Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mkKJ3-jBO0RnuHX4p2gPe1LiAO0.roa
File: mkKJ3-jBO0RnuHX4p2gPe1LiAO0.roa (raw, json)
Hash identifier: YsOcjwPDGcx62gouTiDvY21jEpeo8cJ7ctCe2GexDO0=
Subject key identifier: 9A:42:89:DF:E8:C1:3B:44:67:B8:75:F8:A7:68:0F:7B:52:E2:00:ED
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01975EB0DA10B98AD02468A76F9269EE9E4F
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mkKJ3-jBO0RnuHX4p2gPe1LiAO0.roa
Signing time: Wed 11 Jun 2025 11:12:17 +0000
ROA not before: Wed 11 Jun 2025 11:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59592
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.33.0/24 maxlen: 32
37.114.35.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
176.100.32.0/21 maxlen: 32
176.100.32.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
185.14.92.0/22 maxlen: 22
2a00:ccc0::/29 maxlen: 128
2a00:ccc2::/32 maxlen: 32
2a00:ccc4::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:b0:da:10:b9:8a:d0:24:68:a7:6f:92:69:ee:9e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jun 11 11:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a4289dfe8c13b4467b875f8a7680f7b52e200ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:38:b2:1d:62:12:42:07:20:ff:a6:7c:d8:85:
f0:96:f6:58:8a:10:a2:b5:8a:15:68:f4:af:71:3f:
1b:d8:be:48:1f:bb:c1:d2:19:38:bf:8f:97:4b:b8:
1a:ce:f8:50:80:be:13:ba:69:77:09:28:11:da:00:
06:39:b8:12:e7:7a:ab:a0:56:43:b3:4f:87:a9:38:
b8:75:1f:ed:e4:11:02:af:e7:9d:dc:df:56:7c:bd:
1e:c4:c5:ba:3d:b5:59:80:13:a1:9d:46:30:62:3f:
ce:58:bc:3e:6d:24:f9:32:14:90:ce:63:d2:7e:56:
44:09:be:78:c5:43:bd:5a:2f:c9:cc:9e:a1:fb:7a:
b9:95:02:2d:4e:67:53:13:35:1e:ca:27:07:61:6b:
ea:cc:ae:d3:80:88:64:f3:ae:76:2f:41:62:54:7c:
7f:05:d2:f9:c3:8b:e2:35:06:05:57:ef:7c:ed:35:
52:b3:89:68:44:7c:fb:93:e2:d1:f4:5a:4a:50:5c:
79:2c:a6:d6:b7:8b:99:8f:3b:12:85:31:ec:de:5b:
59:14:34:52:17:38:8b:0e:c8:63:9c:b4:6a:64:35:
90:3a:53:77:73:46:93:3f:3c:2c:07:9a:fd:4e:ce:
06:35:71:73:d3:a4:95:1b:11:97:c1:77:95:9d:3d:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:42:89:DF:E8:C1:3B:44:67:B8:75:F8:A7:68:0F:7B:52:E2:00:ED
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mkKJ3-jBO0RnuHX4p2gPe1LiAO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.48.0/21
176.100.32.0/21
185.14.92.0/22
IPv6:
2a00:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
88:06:47:f1:c1:a9:07:68:2b:5e:ab:76:e9:bb:b6:40:07:c9:
a0:30:79:44:f9:39:e9:0c:05:a1:8b:20:56:50:07:f3:cd:5a:
6d:54:60:23:33:69:3d:7f:ed:70:b6:fb:03:22:41:12:42:e6:
5b:64:46:16:4d:1f:0a:38:57:e5:00:56:eb:21:98:09:5c:93:
1b:0a:fd:66:91:7e:88:26:05:50:53:a7:90:f9:6c:07:8d:c2:
66:af:cf:5d:98:ee:c6:0e:9b:0c:c6:90:2a:01:36:c3:9f:61:
72:79:e1:d3:f2:75:11:54:13:f5:50:22:11:e5:f4:c2:e4:83:
0d:43:dd:0e:af:ff:ef:e2:54:13:fc:a7:46:7b:f3:03:26:26:
d1:aa:45:0b:97:9c:44:f8:ae:9b:fb:2f:be:25:21:69:6e:06:
4b:3a:fc:1a:7d:81:75:b2:b6:c5:96:8a:86:57:04:b4:74:16:
ef:e0:0d:ec:65:bc:55:63:4c:78:d4:29:f8:71:5f:e3:31:b8:
81:79:40:bf:81:28:56:b6:5d:38:43:e2:6f:ef:de:ae:a4:6c:
8b:f5:05:a3:18:d2:2b:7d:99:4c:89:ca:af:a7:58:bb:74:e5:
b6:78:d9:d8:65:b1:64:a6:ba:67:ba:01:e5:1d:90:03:ca:aa:
18:ae:9f:cd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZdesNoQuYrQJGinb5Jp7p5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwNjExMTExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQyODlkZmU4YzEzYjQ0NjdiODc1ZjhhNzY4MGY3YjUyZTIwMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DiyHWISQgcg/6Z82IXwlvZYihCi
tYoVaPSvcT8b2L5IH7vB0hk4v4+XS7gazvhQgL4Tuml3CSgR2gAGObgS53qroFZD
s0+HqTi4dR/t5BECr+ed3N9WfL0exMW6PbVZgBOhnUYwYj/OWLw+bST5MhSQzmPS
flZECb54xUO9Wi/JzJ6h+3q5lQItTmdTEzUeyicHYWvqzK7TgIhk8652L0FiVHx/
BdL5w4viNQYFV+987TVSs4loRHz7k+LR9FpKUFx5LKbWt4uZjzsShTHs3ltZFDRS
FziLDshjnLRqZDWQOlN3c0aTPzwsB5r9Ts4GNXFz06SVGxGXwXeVnT2kAQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJpCid/owTtEZ7h1+KdoD3tS4gDtMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvbWtLSjMtakJPMFJudUhYNHAyZ1BlMUxpQU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFJXIgAwQB
K/ugAwQDXpowAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQMqAMzAMA0GCSqGSIb3DQEB
CwUAA4IBAQCIBkfxwakHaCteq3bpu7ZAB8mgMHlE+TnpDAWhiyBWUAfzzVptVGAj
M2k9f+1wtvsDIkESQuZbZEYWTR8KOFflAFbrIZgJXJMbCv1mkX6IJgVQU6eQ+WwH
jcJmr89dmO7GDpsMxpAqATbDn2FyeeHT8nURVBP1UCIR5fTC5IMNQ90Or//v4lQT
/KdGe/MDJibRqkULl5xE+K6b+y++JSFpbgZLOvwafYF1srbFloqGVwS0dBbv4A3s
ZbxVY0x41Cn4cV/jMbiBeUC/gShWtl04Q+Jv796upGyL9QWjGNIrfZlMicqvp1i7
dOW2eNnYZbFkprpnugHlHZADyqoYrp/N
-----END CERTIFICATE-----
Generated at Mon Jun 16 01:29:30 2025 by rpki-client