Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JSypsppXw4zF3wv3-oPZnGpAKpg.roa
File: JSypsppXw4zF3wv3-oPZnGpAKpg.roa (raw, json)
Hash identifier: Ugy//UMe/SyRpINOHV+ZMrPKDRurYQAReKxi3C9ONjs=
Subject key identifier: 25:2C:A9:B2:9A:57:C3:8C:C5:DF:0B:F7:FA:83:D9:9C:6A:40:2A:98
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01967B0F6C1885A2B55FA7B5C3A99F90CF21
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JSypsppXw4zF3wv3-oPZnGpAKpg.roa
Signing time: Mon 28 Apr 2025 06:22:10 +0000
ROA not before: Mon 28 Apr 2025 06:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.168.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
212.109.173.0/24 maxlen: 24
212.109.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:0f:6c:18:85:a2:b5:5f:a7:b5:c3:a9:9f:90:cf:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Apr 28 06:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=252ca9b29a57c38cc5df0bf7fa83d99c6a402a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3b:77:7a:99:74:92:fa:53:b1:2e:f3:56:da:
d2:b0:16:78:00:c4:67:ee:4a:a8:3d:10:3b:e7:c7:
74:ab:88:45:6b:0d:46:59:48:c4:55:b1:19:c6:d8:
af:3b:65:09:77:43:9f:29:b3:54:d8:70:fb:58:dd:
b7:cc:45:28:29:34:1f:28:db:74:5c:aa:72:14:e0:
88:0f:8a:9f:72:0f:a7:34:89:95:7d:52:2b:1e:70:
07:71:6f:2d:25:56:84:c2:46:9a:19:9e:7a:10:ce:
b3:c5:96:f1:32:67:0c:12:c9:32:f2:d5:cb:17:eb:
2e:b6:56:b8:de:7b:4c:c3:79:f2:36:8a:09:2e:28:
2e:78:e7:3c:ad:9e:c1:9c:26:48:9d:f8:16:ff:9e:
d4:af:51:3f:21:76:83:2c:71:29:83:62:ce:57:a0:
d1:f7:9b:f7:af:2c:67:6e:82:d5:a5:f5:29:2d:7b:
a5:c2:77:87:86:1b:55:48:09:3c:3f:f9:43:82:f7:
e5:16:10:ce:6b:55:f4:c8:12:61:91:6e:62:c1:9c:
79:7a:73:db:06:8f:cd:6d:80:34:80:65:47:d7:fd:
1c:f5:08:a6:48:76:b1:78:58:96:e2:5c:da:4a:e0:
96:32:fe:b9:c0:c0:d5:f9:3e:72:fb:77:43:67:4f:
88:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2C:A9:B2:9A:57:C3:8C:C5:DF:0B:F7:FA:83:D9:9C:6A:40:2A:98
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JSypsppXw4zF3wv3-oPZnGpAKpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
6b:65:dc:05:78:45:f8:49:2b:a9:e6:ec:eb:0d:00:88:02:9c:
3a:7c:9b:74:10:db:73:f4:fe:c0:90:16:54:6c:88:7a:1f:55:
a4:7c:3d:db:93:10:9f:ca:8b:8a:d6:54:c7:b6:9c:3f:dd:21:
9c:9e:39:02:aa:bc:ec:e8:87:f4:83:87:2a:3a:57:b2:c1:e0:
b9:ea:dd:11:c2:ad:ea:d0:8f:b7:b5:e2:40:c8:42:8e:82:88:
85:97:d5:b9:d3:96:c3:1d:e2:7d:35:c2:cd:0f:ad:af:5f:61:
44:0f:a0:84:c7:23:b1:c5:13:98:fc:b5:9f:2b:f9:02:76:29:
7b:e4:79:af:ab:c7:72:1d:4a:f5:da:12:93:80:76:45:e1:2a:
1d:cc:5c:6d:3d:78:c6:5f:05:e7:24:24:c9:bb:cc:48:74:2a:
dd:d8:c9:f0:f0:d0:4e:d2:83:0d:25:ce:e7:35:c5:a8:1d:13:
5b:4a:3f:b8:11:4a:e2:08:4a:d4:2b:a7:3c:72:b2:c8:47:1e:
61:76:23:1d:a7:45:d2:7c:88:ef:42:07:5d:81:6b:3a:2c:d4:
2b:eb:0b:7c:4e:85:53:da:70:5b:96:75:f4:5a:23:8d:8b:87:
91:be:ec:99:20:e6:b7:d8:dd:3c:a1:88:06:85:d1:20:97:89:
74:4d:73:43
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZ7D2wYhaK1X6e1w6mfkM8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwNDI4MDYyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJjYTliMjlhNTdjMzhjYzVkZjBiZjdmYTgzZDk5YzZhNDAyYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzt3epl0kvpTsS7zVtrSsBZ4AMRn
7kqoPRA758d0q4hFaw1GWUjEVbEZxtivO2UJd0OfKbNU2HD7WN23zEUoKTQfKNt0
XKpyFOCID4qfcg+nNImVfVIrHnAHcW8tJVaEwkaaGZ56EM6zxZbxMmcMEsky8tXL
F+sutla43ntMw3nyNooJLigueOc8rZ7BnCZInfgW/57Ur1E/IXaDLHEpg2LOV6DR
95v3ryxnboLVpfUpLXulwneHhhtVSAk8P/lDgvflFhDOa1X0yBJhkW5iwZx5enPb
Bo/NbYA0gGVH1/0c9QimSHaxeFiW4lzaSuCWMv65wMDV+T5y+3dDZ0+IiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCUsqbKaV8OMxd8L9/qD2ZxqQCqYMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSlN5cHNwcFh3NHpGM3d2My1vUFpuR3BBS3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPUbagD
BADUba4wDQYJKoZIhvcNAQELBQADggEBAGtl3AV4RfhJK6nm7OsNAIgCnDp8m3QQ
23P0/sCQFlRsiHofVaR8PduTEJ/Ki4rWVMe2nD/dIZyeOQKqvOzoh/SDhyo6V7LB
4Lnq3RHCrerQj7e14kDIQo6CiIWX1bnTlsMd4n01ws0Pra9fYUQPoITHI7HFE5j8
tZ8r+QJ2KXvkea+rx3IdSvXaEpOAdkXhKh3MXG09eMZfBeckJMm7zEh0Kt3YyfDw
0E7Sgw0lzuc1xagdE1tKP7gRSuIIStQrpzxysshHHmF2Ix2nRdJ8iO9CB12Bazos
1CvrC3xOhVPacFuWdfRaI42Lh5G+7Jkg5rfY3TyhiAaF0SCXiXRNc0M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:54:02 2025 by rpki-client