
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/KhZxCrijEh6I5tUjdOiH08SDAlU.roa
File: KhZxCrijEh6I5tUjdOiH08SDAlU.roa (raw, json)
Hash identifier: d7J/i0PvapKbq1ZXNQfO7tB9y3eyZqeGbgRInR/S46w=
Subject key identifier: 2A:16:71:0A:B8:A3:12:1E:88:E6:D5:23:74:E8:87:D3:C4:83:02:55
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 01970CC918E167D10867DFABADDF1DD1BE68
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/KhZxCrijEh6I5tUjdOiH08SDAlU.roa
Signing time: Mon 26 May 2025 13:29:55 +0000
ROA not before: Mon 26 May 2025 13:29:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44407
IP address blocks: 188.73.0.0/18 maxlen: 24
188.231.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:c9:18:e1:67:d1:08:67:df:ab:ad:df:1d:d1:be:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: May 26 13:29:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a16710ab8a3121e88e6d52374e887d3c4830255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:03:cc:30:ec:67:62:b0:4b:e2:69:6b:15:
7e:2b:0b:ed:a4:44:ae:28:36:bb:59:71:81:9f:9f:
41:53:0d:9a:dc:5e:89:79:7d:bb:46:a5:b9:87:1e:
d7:7e:a3:87:2a:e5:b2:3f:4f:a5:3e:e5:f3:6a:3f:
6f:9f:dc:10:56:72:bc:22:ab:bd:5c:80:ad:55:b2:
5c:43:b0:35:b0:91:7c:47:c3:a2:18:25:c0:63:90:
b9:b5:fb:fb:54:c9:59:65:8c:86:7f:55:52:1b:7e:
b7:ed:17:f0:0c:ec:77:b1:0d:01:75:59:03:5c:b7:
2f:9a:e9:f6:ed:16:2c:ed:9d:98:3a:c5:5f:25:25:
07:f3:7a:96:cb:18:55:98:af:a3:a8:3e:08:b1:21:
d1:35:a1:e7:53:89:fb:68:48:70:37:67:3a:43:e3:
ca:95:a8:bc:d1:e9:0e:08:f3:f1:78:ed:a5:cf:4c:
c9:49:03:5f:bc:f3:5a:37:5e:4f:10:12:91:d0:28:
eb:4f:70:9f:a7:8b:56:8a:a4:d5:b2:4d:7f:2a:b0:
ff:54:8b:18:36:50:eb:97:d1:4a:4d:62:16:80:9b:
ec:5f:b3:d2:e9:fb:86:f1:79:52:4f:ef:0f:8a:2f:
71:74:ac:3b:ac:d8:3a:7d:06:24:81:5b:8d:a9:d2:
58:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:16:71:0A:B8:A3:12:1E:88:E6:D5:23:74:E8:87:D3:C4:83:02:55
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/KhZxCrijEh6I5tUjdOiH08SDAlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.0.0/18
188.231.0.0/17
Signature Algorithm: sha256WithRSAEncryption
c3:fa:d6:01:8b:4c:ab:d9:f1:52:b6:b0:1a:14:c7:0b:26:da:
2f:ec:e6:70:b0:70:11:9a:77:ff:ae:c0:f8:44:46:57:fb:b5:
87:a3:38:85:a9:d8:2e:87:50:37:3f:52:4b:5c:36:c8:4e:ba:
87:27:8e:7c:ee:99:4f:c3:7a:03:2d:54:92:e7:02:c7:19:c6:
f5:a9:9d:36:8d:aa:f3:e0:aa:e0:d3:cc:5b:bb:7a:70:93:52:
64:79:bf:ce:65:90:dd:86:6c:39:6c:7b:3b:42:7e:a3:64:f7:
f4:6f:41:e8:4f:36:dd:6c:e7:97:82:87:56:79:3f:35:35:9f:
f0:bf:c9:4f:ef:78:e7:95:88:3d:40:fa:ca:bd:b5:8d:5a:2e:
fc:b6:4f:75:94:80:5e:78:62:f1:7c:d2:a1:7b:b4:68:10:d7:
2e:d9:93:15:af:6b:8c:c8:a1:06:19:eb:25:15:51:0d:68:06:
06:d7:4a:43:43:1c:c9:74:8b:f6:67:73:b6:c2:18:27:53:32:
e2:8d:dd:4a:22:7b:8f:17:cf:0d:8e:8d:56:aa:12:aa:23:b0:
f5:39:ff:bf:6b:e0:d0:13:a4:62:ff:fb:e6:d0:51:67:bc:f1:
72:29:e8:54:4e:6e:f9:e3:5e:7f:8a:01:a9:78:2e:11:ba:66:
71:96:47:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcMyRjhZ9EIZ9+rrd8d0b5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjUwNTI2MTMyOTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE2NzEwYWI4YTMxMjFlODhlNmQ1MjM3NGU4ODdkM2M0ODMwMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZgDzDDsZ2KwS+JpaxV+KwvtpESu
KDa7WXGBn59BUw2a3F6JeX27RqW5hx7XfqOHKuWyP0+lPuXzaj9vn9wQVnK8Iqu9
XICtVbJcQ7A1sJF8R8OiGCXAY5C5tfv7VMlZZYyGf1VSG3637RfwDOx3sQ0BdVkD
XLcvmun27RYs7Z2YOsVfJSUH83qWyxhVmK+jqD4IsSHRNaHnU4n7aEhwN2c6Q+PK
lai80ekOCPPxeO2lz0zJSQNfvPNaN15PEBKR0CjrT3Cfp4tWiqTVsk1/KrD/VIsY
NlDrl9FKTWIWgJvsX7PS6fuG8XlST+8Pii9xdKw7rNg6fQYkgVuNqdJYPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoWcQq4oxIeiObVI3Toh9PEgwJVMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvS2haeENyaWpFaDZJNXRVamRPaUgwOFNEQWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGvEkAAwQH
vOcAMA0GCSqGSIb3DQEBCwUAA4IBAQDD+tYBi0yr2fFStrAaFMcLJtov7OZwsHAR
mnf/rsD4REZX+7WHoziFqdguh1A3P1JLXDbITrqHJ4587plPw3oDLVSS5wLHGcb1
qZ02jarz4Krg08xbu3pwk1Jkeb/OZZDdhmw5bHs7Qn6jZPf0b0HoTzbdbOeXgodW
eT81NZ/wv8lP73jnlYg9QPrKvbWNWi78tk91lIBeeGLxfNKhe7RoENcu2ZMVr2uM
yKEGGeslFVENaAYG10pDQxzJdIv2Z3O2whgnUzLijd1KInuPF88Njo1WqhKqI7D1
Of+/a+DQE6Ri//vm0FFnvPFyKehUTm75415/igGpeC4RumZxlkcw
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:28:49 2025 by rpki-client