Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/KJ5NPWBplypQHISlD5ZIm67GEcw.roa
File: KJ5NPWBplypQHISlD5ZIm67GEcw.roa (raw, json)
Hash identifier: rVQDMmqRphO+/771euhrBELB7GUlltAX+Hu5gQoq1uc=
Subject key identifier: 28:9E:4D:3D:60:69:97:2A:50:1C:84:A5:0F:96:48:9B:AE:C6:11:CC
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 019886018BAC041FA7B2CB9AABCC00784607
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/KJ5NPWBplypQHISlD5ZIm67GEcw.roa
Signing time: Thu 07 Aug 2025 19:28:24 +0000
ROA not before: Thu 07 Aug 2025 19:28:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 77.243.88.0/22 maxlen: 24
83.143.106.0/24 maxlen: 24
178.20.213.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
178.20.215.0/24 maxlen: 24
185.101.20.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 19:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:86:01:8b:ac:04:1f:a7:b2:cb:9a:ab:cc:00:78:46:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Aug 7 19:28:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=289e4d3d6069972a501c84a50f96489baec611cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:5d:62:b1:ec:ce:af:0a:d8:17:0a:cf:c1:
37:1e:ac:14:33:d9:66:79:63:e4:6c:12:88:f7:f2:
78:5f:8b:ec:3a:fa:a1:41:c1:68:8a:fd:a9:1a:dc:
20:c3:53:37:a7:7e:a2:82:4d:94:10:c1:d2:b2:11:
59:3a:56:fc:6e:1a:5f:58:ab:1f:18:65:5c:11:cc:
3b:7c:e0:ad:52:b0:08:4b:0d:c8:76:b6:3d:21:7f:
e5:52:22:0f:f9:d0:fe:3f:a7:70:c8:8b:a0:e5:dc:
61:15:87:90:48:e1:94:1c:48:92:bd:e4:b3:0b:1e:
fd:7e:ce:9c:6e:66:c7:d4:b5:a0:c9:46:cd:84:18:
41:39:f5:2e:78:c4:23:7e:6d:81:ba:5f:83:1d:0b:
94:b5:7e:c7:0f:fd:4c:55:c3:2c:74:68:95:86:5c:
b8:31:ce:40:4d:75:77:24:d7:b8:66:58:6e:c3:93:
2a:a1:fc:23:9c:f2:16:9e:f4:e9:11:86:e6:e4:e2:
58:78:04:89:09:4b:88:04:b0:d0:a3:c1:72:bc:b0:
ac:47:00:e2:66:13:2e:1f:25:d4:ee:7b:87:54:87:
88:ed:f4:0c:14:6a:c2:e8:3f:46:18:ba:f2:61:2e:
24:06:ae:e5:30:1d:40:6d:bb:9a:70:e0:90:e6:a0:
a8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9E:4D:3D:60:69:97:2A:50:1C:84:A5:0F:96:48:9B:AE:C6:11:CC
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/KJ5NPWBplypQHISlD5ZIm67GEcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/22
83.143.106.0/24
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:0c:1e:40:c7:b6:89:c1:05:52:26:14:0c:80:fe:eb:e8:93:
52:b7:a6:23:55:3a:68:4d:e7:61:b9:c9:88:7f:82:96:6d:e0:
eb:4f:7a:73:76:86:0a:ab:ba:f5:59:f3:cb:09:dc:a2:60:39:
5f:56:fc:7f:e9:b5:0c:5d:d9:59:70:43:05:ca:19:82:c6:00:
26:5c:73:e7:62:1d:84:a6:a2:c2:93:63:4b:5b:da:b1:1d:22:
a4:50:a3:15:59:e2:da:13:29:0c:31:56:fa:10:0f:34:d9:03:
00:41:17:91:1f:e5:df:c1:21:71:5e:56:12:d4:14:5b:93:cb:
f7:eb:c2:25:5b:6c:5b:b1:39:e9:61:42:17:2b:ad:46:ac:35:
c5:4a:76:f7:4a:ac:73:10:23:2a:48:b7:3f:99:ea:00:21:3a:
3e:68:9f:e9:4a:09:52:71:37:d9:c6:03:67:bc:c2:76:31:e5:
2a:ff:5e:8a:79:a5:cd:fd:8b:2c:4d:6f:7b:22:26:d7:14:2b:
a6:bd:90:92:87:47:59:96:6e:ac:f7:0c:56:dc:0d:5f:95:5d:
0d:c5:51:b0:e5:99:ef:b1:05:6f:94:45:dd:e2:91:c7:bc:b1:
61:50:fb:38:01:0f:a4:64:9c:59:7a:4b:89:2f:08:74:23:2a:
08:b4:d0:70
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZiGAYusBB+nssuaq8wAeEYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjUwODA3MTkyODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODllNGQzZDYwNjk5NzJhNTAxYzg0YTUwZjk2NDg5YmFlYzYxMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRpdYrHszq8K2BcKz8E3HqwUM9lm
eWPkbBKI9/J4X4vsOvqhQcFoiv2pGtwgw1M3p36igk2UEMHSshFZOlb8bhpfWKsf
GGVcEcw7fOCtUrAISw3IdrY9IX/lUiIP+dD+P6dwyIug5dxhFYeQSOGUHEiSveSz
Cx79fs6cbmbH1LWgyUbNhBhBOfUueMQjfm2Bul+DHQuUtX7HD/1MVcMsdGiVhly4
Mc5ATXV3JNe4Zlhuw5MqofwjnPIWnvTpEYbm5OJYeASJCUuIBLDQo8FyvLCsRwDi
ZhMuHyXU7nuHVIeI7fQMFGrC6D9GGLryYS4kBq7lMB1AbbuacOCQ5qCoywIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCieTT1gaZcqUByEpQ+WSJuuxhHMMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvS0o1TlBXQnBseXBRSElTbEQ1WkltNjdHRWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCTfNYAwQA
U49qMAwDBACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBABsMHkDH
tonBBVImFAyA/uvok1K3piNVOmhN52G5yYh/gpZt4OtPenN2hgqruvVZ88sJ3KJg
OV9W/H/ptQxd2VlwQwXKGYLGACZcc+diHYSmosKTY0tb2rEdIqRQoxVZ4toTKQwx
VvoQDzTZAwBBF5Ef5d/BIXFeVhLUFFuTy/frwiVbbFuxOelhQhcrrUasNcVKdvdK
rHMQIypItz+Z6gAhOj5on+lKCVJxN9nGA2e8wnYx5Sr/Xop5pc39iyxNb3siJtcU
K6a9kJKHR1mWbqz3DFbcDV+VXQ3FUbDlme+xBW+URd3ikce8sWFQ+zgBD6RknFl6
S4kvCHQjKgi00HA=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:10:24 2025 by rpki-client