Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/kFJhvw8c8pO7-ui_KmaA5RNc_z4.roa
File: kFJhvw8c8pO7-ui_KmaA5RNc_z4.roa (raw, json)
Hash identifier: YGEP4CjqmM4E2cc+zdPbvwB4J8vm3ddL4Eiaa6+UYhA=
Subject key identifier: 90:52:61:BF:0F:1C:F2:93:BB:FA:E8:BF:2A:66:80:E5:13:5C:FF:3E
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 0194206841005FE1506D464E94A5863151BE
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/kFJhvw8c8pO7-ui_KmaA5RNc_z4.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43146
IP address blocks: 80.78.244.0/22 maxlen: 22
80.78.249.0/24 maxlen: 24
89.108.68.0/24 maxlen: 24
89.108.72.0/22 maxlen: 22
89.108.72.0/24 maxlen: 24
89.108.73.0/24 maxlen: 24
89.108.74.0/24 maxlen: 24
89.108.75.0/24 maxlen: 24
89.108.80.0/24 maxlen: 24
89.108.82.0/24 maxlen: 24
89.108.84.0/24 maxlen: 24
89.108.85.0/24 maxlen: 24
89.108.86.0/24 maxlen: 24
89.108.87.0/24 maxlen: 24
89.108.90.0/24 maxlen: 24
89.108.91.0/24 maxlen: 24
89.108.92.0/24 maxlen: 24
89.108.93.0/24 maxlen: 24
89.108.96.0/24 maxlen: 24
89.108.97.0/24 maxlen: 24
89.108.104.0/24 maxlen: 24
89.108.105.0/24 maxlen: 24
89.108.106.0/24 maxlen: 24
89.108.107.0/24 maxlen: 24
89.108.108.0/22 maxlen: 22
89.108.108.0/24 maxlen: 24
89.108.109.0/24 maxlen: 24
89.108.110.0/24 maxlen: 24
89.108.111.0/24 maxlen: 24
89.108.112.0/24 maxlen: 24
89.108.116.0/22 maxlen: 22
89.108.116.0/24 maxlen: 24
89.108.117.0/24 maxlen: 24
89.108.118.0/24 maxlen: 24
89.108.119.0/24 maxlen: 24
89.108.120.0/22 maxlen: 22
89.108.120.0/24 maxlen: 24
89.108.121.0/24 maxlen: 24
89.108.122.0/24 maxlen: 24
89.108.123.0/24 maxlen: 24
89.108.124.0/22 maxlen: 22
89.108.124.0/24 maxlen: 24
89.108.125.0/24 maxlen: 24
89.108.126.0/24 maxlen: 24
89.108.127.0/24 maxlen: 24
176.99.2.0/24 maxlen: 24
176.99.3.0/24 maxlen: 24
176.99.10.0/24 maxlen: 24
176.99.14.0/24 maxlen: 24
185.46.8.0/22 maxlen: 22
194.58.124.0/24 maxlen: 24
194.58.125.0/24 maxlen: 24
194.67.107.0/24 maxlen: 24
212.158.162.0/24 maxlen: 24
2a00:f940:8::/48 maxlen: 48
2a03:4900:a0::/48 maxlen: 48
2a03:4900:a1::/48 maxlen: 48
2a03:4900:fffb::/48 maxlen: 48
2a03:4900:fffc::/48 maxlen: 48
2a03:4900:fffd::/48 maxlen: 48
2a03:4900:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:41:00:5f:e1:50:6d:46:4e:94:a5:86:31:51:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=905261bf0f1cf293bbfae8bf2a6680e5135cff3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:80:63:f9:c4:12:70:74:be:90:50:2a:88:1b:
de:be:42:73:49:a6:2d:c7:b4:e6:dd:ba:ab:ad:af:
39:c9:d4:db:bf:8e:f7:46:90:91:16:b4:1e:23:6c:
58:45:71:e7:e8:7d:65:38:a9:30:03:bb:14:98:3b:
ab:ca:e9:97:16:f3:08:2f:62:c6:1f:72:45:b0:be:
51:ac:33:7e:c6:5f:64:03:73:a4:fd:e7:a4:42:43:
97:3a:8c:47:57:3a:f6:81:9d:d1:32:72:9c:d3:92:
b8:cb:f5:76:e5:11:d3:fa:32:93:f8:2e:71:21:1c:
73:3b:fd:24:9c:82:29:c6:cb:ce:ca:a9:a0:fa:1b:
bc:fb:30:08:e9:e7:36:4e:6d:33:d6:35:68:a5:df:
71:30:3f:76:2a:95:ba:a2:7a:1e:46:38:8d:7a:fc:
13:58:3b:02:21:6e:f0:01:51:48:6a:e9:9f:a1:b9:
d6:c3:a7:91:0b:c1:88:38:b2:fa:aa:cf:2c:b9:70:
59:db:8d:12:ba:52:5c:01:c7:79:60:59:23:1c:2f:
e1:68:8a:4c:90:c3:28:c6:db:29:5d:a1:94:28:16:
