:5a:86:
ea:24:8d:39:0f:5b:27:3b:8c:59:9e:15:c8:95:34:
c7:f5:93:51:de:b8:87:36:34:55:6f:a4:66:b7:ce:
b8:dd:f7:df:d0:f3:ad:b4:22:b7:45:12:df:b2:5b:
39:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:55:92:5C:BD:68:D8:B4:C8:62:F6:BB:0B:49:1D:68:A7:15:AD
X509v3 Authority Key Identifier:
keyid:3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/K0VVkly9aNi0yGL2uwtJHWinFa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.148.0/22
141.138.216.0/21
178.20.56.0/21
185.50.208.0/22
IPv6:
2a03:5380::/32
Signature Algorithm: sha256WithRSAEncryption
7b:01:fa:cf:f2:89:04:b3:99:11:ce:6a:60:e8:83:13:53:4e:
66:8f:69:9c:e0:50:31:3d:ec:5d:d7:67:3c:07:06:0a:41:28:
b7:31:a1:90:30:2c:bd:0d:99:37:c4:65:c2:60:8a:73:44:0d:
7e:6b:59:76:65:b8:88:ca:1e:52:4f:07:cb:15:01:b4:26:96:
22:e6:ac:5e:94:61:61:0f:93:da:85:b6:21:f7:98:2c:d1:4b:
07:8a:0b:8d:6e:dc:17:eb:27:fa:a8:83:a9:a7:a1:1d:e0:6a:
4a:f9:7d:f2:fe:e0:2b:69:30:dc:c4:df:42:5c:ab:5c:58:da:
97:a0:de:bd:e5:a5:2b:29:00:fa:d7:c4:91:0b:43:b8:6f:dd:
da:3b:02:b7:98:f7:24:e1:95:ce:5f:83:18:25:25:41:86:a5:
0c:26:2d:ae:aa:52:5d:8d:d3:ce:d4:00:7f:f2:a2:84:9e:a3:
6d:00:b5:10:29:95:11:31:c2:ad:6f:d6:91:b8:f9:53:56:a0:
61:0f:72:5f:bd:80:3a:1b:a4:4a:1b:29:01:85:b0:fd:2e:0f:
bf:0d:6c:ca:43:b5:24:50:7c:1d:a4:77:a8:cf:39:dc:ff:4a:
ae:7e:62:22:28:4b:16:df:d7:b2:3f:92:b6:01:7c:96:f5:d2:
2b:f6:fd:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQlIWJ3+uSOdF/Bka2qnguqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTYzZTIwNWFkMjE3NDMzNzA5YjIwMGEwZGNkMzBjNzA5
NjFjOTYwHhcNMjUwMTAyMDM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ1NTU5MjVjYmQ2OGQ4YjRjODYyZjZiYjBiNDkxZDY4YTcxNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOTfrhi7UjJx4ksUdw2ob8wIEnJI
x9cpgAOilTgxSFP0EJzTLmTHz838oY/JJJm1jek2FQihNyu0aF0A6Ep8lEE1I3Lt
+XnLIa9bDyaUWaiq3boVNPz2QsVBXUDOOKMIBbP/PMBPuTz5WPKSK41sZQU9o6Qe
gBXyEyxGaSXq6LoG199za5hES8U/+qVIorj8TYz/E+f/p1l41RfhHLxgpdRtLaLN
sKlwuu8hNzQdRsoZOvpsFFwCW08kkvr7t9DHg2DTg4hTQwNULL2OBkSFWobqJI05
D1snO4xZnhXIlTTH9ZNR3riHNjRVb6Rmt8643fff0POttCK3RRLfsls5GwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCtFVZJcvWjYtMhi9rsLSR1opxWtMB8GA1UdIwQY
MBaAFD1WPiBa0hdDNwmyAKDc0wxwlhyWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2Njkt
ZTg0NGUyYzJlOWRhLzEvSzBWVmtseTlhTmkweUdMMnV3dEpIV2luRmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2NjktZTg0NGUyYzJlOWRh
LzEvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW9eUAwQD
jYrYAwQDshQ4AwQCuTLQMA0EAgACMAcDBQAqA1OAMA0GCSqGSIb3DQEBCwUAA4IB
AQB7AfrP8okEs5kRzmpg6IMTU05mj2mc4FAxPexd12c8BwYKQSi3MaGQMCy9DZk3
xGXCYIpzRA1+a1l2ZbiIyh5STwfLFQG0JpYi5qxelGFhD5PahbYh95gs0UsHiguN
btwX6yf6qIOpp6Ed4GpK+X3y/uAraTDcxN9CXKtcWNqXoN695aUrKQD618SRC0O4
b93aOwK3mPck4ZXOX4MYJSVBhqUMJi2uqlJdjdPO1AB/8qKEnqNtALUQKZURMcKt
b9aRuPlTVqBhD3JfvYA6G6RKGykBhbD9Lg+/DWzKQ7UkUHwdpHeozznc/0qufmIi
KEsW39eyP5K2AXyW9dIr9v2c
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:40 2025 by rpki-client