Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KgsUwoyqBQWuR3vXAUX35SF2rb8.roa
File: KgsUwoyqBQWuR3vXAUX35SF2rb8.roa (raw, json)
Hash identifier: +gw9FXV0JaUnMs2WY6Rj3OrzHySE49YpqojS8QJ/MfA=
Subject key identifier: 2A:0B:14:C2:8C:AA:05:05:AE:47:7B:D7:01:45:F7:E5:21:76:AD:BF
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019762C8381DAA8A4147DD2BA4235BB254C3
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KgsUwoyqBQWuR3vXAUX35SF2rb8.roa
Signing time: Thu 12 Jun 2025 06:16:18 +0000
ROA not before: Thu 12 Jun 2025 06:16:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 80.96.44.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
80.96.156.0/22 maxlen: 24
80.96.236.0/23 maxlen: 23
80.97.40.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
81.180.94.0/23 maxlen: 23
81.180.98.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
81.181.68.0/23 maxlen: 24
81.181.72.0/23 maxlen: 24
81.181.104.0/21 maxlen: 24
85.120.84.0/23 maxlen: 24
85.121.168.0/22 maxlen: 24
85.121.232.0/21 maxlen: 24
85.122.124.0/22 maxlen: 24
85.122.231.0/24 maxlen: 24
193.226.76.0/22 maxlen: 24
194.102.36.0/22 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
194.153.230.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
217.156.26.0/24 maxlen: 24
217.156.48.0/22 maxlen: 24
217.156.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:62:c8:38:1d:aa:8a:41:47:dd:2b:a4:23:5b:b2:54:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 12 06:16:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a0b14c28caa0505ae477bd70145f7e52176adbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:bd:46:f9:e4:26:43:5a:a1:ee:b8:56:5b:
73:16:53:cc:b8:26:13:39:cf:08:a8:7e:28:e1:dc:
90:37:38:fd:91:d0:ad:ff:64:e0:a4:f0:a7:93:fe:
65:25:04:f1:a7:1c:cf:bd:23:5a:d6:7d:e3:ff:34:
0d:35:af:01:9d:4c:a8:e5:8c:0a:7e:44:b9:0e:51:
96:dc:19:b9:e8:13:42:cf:e2:78:51:d2:ad:be:aa:
80:80:27:5e:9a:bc:1a:48:22:0f:f6:db:43:2f:ad:
7f:10:fd:38:92:6e:fd:14:ef:62:c7:68:76:0b:b4:
bc:b0:7d:80:08:28:2e:8b:9f:33:18:e2:42:28:0f:
2e:8d:ce:5d:b1:27:21:54:12:27:80:cc:40:64:75:
cb:82:e5:6a:ae:48:37:81:4c:00:1b:50:9d:d4:fe:
26:4a:49:e9:e1:9f:7a:d5:0e:a8:b5:cf:d9:12:43:
af:d0:ba:66:cd:b9:04:20:92:df:b7:2f:b2:8c:b9:
72:1b:6e:5d:06:3a:d4:22:e2:d0:23:1a:6e:6f:e8:
e7:cc:b3:04:77:4d:7c:7f:21:15:80:86:da:1b:dd:
26:7b:e4:32:26:dc:e1:49:15:0a:ef:28:a1:e0:66:
91:95:06:83:10:15:96:7a:82:94:d0:0a:ae:0b:5e:
a4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0B:14:C2:8C:AA:05:05:AE:47:7B:D7:01:45:F7:E5:21:76:AD:BF
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KgsUwoyqBQWuR3vXAUX35SF2rb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.96.236.0/23
80.97.40.0/21
