Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/KlqCgVt6MuLnVmP2np_5gob4_Bo.roa
File: KlqCgVt6MuLnVmP2np_5gob4_Bo.roa (raw, json)
Hash identifier: zkiiaVBv7w1FhyPvWpSRNAx73GQrEuAiaBTQXdEgjoI=
Subject key identifier: 2A:5A:82:81:5B:7A:32:E2:E7:56:63:F6:9E:9F:F9:82:86:F8:FC:1A
Certificate issuer: /CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Certificate serial: 0196AF5783F4AFBD14C47CD25D0D7C5D4C8F
Authority key identifier: AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/KlqCgVt6MuLnVmP2np_5gob4_Bo.roa
Signing time: Thu 08 May 2025 10:01:10 +0000
ROA not before: Thu 08 May 2025 10:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 45.94.236.0/24 maxlen: 24
45.148.44.0/24 maxlen: 24
45.148.45.0/24 maxlen: 24
45.148.46.0/24 maxlen: 24
45.148.47.0/24 maxlen: 24
193.3.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:57:83:f4:af:bd:14:c4:7c:d2:5d:0d:7c:5d:4c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Validity
Not Before: May 8 10:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a5a82815b7a32e2e75663f69e9ff98286f8fc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:2a:e8:4f:2c:40:24:4b:43:aa:76:7f:05:
69:88:76:68:16:b1:5e:22:8f:f7:c7:8e:39:ef:4b:
5d:50:ff:17:54:4f:b3:2a:1f:e7:a3:19:1d:5e:07:
5a:98:a6:16:d7:9b:de:6e:89:11:ac:fb:67:71:4d:
9f:92:82:88:ad:1b:21:c8:29:5e:4b:74:a9:ec:57:
41:17:d6:29:ea:f7:89:1c:5b:44:78:52:0a:bb:8b:
2d:4b:68:33:a1:2a:32:64:b4:dd:22:a3:c3:2a:7c:
ec:b0:f4:81:68:7f:fd:89:9e:1d:b9:1b:83:b2:7d:
c2:a3:4c:62:28:74:5f:a7:11:e2:ef:cf:e0:ee:18:
97:8e:4d:dc:e4:5c:c8:53:1a:36:a3:8b:91:20:02:
f3:4f:c6:8e:e5:5b:65:a0:bf:4b:33:aa:ea:19:ee:
6d:8c:b1:bf:b2:83:b2:b9:7c:8e:96:96:31:12:b2:
71:a0:22:08:49:82:43:6c:0e:4a:df:d3:ad:68:67:
99:87:10:b2:23:9d:1b:10:10:f6:e5:a1:d8:f3:6b:
96:83:5d:d6:3e:33:9b:58:1d:4e:de:87:86:a8:9a:
95:9e:2a:26:90:8b:d8:7b:42:f5:b8:bf:02:ca:40:
ae:a0:80:2c:eb:c5:9f:05:8b:2d:37:c2:cc:a7:75:
bd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:82:81:5B:7A:32:E2:E7:56:63:F6:9E:9F:F9:82:86:F8:FC:1A
X509v3 Authority Key Identifier:
keyid:AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/KlqCgVt6MuLnVmP2np_5gob4_Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.236.0/24
45.148.44.0/22
193.3.176.0/24
Signature Algorithm: sha256WithRSAEncryption
90:6f:91:68:7f:22:44:08:87:b1:47:cd:94:8b:a5:06:4d:64:
e0:61:a2:05:bd:34:96:d4:29:8d:73:27:9b:e9:dd:32:27:94:
42:28:87:75:d7:ce:1f:50:ec:60:e2:87:49:9e:e4:ef:cd:da:
f4:ad:c8:33:f6:5b:e1:28:73:a4:4c:ac:56:ea:cf:d3:2e:ee:
2e:7f:24:d2:d5:50:6f:a3:8e:be:9e:40:d2:a2:8b:ef:57:b4:
e6:4e:f7:35:4a:48:25:1f:68:f7:11:e4:8b:c7:b1:40:da:b6:
d5:cc:27:ed:27:d1:57:da:df:ba:9b:f2:dd:0b:7d:03:e6:62:
d5:01:15:42:30:c1:a2:67:c4:4c:46:58:05:25:e4:8f:60:5b:
28:d7:d3:d0:ac:78:ff:75:07:02:ed:8c:81:69:d9:8a:89:ae:
f4:02:74:6b:33:84:8c:41:c6:ba:96:d7:4c:27:d6:2d:84:b0:
2a:da:60:47:a6:75:d7:52:1e:e7:92:f4:30:d5:74:b1:08:69:
64:ba:96:ce:af:ba:95:5a:7b:13:98:a6:aa:88:1d:e3:c7:ef:
af:cc:c9:83:79:d2:10:a4:50:9e:0e:b7:10:c2:0a:30:b7:66:
36:89:ad:3d:66:85:f1:f3:d6:5d:6c:28:02:0e:8d:26:6d:0e:
a1:54:0a:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZavV4P0r70UxHzSXQ18XUyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWMyZTc0YzZkNDZjYzczYzk4YTRjMTYwODdhOGEzYjNh
NmY3NTkwHhcNMjUwNTA4MTAwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTVhODI4MTViN2EzMmUyZTc1NjYzZjY5ZTlmZjk4Mjg2ZjhmYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZgq6E8sQCRLQ6p2fwVpiHZoFrFe
Io/3x44570tdUP8XVE+zKh/noxkdXgdamKYW15vebokRrPtncU2fkoKIrRshyCle
S3Sp7FdBF9Yp6veJHFtEeFIKu4stS2gzoSoyZLTdIqPDKnzssPSBaH/9iZ4duRuD
sn3Co0xiKHRfpxHi78/g7hiXjk3c5FzIUxo2o4uRIALzT8aO5VtloL9LM6rqGe5t
jLG/soOyuXyOlpYxErJxoCIISYJDbA5K39OtaGeZhxCyI50bEBD25aHY82uWg13W
PjObWB1O3oeGqJqVniomkIvYe0L1uL8CykCuoIAs68WfBYstN8LMp3W9CwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCpagoFbejLi51Zj9p6f+YKG+PwaMB8GA1UdIwQY
MBaAFK1cLnTG1GzHPJikwWCHqKOzpvdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjkt
Y2VjODkzMWNlNjMxLzEvS2xxQ2dWdDZNdUxuVm1QMm5wXzVnb2I0X0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjktY2VjODkzMWNlNjMx
LzEvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7sAwQC
LZQsAwQAwQOwMA0GCSqGSIb3DQEBCwUAA4IBAQCQb5FofyJECIexR82Ui6UGTWTg
YaIFvTSW1CmNcyeb6d0yJ5RCKId1184fUOxg4odJnuTvzdr0rcgz9lvhKHOkTKxW
6s/TLu4ufyTS1VBvo46+nkDSoovvV7TmTvc1SkglH2j3EeSLx7FA2rbVzCftJ9FX
2t+6m/LdC30D5mLVARVCMMGiZ8RMRlgFJeSPYFso19PQrHj/dQcC7YyBadmKia70
AnRrM4SMQca6ltdMJ9YthLAq2mBHpnXXUh7nkvQw1XSxCGlkupbOr7qVWnsTmKaq
iB3jx++vzMmDedIQpFCeDrcQwgowt2Y2ia09ZoXx89ZdbCgCDo0mbQ6hVArq
-----END CERTIFICATE-----
Generated at Tue May 13 01:02:49 2025 by rpki-client