Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/aKvuzNFCkIxJKCLvoFj6rLtgwgw.roa
File: aKvuzNFCkIxJKCLvoFj6rLtgwgw.roa (raw, json)
Hash identifier: 88fD/JQbk+3ChR0NLskEVdwX38ofK7rX9dpoZ3GLYOg=
Subject key identifier: 68:AB:EE:CC:D1:42:90:8C:49:28:22:EF:A0:58:FA:AC:BB:60:C2:0C
Certificate issuer: /CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Certificate serial: 019667D0F9328D2D9A6F5B116590632D43B8
Authority key identifier: C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/aKvuzNFCkIxJKCLvoFj6rLtgwgw.roa
Signing time: Thu 24 Apr 2025 12:41:10 +0000
ROA not before: Thu 24 Apr 2025 12:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200799
IP address blocks: 45.93.204.0/22 maxlen: 22
130.193.1.0/24 maxlen: 24
185.95.36.0/22 maxlen: 22
185.95.36.0/24 maxlen: 24
185.95.37.0/24 maxlen: 24
185.95.38.0/24 maxlen: 24
185.95.39.0/24 maxlen: 24
185.188.24.0/22 maxlen: 22
185.188.24.0/24 maxlen: 24
185.188.25.0/24 maxlen: 24
185.188.26.0/24 maxlen: 24
185.188.27.0/24 maxlen: 24
212.237.252.0/24 maxlen: 24
217.61.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 00:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:d0:f9:32:8d:2d:9a:6f:5b:11:65:90:63:2d:43:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Validity
Not Before: Apr 24 12:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68abeeccd142908c492822efa058faacbb60c20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:21:99:9a:0d:90:bb:24:e2:a9:b0:e5:b5:28:
5c:9c:54:12:b8:b6:39:49:13:a7:e3:30:02:a3:f0:
20:93:38:d5:38:6d:79:0e:70:c4:09:84:26:3e:e6:
1a:61:c3:93:60:7d:eb:ae:3b:0b:f4:bc:b7:43:12:
51:5d:42:10:2c:3f:ef:ab:52:58:69:52:9e:6a:20:
09:20:78:f1:bc:70:56:03:88:6e:a1:74:37:2d:97:
f8:5d:25:40:16:2f:25:ff:2f:0d:14:ce:ee:95:80:
8a:b8:73:cb:06:f8:fc:27:be:f7:10:f1:bf:63:9b:
7e:25:3f:43:1b:f5:7d:df:55:c0:51:a7:f5:66:3d:
e3:ec:cf:18:e5:35:29:d2:1d:6d:c4:df:c8:0d:66:
dc:ae:bb:b3:62:16:5a:4a:c6:8f:c6:19:d8:65:e4:
f4:3a:41:7d:c3:7d:49:67:da:84:ad:f2:1f:1b:6a:
2d:e7:a9:fc:1f:93:6e:3f:9f:e2:71:5d:4e:75:d1:
36:6b:e4:26:2f:51:cc:3e:5c:8f:a6:02:4d:23:98:
af:2d:40:71:79:21:ab:79:cc:7d:91:c5:25:5e:83:
18:a3:d3:3b:30:33:ec:35:97:0d:e8:a4:60:75:12:
e7:41:36:e5:cd:79:88:fd:b9:01:e9:95:8f:59:40:
91:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AB:EE:CC:D1:42:90:8C:49:28:22:EF:A0:58:FA:AC:BB:60:C2:0C
X509v3 Authority Key Identifier:
keyid:C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/aKvuzNFCkIxJKCLvoFj6rLtgwgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.204.0/22
