Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/K2QKbFHIrbPQHIm8s3ODKVNUlZc.roa
File: K2QKbFHIrbPQHIm8s3ODKVNUlZc.roa (raw, json)
Hash identifier: wWrjDFQ0Y6Ae5UJU72q02nMygpERqME7z4/Cv+3ZVV8=
Subject key identifier: 2B:64:0A:6C:51:C8:AD:B3:D0:1C:89:BC:B3:73:83:29:53:54:95:97
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 019763225E04A56CF194B528334913731FD1
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/K2QKbFHIrbPQHIm8s3ODKVNUlZc.roa
Signing time: Thu 12 Jun 2025 07:54:45 +0000
ROA not before: Thu 12 Jun 2025 07:54:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
213.232.204.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:22:5e:04:a5:6c:f1:94:b5:28:33:49:13:73:1f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Jun 12 07:54:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b640a6c51c8adb3d01c89bcb373832953549597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:fe:f3:2f:fe:ed:0c:e5:a5:4e:a8:b5:2d:
a5:4a:f4:b8:db:5f:c1:92:00:b1:e6:b7:8c:d1:2d:
10:d4:da:d5:4f:95:23:3c:10:d3:7e:88:8a:cf:a3:
e4:24:c6:b4:a8:a3:00:a7:3c:50:00:0a:31:92:85:
17:02:ae:40:60:aa:20:9d:03:80:a1:7d:83:45:d7:
f5:44:16:64:94:b6:87:76:19:77:5e:d9:19:25:f8:
3f:9a:4c:59:9f:44:7b:ad:7a:2b:57:d6:23:a9:81:
20:8c:70:73:1b:26:2d:ea:4c:92:e0:90:6d:34:c3:
30:5c:d3:c2:f0:be:e2:ef:b5:5e:ba:06:e4:87:ad:
d7:21:f2:7f:e2:a8:e4:29:2e:e2:ee:04:63:6b:6d:
a4:f8:cb:87:6c:91:33:9e:fe:7e:c3:2c:ef:d8:4d:
6d:90:2d:75:1c:56:a6:7a:f8:99:98:76:5a:0b:6b:
14:fa:93:c2:a4:64:3e:d9:00:97:3d:bc:ce:32:2a:
0b:fe:f3:d3:b3:ad:12:f6:d5:be:45:38:fc:22:f6:
25:98:5c:ab:23:23:ae:3b:06:ae:66:cf:e7:7b:68:
66:31:61:63:84:0a:6e:30:9b:42:11:14:20:ff:77:
2d:3c:e8:36:98:54:d4:d0:72:c3:d2:a4:d8:91:4d:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:64:0A:6C:51:C8:AD:B3:D0:1C:89:BC:B3:73:83:29:53:54:95:97
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/K2QKbFHIrbPQHIm8s3ODKVNUlZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.222.0/24
185.92.180.0/22
213.232.204.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
1c:ab:91:bc:a0:70:9e:96:3a:7f:e2:d0:ac:1a:dc:34:f2:4f:
4e:be:52:4d:d6:e5:34:e1:43:66:ba:86:74:08:4e:d1:ea:72:
97:dc:68:03:15:a4:09:5e:4f:64:98:38:72:69:76:10:e7:72:
80:0d:76:e2:0b:0d:ac:e2:a3:b0:29:73:ad:ef:10:e7:60:6f:
16:90:09:38:2b:9f:63:e5:28:8c:0d:fc:52:1f:3b:79:d5:72:
8b:e1:17:02:68:ff:58:44:fd:23:a0:04:f4:15:bc:56:4b:03:
a6:09:a6:2c:67:d8:2e:a5:be:3b:aa:9a:5f:b7:3d:79:8d:6f:
21:80:51:77:b4:d3:12:8a:7c:09:ed:da:d8:2a:68:43:1a:90:
27:4b:b1:e7:f6:84:1a:79:7e:8d:b0:76:4a:c7:09:50:bc:36:
39:43:0d:28:31:ca:af:fc:fa:5a:0a:8d:c7:c3:45:d7:36:c1:
5a:ad:27:bc:7d:f0:fa:81:d2:51:04:87:6d:80:33:d4:30:57:
5b:e2:19:71:4f:66:7b:ac:42:20:76:0b:45:34:51:54:f5:29:
44:a8:59:46:53:50:41:8b:39:7c:07:80:8b:93:ee:3d:0b:e3:
92:ad:53:29:ea:f6:d2:3c:3b:49:a9:c9:6e:2c:99:74:39:8e:
d7:05:67:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZdjIl4EpWzxlLUoM0kTcx/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwNjEyMDc1NDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY0MGE2YzUxYzhhZGIzZDAxYzg5YmNiMzczODMyOTUzNTQ5NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqP+8y/+7QzlpU6otS2lSvS421/B
kgCx5reM0S0Q1NrVT5UjPBDTfoiKz6PkJMa0qKMApzxQAAoxkoUXAq5AYKognQOA
oX2DRdf1RBZklLaHdhl3XtkZJfg/mkxZn0R7rXorV9YjqYEgjHBzGyYt6kyS4JBt
NMMwXNPC8L7i77Veugbkh63XIfJ/4qjkKS7i7gRja22k+MuHbJEznv5+wyzv2E1t
kC11HFameviZmHZaC2sU+pPCpGQ+2QCXPbzOMioL/vPTs60S9tW+RTj8IvYlmFyr
IyOuOwauZs/ne2hmMWFjhApuMJtCERQg/3ctPOg2mFTU0HLD0qTYkU0a/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCtkCmxRyK2z0ByJvLNzgylTVJWXMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvSzJRS2JGSElyYlBRSEltOHMzT0RLVk5VbFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAsv/eAwQC
uVy0AwQA1ejMMA0EAgACMAcDBQAqE3wAMA0GCSqGSIb3DQEBCwUAA4IBAQAcq5G8
oHCeljp/4tCsGtw08k9OvlJN1uU04UNmuoZ0CE7R6nKX3GgDFaQJXk9kmDhyaXYQ
53KADXbiCw2s4qOwKXOt7xDnYG8WkAk4K59j5SiMDfxSHzt51XKL4RcCaP9YRP0j
oAT0FbxWSwOmCaYsZ9gupb47qppftz15jW8hgFF3tNMSinwJ7drYKmhDGpAnS7Hn
9oQaeX6NsHZKxwlQvDY5Qw0oMcqv/PpaCo3Hw0XXNsFarSe8ffD6gdJRBIdtgDPU
MFdb4hlxT2Z7rEIgdgtFNFFU9SlEqFlGU1BBizl8B4CLk+49C+OSrVMp6vbSPDtJ
qcluLJl0OY7XBWdS
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:35:54 2025 by rpki-client