Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/k3_oz24o1aoYtUGxnQB-tgEqkWA.roa
File: k3_oz24o1aoYtUGxnQB-tgEqkWA.roa (raw, json)
Hash identifier: xn4nb296At8c6SRwQOq+N62PJ2qN+1mD+HyDa0byceo=
Subject key identifier: 93:7F:E8:CF:6E:28:D5:AA:18:B5:41:B1:9D:00:7E:B6:01:2A:91:60
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0196385BEC9AEE3B24D4F73D514E6FDBB696
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/k3_oz24o1aoYtUGxnQB-tgEqkWA.roa
Signing time: Tue 15 Apr 2025 07:31:10 +0000
ROA not before: Tue 15 Apr 2025 07:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 80.254.228.0/24 maxlen: 24
185.92.168.0/24 maxlen: 24
185.92.169.0/24 maxlen: 24
185.92.171.0/24 maxlen: 24
2a13:5241::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:5b:ec:9a:ee:3b:24:d4:f7:3d:51:4e:6f:db:b6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Apr 15 07:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=937fe8cf6e28d5aa18b541b19d007eb6012a9160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:25:4a:13:99:b8:db:20:e6:cd:18:3e:34:2c:
c3:ea:a3:46:63:91:bf:7e:cc:49:c7:ab:21:98:ee:
cb:0c:bb:36:00:dd:8e:1b:c0:81:b1:3f:a6:43:73:
73:89:9b:52:08:bd:9d:ad:7c:11:53:b2:68:f2:9c:
f5:ef:ec:7d:d1:e8:19:c0:11:e0:70:27:a7:a8:be:
c0:72:0c:82:5e:e0:85:dd:3e:66:f7:d7:1f:c0:d7:
44:23:53:27:28:02:6b:32:9b:63:ec:04:5b:c5:21:
28:56:41:15:bb:44:d0:4b:f3:b8:31:24:ff:5c:1f:
35:88:e5:d4:c7:31:ff:fd:70:08:b0:76:03:1b:cb:
8a:22:6c:cd:e4:80:71:44:5f:23:66:a2:92:38:64:
06:95:e7:e2:69:d3:16:55:9b:70:de:ab:9a:57:2f:
1c:90:8e:a3:67:a7:ef:bc:49:db:87:97:6f:3f:2e:
82:cf:19:ab:c9:ef:45:00:b3:9a:5b:86:ba:fc:37:
7e:cc:1c:95:5c:a5:b5:28:fd:fb:5b:a9:f7:3f:00:
b8:e0:3e:0b:1c:32:98:ef:5f:be:af:0d:92:ec:6b:
2d:55:6b:1c:74:ab:e7:ce:c8:92:1b:c0:e9:e3:69:
35:e4:87:26:7d:a7:f5:d0:a3:ab:e5:84:3d:1a:3f:
2e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7F:E8:CF:6E:28:D5:AA:18:B5:41:B1:9D:00:7E:B6:01:2A:91:60
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/k3_oz24o1aoYtUGxnQB-tgEqkWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/24
185.92.168.0/23
185.92.171.0/24
IPv6:
2a13:5241::/32
Signature Algorithm: sha256WithRSAEncryption
34:e8:21:c0:8e:1e:47:f4:99:e9:a7:8b:df:c4:6d:16:a8:f0:
2f:0b:f7:8d:8c:51:45:f1:76:b0:8a:2c:c5:ef:68:f2:d1:c4:
0f:16:5f:c4:14:47:30:54:bd:3e:f1:82:10:e0:32:9b:e4:01:
8e:84:1a:c0:1b:91:33:65:c7:f1:7b:59:05:2d:52:a8:76:e6:
de:5e:11:42:05:67:5a:47:cc:4f:b0:3e:c0:5e:a6:02:88:5b:
c1:04:88:a8:4a:4c:94:8d:2a:9f:b8:47:94:d8:e1:91:27:70:
67:ae:ab:e1:46:70:d0:b0:0a:62:bb:ec:ba:69:ee:de:c2:4e:
09:cf:fe:06:7b:63:87:e2:27:2a:8d:50:04:66:bc:b2:51:c3:
22:01:8e:f8:cc:ca:0c:f6:3e:44:01:9c:96:9c:ce:f6:08:60:
4d:d9:3a:0d:16:dd:35:b6:11:d1:c0:a7:78:25:35:a4:0e:6a:
44:88:2f:49:77:7d:b8:2e:ac:bb:81:49:6f:cf:15:9c:06:d5:
69:78:d2:f5:29:da:db:51:ad:90:e7:aa:7f:12:9f:25:3a:ed:
9e:e1:7f:65:00:4f:26:28:32:78:24:44:4c:9e:79:2c:2d:37:
73:47:7a:c5:ac:ec:16:c0:5a:72:57:91:89:1b:2b:db:90:09:
d7:75:09:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZY4W+ya7jsk1Pc9UU5v27aWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwNDE1MDczMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdmZThjZjZlMjhkNWFhMThiNTQxYjE5ZDAwN2ViNjAxMmE5MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiVKE5m42yDmzRg+NCzD6qNGY5G/
fsxJx6shmO7LDLs2AN2OG8CBsT+mQ3NziZtSCL2drXwRU7Jo8pz17+x90egZwBHg
cCenqL7AcgyCXuCF3T5m99cfwNdEI1MnKAJrMptj7ARbxSEoVkEVu0TQS/O4MST/
XB81iOXUxzH//XAIsHYDG8uKImzN5IBxRF8jZqKSOGQGlefiadMWVZtw3quaVy8c
kI6jZ6fvvEnbh5dvPy6Czxmrye9FALOaW4a6/Dd+zByVXKW1KP37W6n3PwC44D4L
HDKY71++rw2S7GstVWscdKvnzsiSG8Dp42k15Icmfaf10KOr5YQ9Gj8uPQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJN/6M9uKNWqGLVBsZ0AfrYBKpFgMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvazNfb3oyNG8xYW9ZdFVHeG5RQi10Z0Vxa1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUP7kAwQB
uVyoAwQAuVyrMA0EAgACMAcDBQAqE1JBMA0GCSqGSIb3DQEBCwUAA4IBAQA06CHA
jh5H9Jnpp4vfxG0WqPAvC/eNjFFF8XawiizF72jy0cQPFl/EFEcwVL0+8YIQ4DKb
5AGOhBrAG5EzZcfxe1kFLVKodubeXhFCBWdaR8xPsD7AXqYCiFvBBIioSkyUjSqf
uEeU2OGRJ3BnrqvhRnDQsApiu+y6ae7ewk4Jz/4Ge2OH4icqjVAEZryyUcMiAY74
zMoM9j5EAZyWnM72CGBN2ToNFt01thHRwKd4JTWkDmpEiC9Jd324Lqy7gUlvzxWc
BtVpeNL1KdrbUa2Q56p/Ep8lOu2e4X9lAE8mKDJ4JERMnnksLTdzR3rFrOwWwFpy
V5GJGyvbkAnXdQmj
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:31:26 2025 by rpki-client