80.97.96.0/23
81.180.94.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.121.168.0/22
85.121.232.0/21
85.122.124.0/22
85.122.231.0/24
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.26.0/24
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:7e:e5:69:d6:ae:c3:54:96:d8:53:b9:8f:92:bc:f5:0a:65:
f0:54:69:69:0e:66:89:23:73:2d:a5:6a:e6:16:12:15:b4:88:
2a:72:a6:62:0a:74:a7:0f:74:27:cc:82:62:8d:7a:fc:e3:ea:
57:e4:6e:b1:8f:f1:e7:b6:bf:eb:42:bf:f7:45:c8:30:64:39:
f0:01:20:1e:41:43:74:d7:f9:47:f8:12:11:47:0c:a1:9c:01:
39:e8:82:cd:ce:55:e5:8a:24:73:ad:c3:09:2d:c7:df:11:33:
e9:fd:d9:ad:d7:64:a1:ad:3e:30:98:8d:cf:e5:56:bc:8c:19:
19:e7:28:f8:14:da:9b:f8:a5:c5:81:19:68:e8:81:88:8d:88:
35:8c:0e:13:94:d8:be:d4:d1:df:6e:44:92:fb:79:92:9c:2b:
82:01:5c:4f:6e:61:35:e0:ba:17:6e:5a:e4:1a:f2:09:fd:19:
da:65:c1:ee:90:a6:1a:a0:57:71:0f:f2:e8:c5:ed:3e:72:1e:
a8:11:08:34:37:13:eb:51:75:d4:94:b0:39:b0:14:74:67:34:
bc:c8:25:13:14:3f:1e:3d:ae:b9:ac:fa:a0:cb:d0:6d:aa:3f:
f9:0f:bf:4d:aa:eb:91:b9:88:fe:c8:13:50:91:1d:39:12:04:
28:15:3a:b6
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZdiyDgdqopBR90rpCNbslTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNjEyMDYxNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBiMTRjMjhjYWEwNTA1YWU0NzdiZDcwMTQ1ZjdlNTIxNzZhZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvy9RvnkJkNaoe64VltzFlPMuCYT
Oc8IqH4o4dyQNzj9kdCt/2TgpPCnk/5lJQTxpxzPvSNa1n3j/zQNNa8BnUyo5YwK
fkS5DlGW3Bm56BNCz+J4UdKtvqqAgCdemrwaSCIP9ttDL61/EP04km79FO9ix2h2
C7S8sH2ACCgui58zGOJCKA8ujc5dsSchVBIngMxAZHXLguVqrkg3gUwAG1Cd1P4m
Sknp4Z961Q6otc/ZEkOv0LpmzbkEIJLfty+yjLlyG25dBjrUIuLQIxpub+jnzLME
d018fyEVgIbaG90me+QyJtzhSRUK7yih4GaRlQaDEBWWeoKU0AquC16kqQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFCoLFMKMqgUFrkd71wFF9+Uhdq2/MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvS2dzVXdveXFCUVd1UjN2WEFVWDM1U0YycmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBAFQYOwDBANQYSgDBAFQYWADBAFRtF4DBAFR
tGIDBAFRtK4DBAFRtOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANR
tWgDBAFVeFQDBAJVeagDBANVeegDBAJVenwDBABVeucDBALB4kwDBALCZiQDBAHC
ZpQDBAHCZqADBAHCZq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHC
mfQDBAHZnBADBADZnBoDBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBACt+
5WnWrsNUlthTuY+SvPUKZfBUaWkOZokjcy2lauYWEhW0iCpypmIKdKcPdCfMgmKN
evzj6lfkbrGP8ee2v+tCv/dFyDBkOfABIB5BQ3TX+Uf4EhFHDKGcATnogs3OVeWK
JHOtwwktx98RM+n92a3XZKGtPjCYjc/lVryMGRnnKPgU2pv4pcWBGWjogYiNiDWM
DhOU2L7U0d9uRJL7eZKcK4IBXE9uYTXguhduWuQa8gn9Gdplwe6QphqgV3EP8ujF
7T5yHqgRCDQ3E+tRddSUsDmwFHRnNLzIJRMUPx49rrms+qDL0G2qP/kPv02q65G5
iP7IE1CRHTkSBCgVOrY=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:48:07 2025 by rpki-client