Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/kvzRFKd8Xhs5qd2LiAJUjs-l62Q.roa
File: kvzRFKd8Xhs5qd2LiAJUjs-l62Q.roa (raw, json)
Hash identifier: ZOrlxI2jQwSQmSiRcnn7nLGlN6tG+YBSt70/NJOPfzk=
Subject key identifier: 92:FC:D1:14:A7:7C:5E:1B:39:A9:DD:8B:88:02:54:8E:CF:A5:EB:64
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 01966CA91DED7C3B5E9BFF6F7FD1B67204A9
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/kvzRFKd8Xhs5qd2LiAJUjs-l62Q.roa
Signing time: Fri 25 Apr 2025 11:15:44 +0000
ROA not before: Fri 25 Apr 2025 11:15:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35179
IP address blocks: 79.110.192.0/20 maxlen: 24
83.168.64.0/22 maxlen: 22
83.168.71.0/24 maxlen: 24
83.168.72.0/21 maxlen: 24
83.168.80.0/21 maxlen: 21
83.168.88.0/22 maxlen: 22
83.168.100.0/22 maxlen: 24
83.168.104.0/24 maxlen: 24
83.168.108.0/23 maxlen: 23
83.168.114.0/23 maxlen: 23
83.168.116.0/23 maxlen: 23
83.168.120.0/23 maxlen: 23
83.168.126.0/23 maxlen: 23
185.49.29.0/24 maxlen: 24
185.49.30.0/23 maxlen: 23
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:a9:1d:ed:7c:3b:5e:9b:ff:6f:7f:d1:b6:72:04:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Apr 25 11:15:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92fcd114a77c5e1b39a9dd8b8802548ecfa5eb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b6:8b:de:22:3a:38:bf:8c:a3:c6:23:47:bc:
1c:1a:2d:15:ef:75:27:24:b3:b7:c9:b9:d8:9c:9a:
be:ba:e5:62:ad:08:13:bc:ef:82:0a:de:7f:c1:d8:
3b:09:72:cb:c6:ad:62:69:03:11:cd:2d:4b:9b:41:
20:0f:16:41:7f:b4:1a:74:41:40:28:7a:4c:e4:4b:
9f:f0:50:1a:4b:63:b1:ba:3f:30:36:1b:7f:3f:fa:
55:4d:48:25:35:46:2d:2e:df:85:8c:c0:21:36:e6:
8b:35:f2:52:a3:a0:e2:d5:92:a8:fc:34:8b:bd:5c:
0e:c5:7a:73:f6:65:7c:ad:73:e4:a3:00:ae:64:66:
3d:42:15:24:c8:88:a1:0d:13:a0:90:11:11:01:b7:
b9:48:8f:d6:60:71:58:5e:75:29:46:15:e5:68:c4:
8a:ad:6f:13:e9:77:03:37:ba:68:14:03:f5:1c:2b:
1f:27:5e:01:98:f5:0c:44:77:68:b8:54:69:b9:96:
79:f0:52:73:b3:1e:cb:9e:ed:4d:00:5a:ec:4f:d5:
aa:6e:fa:7f:f7:9b:71:f0:9a:ae:37:e6:f9:66:e9:
2a:fc:5f:1d:68:88:9d:f9:ba:a8:2d:ea:4b:ac:56:
3e:94:52:4a:24:a0:b3:40:c8:b3:33:71:76:c3:b5:
d6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FC:D1:14:A7:7C:5E:1B:39:A9:DD:8B:88:02:54:8E:CF:A5:EB:64
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/kvzRFKd8Xhs5qd2LiAJUjs-l62Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.64.0/22
83.168.71.0-83.168.91.255
