Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/k1wogzI71Qav_nbvke05rmKJg8Y.roa
File: k1wogzI71Qav_nbvke05rmKJg8Y.roa (raw, json)
Hash identifier: 1zvN4RDzCr99s7IBr9z4fRCGgHcMNBnaaWXwLcWIgno=
Subject key identifier: 93:5C:28:83:32:3B:D5:06:AF:FE:76:EF:91:ED:39:AE:62:89:83:C6
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 019855304C3B2FD3118D06456CF11E4777E1
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/k1wogzI71Qav_nbvke05rmKJg8Y.roa
Signing time: Tue 29 Jul 2025 07:58:04 +0000
ROA not before: Tue 29 Jul 2025 07:58:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.179.128.0/17 maxlen: 17
92.235.0.0/18 maxlen: 18
92.235.96.0/19 maxlen: 19
92.235.128.0/17 maxlen: 17
94.168.128.0/17 maxlen: 17
2001:67c:794::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 22:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:30:4c:3b:2f:d3:11:8d:06:45:6c:f1:1e:47:77:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jul 29 07:58:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=935c2883323bd506affe76ef91ed39ae628983c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c2:f4:55:c4:15:a0:2f:40:0e:59:38:11:9b:
23:52:81:1b:7f:f3:21:2c:70:2f:cb:5e:d4:bc:04:
d6:cf:2a:f5:05:65:71:52:62:42:1b:d4:31:16:24:
bf:9e:4b:f7:5d:ed:06:f2:72:ef:f0:83:80:8e:4e:
7f:eb:ff:31:df:22:c6:1f:30:25:88:ad:58:eb:09:
f1:df:f5:18:24:d8:cb:5c:69:d0:86:55:70:b0:72:
2f:85:24:ec:af:30:db:73:de:f3:d8:0b:14:e1:fd:
25:74:29:7c:bd:a7:d9:d1:38:93:30:1d:a7:28:d2:
8c:e1:10:4d:70:2c:c2:85:9d:2f:7b:cf:fc:ab:d7:
cf:7e:ab:79:70:c8:03:c9:04:1b:a7:c0:1e:62:aa:
d2:9d:d7:10:04:66:29:db:75:14:62:a3:7b:31:f2:
9d:30:dd:36:d4:80:56:e3:07:0b:df:a9:de:b7:4a:
eb:e6:3c:4b:c0:b8:70:08:10:63:0b:f3:ce:c9:d0:
80:33:1b:0f:c8:14:0f:73:68:4b:f1:03:f6:b3:65:
26:1c:37:57:5d:69:02:bf:f7:ef:8c:c0:f7:a1:62:
c8:59:d3:df:75:5d:c7:ac:ed:02:16:b0:42:25:39:
df:cc:69:55:6a:fe:2e:3b:39:a0:41:1d:c9:37:f8:
d8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5C:28:83:32:3B:D5:06:AF:FE:76:EF:91:ED:39:AE:62:89:83:C6
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/k1wogzI71Qav_nbvke05rmKJg8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.179.128.0/17
92.235.0.0/18
92.235.96.0-92.235.255.255
94.168.128.0/17
IPv6:
2001:67c:794::/48
Signature Algorithm: sha256WithRSAEncryption
09:e7:de:53:bd:e9:e8:e8:c1:f0:16:19:52:dd:56:2e:1b:b2:
64:b5:33:c9:7b:e3:cb:8e:06:3b:b2:61:be:ce:e2:8e:2a:ea:
55:eb:ce:74:44:b8:33:4d:54:b7:43:e5:9e:ec:88:f2:c5:4f:
8a:ef:00:bd:1e:2d:04:68:f3:5f:97:55:fb:d9:d7:c4:46:59:
63:a5:e8:d9:99:6c:36:ec:52:c7:3c:05:5d:61:39:23:59:34:
30:fb:09:cc:7e:92:84:f0:db:e2:f7:c4:83:99:1e:78:75:88:
55:e1:15:22:18:4e:b9:bc:c8:e9:64:e5:e8:29:49:18:d2:8d:
f3:db:70:c4:d1:5c:42:c6:50:10:08:25:76:34:6c:52:3a:15:
5f:d9:0b:8b:44:23:1c:52:96:eb:5b:05:87:9b:6d:40:35:23:
8d:3c:c2:a1:a3:3d:ba:3b:7f:e8:12:57:7b:de:bb:3f:03:82:
a5:b5:89:d8:1e:0c:4e:2e:0e:83:b3:07:48:5d:44:4a:df:37:
d7:aa:83:05:59:17:bf:fb:ca:79:5a:b6:d8:3c:82:5a:30:74:
a1:13:cb:c3:b9:91:db:4f:74:2a:cd:db:14:b8:2e:45:1c:3e:
03:be:73:18:e4:99:9a:c6:f6:20:ee:42:83:4e:c6:ab:42:9b:
b0:20:31:74
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZhVMEw7L9MRjQZFbPEeR3fhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI1ZTZhNjg5M2Y0NjZkMjY5NWU5MDY3MGMwNDc0NDM2
NDM3MDEwHhcNMjUwNzI5MDc1ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVjMjg4MzMyM2JkNTA2YWZmZTc2ZWY5MWVkMzlhZTYyODk4M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ML0VcQVoC9ADlk4EZsjUoEbf/Mh
LHAvy17UvATWzyr1BWVxUmJCG9QxFiS/nkv3Xe0G8nLv8IOAjk5/6/8x3yLGHzAl
iK1Y6wnx3/UYJNjLXGnQhlVwsHIvhSTsrzDbc97z2AsU4f0ldCl8vafZ0TiTMB2n
KNKM4RBNcCzChZ0ve8/8q9fPfqt5cMgDyQQbp8AeYqrSndcQBGYp23UUYqN7MfKd
MN021IBW4wcL36net0rr5jxLwLhwCBBjC/POydCAMxsPyBQPc2hL8QP2s2UmHDdX
XWkCv/fvjMD3oWLIWdPfdV3HrO0CFrBCJTnfzGlVav4uOzmgQR3JN/jY8wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJNcKIMyO9UGr/5275HtOa5iiYPGMB8GA1UdIwQY
MBaAFJDyXmpok/Rm0mlekGcMBHRDZDcBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEt
M2IwYjRiOGEyOTgzLzEvazF3b2d6STcxUWF2X25idmtlMDVybUtKZzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEtM2IwYjRiOGEyOTgz
LzEva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAlBAIAATAfAwQHPrOAAwQG
XOsAMAsDBAVc62ADAwJc6AMEB16ogDAPBAIAAjAJAwcAIAEGfAeUMA0GCSqGSIb3
DQEBCwUAA4IBAQAJ595Tveno6MHwFhlS3VYuG7JktTPJe+PLjgY7smG+zuKOKupV
6850RLgzTVS3Q+We7IjyxU+K7wC9Hi0EaPNfl1X72dfERlljpejZmWw27FLHPAVd
YTkjWTQw+wnMfpKE8Nvi98SDmR54dYhV4RUiGE65vMjpZOXoKUkY0o3z23DE0VxC
xlAQCCV2NGxSOhVf2QuLRCMcUpbrWwWHm21ANSONPMKhoz26O3/oEld73rs/A4Kl
tYnYHgxOLg6DswdIXURK3zfXqoMFWRe/+8p5WrbYPIJaMHShE8vDuZHbT3QqzdsU
uC5FHD4DvnMY5JmaxvYg7kKDTsarQpuwIDF0
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:58:26 2025 by rpki-client