91:21:9a:ab:78:c3:4d:83:df:be:d8:70:10:87:09:
3b:3d:85:f9:57:6b:ce:9a:56:c7:03:a4:ae:4e:80:
c3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:52:61:BF:0F:1C:F2:93:BB:FA:E8:BF:2A:66:80:E5:13:5C:FF:3E
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/kFJhvw8c8pO7-ui_KmaA5RNc_z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.244.0/22
80.78.249.0/24
89.108.68.0/24
89.108.72.0/22
89.108.80.0/24
89.108.82.0/24
89.108.84.0/22
89.108.90.0-89.108.93.255
89.108.96.0/23
89.108.104.0-89.108.112.255
89.108.116.0-89.108.127.255
176.99.2.0/23
176.99.10.0/24
176.99.14.0/24
185.46.8.0/22
194.58.124.0/23
194.67.107.0/24
212.158.162.0/24
IPv6:
2a00:f940:8::/48
2a03:4900:a0::/47
2a03:4900:fffb::-2a03:4900:fffd:ffff:ffff:ffff:ffff:ffff
2a03:4900:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
0f:52:65:a5:dc:1b:a6:ec:11:1b:e8:ff:22:7b:e4:00:be:5f:
b4:21:74:8b:7b:1d:98:92:fe:e8:76:25:12:5a:19:06:0e:e1:
52:94:41:c8:ff:d4:e1:fd:32:6a:f8:d9:8a:43:c4:98:43:ef:
08:5d:11:18:7e:b6:fb:ff:b6:4a:a8:b0:1f:67:db:8d:66:10:
95:8a:3c:bb:9d:ad:b5:b7:23:13:da:b0:e3:7f:55:04:c0:e1:
9e:01:57:18:bb:36:3a:3f:d6:27:75:35:bf:0e:7b:80:ee:48:
6b:7e:19:41:c6:7c:9f:6a:16:75:7f:99:66:ae:9f:e9:95:68:
5e:85:53:24:87:67:9d:24:fb:a5:ba:8c:3a:c7:c8:6f:fe:b0:
a5:24:a7:55:93:d9:58:61:60:da:e9:4f:10:60:a5:cc:f1:3c:
fd:97:2f:77:55:69:a8:1d:88:f9:6d:63:73:e3:b5:09:05:1e:
c4:0d:e7:6b:51:5a:1a:ba:d6:2e:53:77:27:24:c9:6c:a2:7a:
ba:42:8a:01:4f:6b:1e:92:61:79:45:a3:80:12:43:ff:b6:7a:
08:82:3c:f5:fa:75:67:06:b6:06:6a:f8:7c:33:f0:84:cc:b2:
68:b0:2a:1b:84:86:7f:6e:a2:25:bf:73:d9:e2:8e:d8:2e:1e:
7f:e3:2e:43
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZQgaEEAX+FQbUZOlKWGMVG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUyNjFiZjBmMWNmMjkzYmJmYWU4YmYyYTY2ODBlNTEzNWNmZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YBj+cQScHS+kFAqiBvevkJzSaYt
x7Tm3bqrra85ydTbv473RpCRFrQeI2xYRXHn6H1lOKkwA7sUmDuryumXFvMIL2LG
H3JFsL5RrDN+xl9kA3Ok/eekQkOXOoxHVzr2gZ3RMnKc05K4y/V25RHT+jKT+C5x
IRxzO/0knIIpxsvOyqmg+hu8+zAI6ec2Tm0z1jVopd9xMD92KpW6onoeRjiNevwT
WDsCIW7wAVFIaumfobnWw6eRC8GIOLL6qs8suXBZ240SulJcAcd5YFkjHC/haIpM
kMMoxtspXaGUKBaRIZqreMNNg9++2HAQhwk7PYX5V2vOmlbHA6SuToDDzQIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFJBSYb8PHPKTu/rovypmgOUTXP8+MB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEva0ZKaHZ3OGM4cE83LXVpX0ttYUE1Uk5jX3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBiwQCAAEwgYQDBAJQ
TvQDBABQTvkDBABZbEQDBAJZbEgDBABZbFADBABZbFIDBAJZbFQwDAMEAVlsWgME
AVlsXAMEAVlsYDAMAwQDWWxoAwQAWWxwMAwDBAJZbHQDBAdZbAADBAGwYwIDBACw
YwoDBACwYw4DBAK5LggDBAHCOnwDBADCQ2sDBADUnqIwNQQCAAIwLwMHACoA+UAA
CAMHASoDSQAAoDASAwcAKgNJAP/7AwcBKgNJAP/8AwcAKgNJAP//MA0GCSqGSIb3
DQEBCwUAA4IBAQAPUmWl3Bum7BEb6P8ie+QAvl+0IXSLex2Ykv7odiUSWhkGDuFS
lEHI/9Th/TJq+NmKQ8SYQ+8IXREYfrb7/7ZKqLAfZ9uNZhCVijy7na21tyMT2rDj
f1UEwOGeAVcYuzY6P9YndTW/DnuA7khrfhlBxnyfahZ1f5lmrp/plWhehVMkh2ed
JPuluow6x8hv/rClJKdVk9lYYWDa6U8QYKXM8Tz9ly93VWmoHYj5bWNz47UJBR7E
DedrUVoautYuU3cnJMlsonq6QooBT2sekmF5RaOAEkP/tnoIgjz1+nVnBrYGavh8
M/CEzLJosCobhIZ/bqIlv3PZ4o7YLh5/4y5D
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:51:30 2025 by rpki-client