130.193.1.0/24
185.95.36.0/22
185.188.24.0/22
212.237.252.0/24
217.61.254.0/24
Signature Algorithm: sha256WithRSAEncryption
19:65:a3:a7:d7:f4:68:7e:4c:a2:61:c2:82:88:00:57:14:5d:
b2:c9:85:e0:32:f5:7b:02:d8:bf:58:69:42:c9:2e:05:95:d1:
79:0e:63:5e:df:5b:d2:06:2c:4b:f3:fc:2f:68:0b:99:ba:75:
2d:09:54:f5:cb:2b:f4:1f:7c:06:ae:5b:2a:c3:a5:33:99:2d:
0c:92:18:5e:7f:48:89:65:9e:96:59:02:26:b5:59:b9:f8:e0:
f7:d2:ee:a9:a3:63:b2:ff:98:4b:f0:03:4a:ca:4c:0f:b8:ad:
c7:0e:2c:6c:b7:63:ae:03:f9:09:4f:65:22:67:88:08:de:8f:
1f:62:f2:ef:87:c7:67:a3:84:c7:5a:4e:57:85:ee:83:9f:eb:
19:d9:2a:e0:97:ca:a5:87:16:13:2f:af:70:a9:cd:a2:79:72:
7c:4b:af:22:9d:90:72:03:e7:23:0d:81:c2:f7:d1:86:f2:e3:
01:7c:05:7b:ae:0a:37:aa:53:0f:99:39:2b:e9:2c:9b:36:39:
67:7c:86:29:f1:45:fa:62:25:d8:6a:c5:ac:38:a7:19:2f:39:
5f:e2:ca:34:66:bf:01:71:73:a8:93:ac:b7:65:ee:fa:47:48:
a8:85:0d:58:8d:09:64:71:3f:48:3a:74:a0:c1:af:c6:ae:12:
89:73:cb:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZZn0PkyjS2ab1sRZZBjLUO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzZhOGJhODc0YzNmYmRkYWQzNDRkMDMyNThiM2UyYzA0
ZDdiY2IwHhcNMjUwNDI0MTI0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGFiZWVjY2QxNDI5MDhjNDkyODIyZWZhMDU4ZmFhY2JiNjBjMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CGZmg2QuyTiqbDltShcnFQSuLY5
SROn4zACo/AgkzjVOG15DnDECYQmPuYaYcOTYH3rrjsL9Ly3QxJRXUIQLD/vq1JY
aVKeaiAJIHjxvHBWA4huoXQ3LZf4XSVAFi8l/y8NFM7ulYCKuHPLBvj8J773EPG/
Y5t+JT9DG/V931XAUaf1Zj3j7M8Y5TUp0h1txN/IDWbcrruzYhZaSsaPxhnYZeT0
OkF9w31JZ9qErfIfG2ot56n8H5NuP5/icV1OddE2a+QmL1HMPlyPpgJNI5ivLUBx
eSGrecx9kcUlXoMYo9M7MDPsNZcN6KRgdRLnQTblzXmI/bkB6ZWPWUCRiQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGir7szRQpCMSSgi76BY+qy7YMIMMB8GA1UdIwQY
MBaAFMJ2qLqHTD+92tNE0DJYs+LATXvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMt
MzY2MWIxZWJiY2ZiLzEvYUt2dXpORkNrSXhKS0NMdm9GajZyTHRnd2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMtMzY2MWIxZWJiY2Zi
LzEvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLV3MAwQA
gsEBAwQCuV8kAwQCubwYAwQA1O38AwQA2T3+MA0GCSqGSIb3DQEBCwUAA4IBAQAZ
ZaOn1/RofkyiYcKCiABXFF2yyYXgMvV7Ati/WGlCyS4FldF5DmNe31vSBixL8/wv
aAuZunUtCVT1yyv0H3wGrlsqw6UzmS0Mkhhef0iJZZ6WWQImtVm5+OD30u6po2Oy
/5hL8ANKykwPuK3HDixst2OuA/kJT2UiZ4gI3o8fYvLvh8dno4THWk5Xhe6Dn+sZ
2Srgl8qlhxYTL69wqc2ieXJ8S68inZByA+cjDYHC99GG8uMBfAV7rgo3qlMPmTkr
6SybNjlnfIYp8UX6YiXYasWsOKcZLzlf4so0Zr8BcXOok6y3Ze76R0iohQ1YjQlk
cT9IOnSgwa/GrhKJc8t5
-----END CERTIFICATE-----
Generated at Fri May 2 09:10:59 2025 by rpki-client