83.168.100.0-83.168.104.255
83.168.108.0/23
83.168.114.0-83.168.117.255
83.168.120.0/23
83.168.126.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
32:25:a9:66:e6:fe:a0:c0:6a:8c:1d:de:dd:07:5c:d2:fb:40:
4d:7f:68:a4:35:d6:8a:3f:9a:c1:d3:d3:74:47:08:b6:cd:7e:
95:99:aa:06:a0:c4:5f:47:7c:07:de:11:80:7e:a5:55:1c:12:
47:5c:73:18:c0:ab:66:26:cd:5b:0a:9a:bc:77:f7:10:26:21:
12:79:42:81:13:8f:62:1f:83:3d:c4:40:b3:27:b6:f2:de:7e:
42:79:24:ec:5f:fd:31:6d:85:3a:45:84:d0:0c:ae:f1:85:6e:
d3:6d:ba:15:31:f2:4a:66:43:a0:ed:bc:a3:72:4d:59:4b:3d:
3e:ad:79:26:2b:1c:41:2f:3d:e2:f1:74:3e:f7:5a:1c:ba:8f:
22:9a:43:22:a7:71:4a:15:13:30:3e:dc:71:26:e4:69:44:d4:
fe:b7:c5:d1:32:46:34:00:d9:c4:78:16:b9:96:e8:aa:11:39:
01:ac:9d:e8:18:13:f3:1d:59:49:ba:0a:e4:ed:9a:f2:cf:45:
11:9c:98:1d:b6:ed:82:9e:05:16:06:7d:c5:0b:0a:ee:52:4b:
74:49:82:2f:64:24:27:13:96:ec:37:34:58:cb:09:70:19:68:
ee:f3:6e:e6:3d:89:66:60:a6:6a:5d:e0:1e:b3:4d:9f:dd:36:
a1:59:cd:a7
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZZsqR3tfDtem/9vf9G2cgSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwNDI1MTExNTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZjZDExNGE3N2M1ZTFiMzlhOWRkOGI4ODAyNTQ4ZWNmYTVlYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbaL3iI6OL+Mo8YjR7wcGi0V73Un
JLO3ybnYnJq+uuVirQgTvO+CCt5/wdg7CXLLxq1iaQMRzS1Lm0EgDxZBf7QadEFA
KHpM5Euf8FAaS2Oxuj8wNht/P/pVTUglNUYtLt+FjMAhNuaLNfJSo6Di1ZKo/DSL
vVwOxXpz9mV8rXPkowCuZGY9QhUkyIihDROgkBERAbe5SI/WYHFYXnUpRhXlaMSK
rW8T6XcDN7poFAP1HCsfJ14BmPUMRHdouFRpuZZ58FJzsx7Lnu1NAFrsT9Wqbvp/
95tx8JquN+b5Zukq/F8daIid+bqoLepLrFY+lFJKJKCzQMizM3F2w7XWdwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFJL80RSnfF4bOandi4gCVI7PpetkMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEva3Z6UkZLZDhYaHM1cWQyTGlBSlVqcy1sNjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEBE9uwAME
AlOoQDAMAwQAU6hHAwQCU6hYMAwDBAJTqGQDBABTqGgDBAFTqGwwDAMEAVOocgME
AVOodAMEAVOoeAMEAVOofjAMAwQAuTEdAwQFuTEAAwQCwe84MA0EAgACMAcDBQAq
AZbgMA0GCSqGSIb3DQEBCwUAA4IBAQAyJalm5v6gwGqMHd7dB1zS+0BNf2ikNdaK
P5rB09N0Rwi2zX6VmaoGoMRfR3wH3hGAfqVVHBJHXHMYwKtmJs1bCpq8d/cQJiES
eUKBE49iH4M9xECzJ7by3n5CeSTsX/0xbYU6RYTQDK7xhW7TbboVMfJKZkOg7byj
ck1ZSz0+rXkmKxxBLz3i8XQ+91ocuo8imkMip3FKFRMwPtxxJuRpRNT+t8XRMkY0
ANnEeBa5luiqETkBrJ3oGBPzHVlJugrk7Zryz0URnJgdtu2CngUWBn3FCwruUkt0
SYIvZCQnE5bsNzRYywlwGWju827mPYlmYKZqXeAes02f3TahWc2n
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:50:51 2025 by rpki-client