Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/kSKdo2q0O6OXBsJw6ZYyr7eJXbs.roa
File: kSKdo2q0O6OXBsJw6ZYyr7eJXbs.roa (raw, json)
Hash identifier: IDSSisdvZb6ZBfLMmbXOfW59dICKAwsuQknOYmnY4dc=
Subject key identifier: 91:22:9D:A3:6A:B4:3B:A3:97:06:C2:70:E9:96:32:AF:B7:89:5D:BB
Certificate issuer: /CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Certificate serial: 0196F6D0178623A106346548390DDA184952
Authority key identifier: DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/kSKdo2q0O6OXBsJw6ZYyr7eJXbs.roa
Signing time: Thu 22 May 2025 07:05:54 +0000
ROA not before: Thu 22 May 2025 07:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6681
IP address blocks: 45.128.218.0/24 maxlen: 24
45.128.219.0/24 maxlen: 24
89.150.33.0/24 maxlen: 24
193.200.64.0/24 maxlen: 24
193.200.65.0/24 maxlen: 24
195.191.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f6:d0:17:86:23:a1:06:34:65:48:39:0d:da:18:49:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Validity
Not Before: May 22 07:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91229da36ab43ba39706c270e99632afb7895dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:24:90:3c:50:75:d0:db:bf:cf:77:3d:6e:32:
59:4e:2e:e1:29:c2:20:4e:82:9f:60:39:4e:96:43:
28:65:47:7e:18:75:a4:1c:29:22:47:35:e9:0f:89:
f9:fa:8f:67:6a:fe:d6:0d:8a:1a:7e:5a:a0:88:99:
1f:af:86:05:1a:6f:72:e4:aa:84:2a:60:50:c3:46:
0e:6e:e5:08:45:06:3f:34:47:10:ea:72:3f:0d:0a:
e5:ea:23:f1:c7:91:52:67:e3:36:39:ac:19:bb:58:
5d:7b:ba:f3:65:ce:7b:b4:57:3d:ba:90:3b:72:48:
39:f4:df:14:0d:23:c9:f9:49:f6:c5:c1:1f:58:62:
72:9d:74:11:2f:79:b6:a5:99:f9:d4:49:08:df:85:
33:64:9c:32:74:3c:96:59:42:f4:fb:4b:f8:7a:0a:
6b:b5:0d:24:bb:56:3d:5f:cc:fd:11:99:bf:e9:57:
74:a3:42:cb:c6:e0:6b:a7:a7:11:26:e9:ef:c9:0f:
9e:05:ef:01:90:0b:a3:8b:8a:de:4e:75:fd:6b:8d:
c0:fe:30:1b:7a:d8:6a:31:f7:33:49:4a:8e:42:cb:
68:d9:d1:b4:a0:39:b7:96:20:ee:55:a2:9c:6e:46:
d7:ba:a3:fb:c0:af:0e:b4:e4:ea:6f:cc:ed:53:5f:
ff:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:22:9D:A3:6A:B4:3B:A3:97:06:C2:70:E9:96:32:AF:B7:89:5D:BB
X509v3 Authority Key Identifier:
keyid:DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/kSKdo2q0O6OXBsJw6ZYyr7eJXbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.218.0/23
89.150.33.0/24
193.200.64.0/23
195.191.234.0/24
Signature Algorithm: sha256WithRSAEncryption
12:17:72:5c:19:95:46:d0:8e:ca:84:d6:26:1b:01:2c:c7:bc:
b4:c6:bc:eb:3e:4e:ea:7c:19:59:52:05:5e:9e:eb:aa:2d:43:
69:85:23:0a:b5:ca:06:36:3a:db:9c:bf:72:42:0d:7a:84:77:
36:8e:2c:f7:52:e5:80:2f:f3:2e:84:e6:9c:8c:fc:2d:9a:17:
da:f5:b7:f6:ac:f5:65:6b:d2:31:d8:17:0b:50:46:86:8b:4a:
f4:7a:69:a9:e4:1f:f6:95:95:2c:87:59:a9:e3:6c:18:ce:ec:
a4:10:c9:b7:7d:1a:0b:81:ae:6c:fe:47:5e:c4:7d:db:48:78:
50:01:d2:da:64:ac:42:cd:61:f1:3d:77:ba:fc:4f:e4:c3:23:
3b:e0:57:67:c6:cb:0c:50:ed:89:3e:bc:32:f5:2d:1e:9f:2c:
fb:7b:df:8a:3d:d3:4b:82:c4:75:30:e3:0e:39:05:8b:1d:a6:
64:3f:6c:a0:8f:76:8d:9a:b2:a2:35:73:34:81:7d:1d:27:d7:
e8:9e:42:0a:ef:a4:c7:f7:2b:62:75:27:93:af:a1:66:57:e8:
ca:12:21:f1:fd:0a:e2:d7:2d:de:b9:ca:fb:8c:6c:1d:aa:2c:
5e:7d:ba:df:10:1c:37:90:53:49:84:4d:12:93:4a:6a:1e:a1:
f6:3f:80:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZb20BeGI6EGNGVIOQ3aGElSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmNhYjQ4NTk1MzZjZjk5NjU5NmVmMTlkMmE2NDYxMWQw
MzZmZTQwHhcNMjUwNTIyMDcwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTIyOWRhMzZhYjQzYmEzOTcwNmMyNzBlOTk2MzJhZmI3ODk1ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCSQPFB10Nu/z3c9bjJZTi7hKcIg
ToKfYDlOlkMoZUd+GHWkHCkiRzXpD4n5+o9nav7WDYoaflqgiJkfr4YFGm9y5KqE
KmBQw0YObuUIRQY/NEcQ6nI/DQrl6iPxx5FSZ+M2OawZu1hde7rzZc57tFc9upA7
ckg59N8UDSPJ+Un2xcEfWGJynXQRL3m2pZn51EkI34UzZJwydDyWWUL0+0v4egpr
tQ0ku1Y9X8z9EZm/6Vd0o0LLxuBrp6cRJunvyQ+eBe8BkAuji4reTnX9a43A/jAb
ethqMfczSUqOQsto2dG0oDm3liDuVaKcbkbXuqP7wK8OtOTqb8ztU1//7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJEinaNqtDujlwbCcOmWMq+3iV27MB8GA1UdIwQY
MBaAFNy8q0hZU2z5lllu8Z0qZGEdA2/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTIt
MjY2ZmUyNzM3YjhmLzEva1NLZG8ycTBPNk9YQnNKdzZaWXlyN2VKWGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTItMjY2ZmUyNzM3Yjhm
LzEvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYDaAwQA
WZYhAwQBwchAAwQAw7/qMA0GCSqGSIb3DQEBCwUAA4IBAQASF3JcGZVG0I7KhNYm
GwEsx7y0xrzrPk7qfBlZUgVenuuqLUNphSMKtcoGNjrbnL9yQg16hHc2jiz3UuWA
L/MuhOacjPwtmhfa9bf2rPVla9Ix2BcLUEaGi0r0emmp5B/2lZUsh1mp42wYzuyk
EMm3fRoLga5s/kdexH3bSHhQAdLaZKxCzWHxPXe6/E/kwyM74FdnxssMUO2JPrwy
9S0enyz7e9+KPdNLgsR1MOMOOQWLHaZkP2ygj3aNmrKiNXM0gX0dJ9fonkIK76TH
9ytidSeTr6FmV+jKEiHx/Qri1y3eucr7jGwdqixefbrfEBw3kFNJhE0Sk0pqHqH2
P4CR
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:07:55 2025 by rpki-client