Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kyZBZ_rd-3f0qwVVSrIsclsF2uM.roa
File: kyZBZ_rd-3f0qwVVSrIsclsF2uM.roa (raw, json)
Hash identifier: EMZN3EQZm5McMPgVQ7qcN+cm2NpdBTkIKJIuzypik+E=
Subject key identifier: 93:26:41:67:FA:DD:FB:77:F4:AB:05:55:4A:B2:2C:72:5B:05:DA:E3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196F3D747861AAF694B9410C280DF419A21
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kyZBZ_rd-3f0qwVVSrIsclsF2uM.roa
Signing time: Wed 21 May 2025 17:14:54 +0000
ROA not before: Wed 21 May 2025 17:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210876
IP address blocks: 45.134.84.0/22 maxlen: 24
45.134.84.0/23 maxlen: 23
45.142.228.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
93.189.123.0/24 maxlen: 24
109.107.149.0/24 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
185.247.6.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:d7:47:86:1a:af:69:4b:94:10:c2:80:df:41:9a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 21 17:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93264167faddfb77f4ab05554ab22c725b05dae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:63:6b:ea:5b:66:9e:c3:40:98:b8:be:85:e2:
bc:39:7d:33:49:a1:fe:d5:d7:55:68:79:cf:c2:ea:
87:59:d9:ca:fd:62:49:d1:02:c8:27:d1:e7:40:16:
68:2f:32:9a:50:49:42:25:92:b4:ce:15:10:30:0b:
b5:c7:66:33:db:09:18:50:b7:28:a6:78:df:2c:0b:
66:16:b6:7f:f7:17:0b:7d:49:03:79:34:bc:66:9d:
34:c1:e2:f1:1b:a5:8b:0e:6a:65:c7:79:9d:8c:7e:
b2:80:74:bc:2b:f4:34:f7:ee:17:1c:60:e0:bc:38:
b4:f8:31:4f:ad:b3:99:86:15:63:0f:d0:10:79:4b:
8b:8d:ab:b4:57:df:72:6c:dc:c6:c0:46:38:f1:8a:
8d:e8:f3:90:7f:d7:43:f9:f6:88:98:78:90:60:ff:
09:ec:2f:0f:dd:91:1b:64:08:15:84:e0:66:e5:eb:
28:86:35:e0:13:83:2b:39:68:f2:ad:e7:13:b3:f9:
12:23:e6:e7:fe:32:c9:8c:b0:27:eb:05:6f:cc:6a:
17:c5:1b:15:48:6d:63:4f:94:4e:8c:8f:d3:6c:e9:
5c:54:a4:48:6b:14:08:5b:3e:71:83:9a:f0:48:52:
4a:ff:bd:0a:8a:a6:92:e7:25:ab:fe:fd:13:55:c0:
61:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:26:41:67:FA:DD:FB:77:F4:AB:05:55:4A:B2:2C:72:5B:05:DA:E3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kyZBZ_rd-3f0qwVVSrIsclsF2uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
93.189.123.0/24
109.107.149.0/24
185.216.30.0/23
185.226.8.0/24
185.247.6.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
15:84:f9:68:7d:91:cc:5e:7b:0e:08:a1:a3:ee:50:bb:23:a2:
f4:25:8c:9d:a2:54:ba:64:62:5c:06:d7:c6:71:a4:a8:4c:89:
b5:0e:4c:9d:51:72:4c:1d:c8:ab:19:1c:5a:a5:87:68:b3:6f:
98:56:6b:cb:a2:58:65:70:48:78:08:0d:e4:62:3b:2e:62:e2:
a3:52:e6:5c:5f:7e:e2:83:e2:a8:78:5e:43:a6:cb:51:14:db:
89:48:38:b4:da:7a:1e:d0:c5:6d:83:66:a1:e1:d3:08:12:72:
75:bc:1d:ad:fb:e5:b5:e1:83:aa:9e:12:c0:7b:2d:45:fa:fe:
28:e2:f6:f6:84:91:64:8a:f5:f5:c2:bc:99:01:2b:65:45:66:
64:9a:86:a3:36:3c:53:a4:54:36:f8:72:f2:34:92:24:54:23:
99:75:2d:bd:ab:46:64:a5:51:df:35:dd:42:eb:a1:3e:fc:ba:
e0:18:5a:bc:bc:52:bd:d0:49:59:aa:e5:2a:0f:53:50:2d:68:
0c:74:17:9e:e5:65:63:d0:a6:62:82:a1:59:e8:66:04:66:b0:
b4:2c:2e:78:58:71:61:84:61:bf:69:46:31:1d:49:e1:ba:e9:
b7:2d:04:42:a2:ce:8d:57:89:41:25:a2:48:9e:c8:15:15:de:
2b:ad:1b:c8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZbz10eGGq9pS5QQwoDfQZohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTIxMTcxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzI2NDE2N2ZhZGRmYjc3ZjRhYjA1NTU0YWIyMmM3MjViMDVkYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWNr6ltmnsNAmLi+heK8OX0zSaH+
1ddVaHnPwuqHWdnK/WJJ0QLIJ9HnQBZoLzKaUElCJZK0zhUQMAu1x2Yz2wkYULco
pnjfLAtmFrZ/9xcLfUkDeTS8Zp00weLxG6WLDmplx3mdjH6ygHS8K/Q09+4XHGDg
vDi0+DFPrbOZhhVjD9AQeUuLjau0V99ybNzGwEY48YqN6POQf9dD+faImHiQYP8J
7C8P3ZEbZAgVhOBm5esohjXgE4MrOWjyrecTs/kSI+bn/jLJjLAn6wVvzGoXxRsV
SG1jT5ROjI/TbOlcVKRIaxQIWz5xg5rwSFJK/70KiqaS5yWr/v0TVcBhRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJMmQWf63ft39KsFVUqyLHJbBdrjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEva3laQlpfcmQtM2YwcXdWVlNySXNjbHNGMnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQAXb17AwQAbWuVAwQBudgeAwQAueIIAwQAufcGAwQA
wiMoMA0GCSqGSIb3DQEBCwUAA4IBAQAVhPlofZHMXnsOCKGj7lC7I6L0JYydolS6
ZGJcBtfGcaSoTIm1DkydUXJMHcirGRxapYdos2+YVmvLolhlcEh4CA3kYjsuYuKj
UuZcX37ig+KoeF5DpstRFNuJSDi02noe0MVtg2ah4dMIEnJ1vB2t++W14YOqnhLA
ey1F+v4o4vb2hJFkivX1wryZAStlRWZkmoajNjxTpFQ2+HLyNJIkVCOZdS29q0Zk
pVHfNd1C66E+/LrgGFq8vFK90ElZquUqD1NQLWgMdBee5WVj0KZigqFZ6GYEZrC0
LC54WHFhhGG/aUYxHUnhuum3LQRCos6NV4lBJaJInsgVFd4rrRvI
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:00:53 2025 by rpki-client