Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/kHqDfv1PMJuMKRJJw_rnInJCqGA.roa
File: kHqDfv1PMJuMKRJJw_rnInJCqGA.roa (raw, json)
Hash identifier: ifzsU0ZI6Yo4/FNYRrTFh+wSVN18GVZcQoTagVp377Y=
Subject key identifier: 90:7A:83:7E:FD:4F:30:9B:8C:29:12:49:C3:FA:E7:22:72:42:A8:60
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 0197112A9D4033D90F83DCD6745364AA9D43
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/kHqDfv1PMJuMKRJJw_rnInJCqGA.roa
Signing time: Tue 27 May 2025 09:54:54 +0000
ROA not before: Tue 27 May 2025 09:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51505
IP address blocks: 193.28.156.0/24 maxlen: 24
194.46.62.0/23 maxlen: 23
194.154.32.0/19 maxlen: 19
2a14:6700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:2a:9d:40:33:d9:0f:83:dc:d6:74:53:64:aa:9d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: May 27 09:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=907a837efd4f309b8c291249c3fae7227242a860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:42:91:99:0b:53:fe:a7:23:a6:cc:2c:8e:b7:
0d:73:68:cb:b7:82:10:d5:de:42:77:bb:93:8e:fa:
11:cc:2c:65:8b:bd:dc:5c:ca:76:e9:e0:55:3d:93:
ef:81:c0:1b:bf:d7:12:e1:a6:86:e5:c6:57:d1:5c:
b5:1d:8c:a3:d1:f1:21:27:83:ff:97:3c:c0:2e:26:
cc:c8:7f:e6:ab:9b:93:94:ca:01:1b:75:67:68:0d:
c0:3c:7d:66:83:8e:3c:ed:ee:37:63:36:66:da:d9:
c5:27:0b:c8:c9:57:85:23:7b:40:fd:0c:de:94:95:
1b:8e:c4:df:9e:b9:54:68:5d:31:a0:5b:18:aa:66:
48:c6:ea:02:78:8d:e0:f1:d6:96:84:cf:77:f3:04:
c1:39:38:90:7b:1a:47:91:ce:b2:5a:c8:8c:ab:60:
f0:98:c4:fa:bd:01:d5:c1:21:a0:06:61:39:ce:ea:
b5:3d:3d:c2:32:ba:dc:f0:36:7d:35:b8:e8:9f:85:
9c:6a:c0:eb:09:a9:2a:5a:f9:a7:c7:7e:e5:3e:92:
14:bd:a0:df:32:c8:05:da:18:29:2a:59:65:02:41:
86:f6:5e:5e:17:41:e4:b2:2b:3e:1b:ec:89:bb:24:
9d:e9:bf:99:3e:ea:72:ee:0b:1b:81:fa:b0:66:7b:
88:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7A:83:7E:FD:4F:30:9B:8C:29:12:49:C3:FA:E7:22:72:42:A8:60
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/kHqDfv1PMJuMKRJJw_rnInJCqGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.156.0/24
194.46.62.0/23
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
06:4f:5f:c0:a2:73:c3:b4:b3:e0:0e:9f:36:98:96:9f:49:a5:
cc:68:e7:f3:e4:56:3f:11:6d:e9:49:e8:a0:7c:18:6b:70:74:
0a:9e:b5:ae:3d:83:79:b7:b3:fd:ff:7c:c6:65:74:c0:6f:0a:
8f:04:02:2f:e5:ab:b9:ab:bc:af:e4:8a:61:01:d3:9c:97:27:
f3:27:47:2d:49:c5:2c:3a:82:5f:1b:c6:51:1b:f1:0f:ae:d0:
87:50:70:ec:34:88:f6:6b:df:93:43:51:8b:ff:15:a8:b6:6b:
ed:58:0d:35:13:40:bb:f5:f0:8b:95:00:77:79:db:05:a5:7d:
58:11:86:95:ab:a7:ab:6b:2a:99:68:15:be:d8:13:22:44:60:
ea:ec:9a:1d:49:2d:87:08:c3:67:c8:57:0c:e7:36:8a:13:24:
af:94:10:0a:5f:dc:0d:d7:c6:f1:e4:39:9c:e8:cb:5a:05:2c:
8d:0c:a2:be:02:61:0d:f9:49:3b:f3:f8:d8:fd:82:70:6b:f9:
68:86:62:0c:ce:d2:5e:bc:42:77:ef:27:4f:3c:11:d0:e7:26:
e8:4b:5b:2e:fe:a1:76:cd:61:ba:39:47:e3:1d:37:ef:4a:9e:
3a:a3:a3:e8:13:31:e4:48:f5:92:fa:0d:66:d6:8f:0c:b9:67:
3f:bd:85:cb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZcRKp1AM9kPg9zWdFNkqp1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjUwNTI3MDk1NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdhODM3ZWZkNGYzMDliOGMyOTEyNDljM2ZhZTcyMjcyNDJhODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokKRmQtT/qcjpswsjrcNc2jLt4IQ
1d5Cd7uTjvoRzCxli73cXMp26eBVPZPvgcAbv9cS4aaG5cZX0Vy1HYyj0fEhJ4P/
lzzALibMyH/mq5uTlMoBG3VnaA3APH1mg4487e43YzZm2tnFJwvIyVeFI3tA/Qze
lJUbjsTfnrlUaF0xoFsYqmZIxuoCeI3g8daWhM938wTBOTiQexpHkc6yWsiMq2Dw
mMT6vQHVwSGgBmE5zuq1PT3CMrrc8DZ9Nbjon4WcasDrCakqWvmnx37lPpIUvaDf
MsgF2hgpKlllAkGG9l5eF0Hksis+G+yJuySd6b+ZPupy7gsbgfqwZnuIZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJB6g379TzCbjCkSScP65yJyQqhgMB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEva0hxRGZ2MVBNSnVNS1JKSndfcm5JbkpDcUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwRycAwQB
wi4+AwQFwpogMA0EAgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IBAQAGT1/A
onPDtLPgDp82mJafSaXMaOfz5FY/EW3pSeigfBhrcHQKnrWuPYN5t7P9/3zGZXTA
bwqPBAIv5au5q7yv5IphAdOclyfzJ0ctScUsOoJfG8ZRG/EPrtCHUHDsNIj2a9+T
Q1GL/xWotmvtWA01E0C79fCLlQB3edsFpX1YEYaVq6erayqZaBW+2BMiRGDq7Jod
SS2HCMNnyFcM5zaKEySvlBAKX9wN18bx5Dmc6MtaBSyNDKK+AmEN+Uk78/jY/YJw
a/lohmIMztJevEJ37ydPPBHQ5yboS1su/qF2zWG6OUfjHTfvSp46o6PoEzHkSPWS
+g1m1o8MuWc/vYXL
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:15:39 2025 by rpki-client