Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KhAm1AmVM-hseezwliOWhPWUkZw.roa
File: KhAm1AmVM-hseezwliOWhPWUkZw.roa (raw, json)
Hash identifier: I61eF0tpOh6mDnNS4XtdCt4rAgX71XjqRmfDNTZ7E+s=
Subject key identifier: 2A:10:26:D4:09:95:33:E8:6C:79:EC:F0:96:23:96:84:F5:94:91:9C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019666B26BB67BCF078C44D86A49754D3877
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KhAm1AmVM-hseezwliOWhPWUkZw.roa
Signing time: Thu 24 Apr 2025 07:28:11 +0000
ROA not before: Thu 24 Apr 2025 07:28:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.12.255.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
94.156.253.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:b2:6b:b6:7b:cf:07:8c:44:d8:6a:49:75:4d:38:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 07:28:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1026d4099533e86c79ecf096239684f594919c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:f1:4e:2d:26:6f:d8:ab:8b:a5:9f:dd:7d:
ca:27:7d:e4:c2:7f:1f:c9:1f:eb:d2:0a:f6:28:f1:
92:83:d9:7e:fe:ac:12:d8:c7:36:fb:05:f4:0b:0a:
4a:0b:68:43:b8:f2:a5:9e:fc:28:d7:ba:1f:9a:6d:
bf:3d:96:e1:2f:c7:f8:27:cf:97:f9:26:3b:bd:99:
78:ee:ef:3c:0e:62:1a:d0:a4:37:1b:c7:dc:38:94:
39:61:8e:af:47:ad:e2:6e:d4:94:71:06:19:9c:02:
0b:9d:36:c5:5c:28:e0:bc:ef:ef:70:f6:2b:b3:c5:
37:18:91:e2:8c:61:22:fb:6d:e2:b6:71:4b:89:b8:
ed:ba:ae:f6:7d:eb:e4:04:45:d1:f8:30:22:df:eb:
8f:d9:c9:da:5f:e3:11:0a:58:6a:0d:14:93:86:96:
4a:e5:b9:cf:2a:78:12:a3:ab:8a:68:c3:6f:b3:4a:
9a:90:e4:8b:ec:e3:2b:b7:ab:11:82:78:54:18:2c:
7b:c3:51:13:12:21:15:3e:95:da:88:7b:99:9d:db:
f5:37:48:07:f4:c6:1d:a5:52:6c:4a:56:47:28:b7:
b4:f7:13:91:1c:7d:fc:d8:cd:79:22:cb:82:83:a2:
f9:21:59:e8:25:4b:c8:49:37:9a:aa:09:ef:34:f6:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:10:26:D4:09:95:33:E8:6C:79:EC:F0:96:23:96:84:F5:94:91:9C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KhAm1AmVM-hseezwliOWhPWUkZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
87.120.33.0/24
87.121.58.0/24
94.103.127.0/24
94.156.2.0/24
94.156.79.0/24
94.156.253.0/24
141.98.4.0/24
147.78.100.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4b:85:3c:d6:73:cb:94:59:c8:6c:03:7e:65:05:1e:7f:4c:
09:ae:d5:d7:e6:8f:af:2a:f0:59:4b:41:d8:bc:ed:b4:50:47:
27:eb:1b:d8:ee:a1:79:0e:0a:e0:0c:33:35:49:2b:37:ca:37:
42:5d:a8:2e:85:4d:d8:00:9f:e2:46:6a:2d:84:b9:47:5a:07:
a6:a2:a3:12:ed:2b:25:f2:13:e3:7a:34:02:0a:c5:01:9d:ac:
67:43:b0:6e:62:87:ae:0d:49:d4:51:65:30:39:53:5d:f9:03:
6e:78:12:5c:b1:b1:3e:c7:a2:ee:bd:53:dc:f3:ca:86:ec:fc:
cb:31:02:34:92:ef:f5:28:12:73:d9:83:34:09:f9:c0:ae:d5:
25:53:b5:31:51:32:14:6a:ea:68:e6:e7:5d:4f:41:16:93:e3:
bb:6e:de:41:8e:a1:97:74:64:45:bb:55:30:7c:0c:21:fc:c9:
20:f5:21:c9:f2:01:e4:74:d6:f7:6a:b2:dc:8e:08:fd:11:74:
33:84:3b:3a:cb:01:2b:32:00:07:73:5f:9a:cf:19:7c:01:cd:
09:3a:da:3a:65:0c:c7:87:3c:53:74:e1:cf:7c:76:37:ef:53:
15:e2:9b:af:58:b8:f7:db:6a:bb:ca:c3:09:2f:7f:a9:5a:d2:
e4:4c:38:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZZmsmu2e88HjETYakl1TTh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDI0MDcyODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTEwMjZkNDA5OTUzM2U4NmM3OWVjZjA5NjIzOTY4NGY1OTQ5MTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobPxTi0mb9iri6Wf3X3KJ33kwn8f
yR/r0gr2KPGSg9l+/qwS2Mc2+wX0CwpKC2hDuPKlnvwo17ofmm2/PZbhL8f4J8+X
+SY7vZl47u88DmIa0KQ3G8fcOJQ5YY6vR63ibtSUcQYZnAILnTbFXCjgvO/vcPYr
s8U3GJHijGEi+23itnFLibjtuq72fevkBEXR+DAi3+uP2cnaX+MRClhqDRSThpZK
5bnPKngSo6uKaMNvs0qakOSL7OMrt6sRgnhUGCx7w1ETEiEVPpXaiHuZndv1N0gH
9MYdpVJsSlZHKLe09xORHH382M15IsuCg6L5IVnoJUvISTeaqgnvNPachwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCoQJtQJlTPobHns8JYjloT1lJGcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2hBbTFBbVZNLWhzZWV6d2xpT1doUFdVa1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQz/AwQA
V3ghAwQAV3k6AwQAXmd/AwQAXpwCAwQAXpxPAwQAXpz9AwQAjWIEAwQAk05kMA0G
CSqGSIb3DQEBCwUAA4IBAQA5S4U81nPLlFnIbAN+ZQUef0wJrtXX5o+vKvBZS0HY
vO20UEcn6xvY7qF5DgrgDDM1SSs3yjdCXaguhU3YAJ/iRmothLlHWgemoqMS7Ssl
8hPjejQCCsUBnaxnQ7BuYoeuDUnUUWUwOVNd+QNueBJcsbE+x6LuvVPc88qG7PzL
MQI0ku/1KBJz2YM0CfnArtUlU7UxUTIUaupo5uddT0EWk+O7bt5BjqGXdGRFu1Uw
fAwh/Mkg9SHJ8gHkdNb3arLcjgj9EXQzhDs6ywErMgAHc1+azxl8Ac0JOto6ZQzH
hzxTdOHPfHY371MV4puvWLj322q7ysMJL3+pWtLkTDjJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:02:42 2025 by rpki-client