Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cKd4Fq3TBvtMmJChVDk4P_eQ0Dw.roa
File: cKd4Fq3TBvtMmJChVDk4P_eQ0Dw.roa (raw, json)
Hash identifier: aLw6fbW7IVWc6ThJpGEdUSHp7y1SPbXF1NXjXvIeE68=
Subject key identifier: 70:A7:78:16:AD:D3:06:FB:4C:98:90:A1:54:39:38:3F:F7:90:D0:3C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0196B68B6343C078E4C31707BAFAE5E2399E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cKd4Fq3TBvtMmJChVDk4P_eQ0Dw.roa
Signing time: Fri 09 May 2025 19:35:10 +0000
ROA not before: Fri 09 May 2025 19:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 14:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b6:8b:63:43:c0:78:e4:c3:17:07:ba:fa:e5:e2:39:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 9 19:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70a77816add306fb4c9890a15439383ff790d03c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:86:b4:d3:a5:ec:e8:dd:fa:d2:5d:f3:0a:03:
ea:9c:43:f8:4c:04:f6:ef:4e:bf:41:61:8f:66:8f:
b7:d5:47:f5:c3:81:d6:28:52:2e:ae:64:75:65:92:
c5:f8:6e:7e:a8:d1:2d:9b:16:bf:14:49:01:2f:07:
62:29:6f:21:f4:e4:73:92:8c:0a:7a:77:bc:e5:d1:
df:b3:76:a3:0e:3a:f8:0c:1b:68:78:0d:b9:60:14:
9e:c0:7e:3e:7a:e2:83:61:f1:72:db:94:a8:58:39:
f4:ea:4b:76:96:64:0c:e9:ec:c2:1b:95:05:8d:2e:
f1:d4:9b:49:9f:59:c8:78:b7:1c:c2:76:56:f9:13:
7f:01:8d:05:c5:28:6b:93:b4:85:5b:4e:d8:62:6e:
0e:67:53:27:2e:b8:9a:4a:27:62:3a:8b:c3:aa:07:
bd:f0:e2:b3:e9:3c:62:0c:ef:99:b6:c1:c8:bf:c2:
25:19:d7:9c:5f:f8:26:e5:69:1c:fe:89:97:ca:46:
49:59:0f:77:be:f0:4f:35:42:a8:d9:ab:19:bb:65:
87:7f:a0:b1:63:69:6b:9f:da:57:6a:c2:f5:53:19:
7c:af:41:fc:5c:64:ba:24:b7:ba:91:e8:fe:21:67:
14:c6:52:95:5f:46:56:f4:60:d0:be:02:5a:f3:55:
62:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A7:78:16:AD:D3:06:FB:4C:98:90:A1:54:39:38:3F:F7:90:D0:3C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cKd4Fq3TBvtMmJChVDk4P_eQ0Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
91.200.221.0/24
91.210.145.0/24
109.122.42.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
75:28:48:6d:e6:ef:be:d9:e1:da:c1:3e:83:57:77:ae:02:b9:
36:97:de:11:3c:ad:72:11:59:d2:c3:3c:b4:0a:08:fb:0d:99:
e2:c6:1e:59:ab:d8:52:54:d8:fc:c7:71:6a:1e:25:a1:d6:9a:
c0:c9:0e:80:0f:71:fd:b2:fd:7f:08:5d:62:71:7f:94:92:3b:
ae:5c:b7:1a:aa:6a:53:16:8d:58:6d:76:2d:73:97:3e:c9:bf:
d3:91:27:2c:30:4f:52:b1:7a:76:66:78:3f:39:34:67:58:3b:
18:bb:01:4c:1d:d8:3e:8d:50:3e:0b:24:f4:b9:ad:03:fe:00:
98:5e:2f:c9:ce:75:9f:b1:b8:fd:2d:7c:9b:74:73:d4:f3:1a:
e2:31:a0:d5:5a:7f:97:6b:1d:57:25:4d:16:e6:3c:49:1d:4c:
16:5d:22:b2:b1:c9:a1:83:ce:68:4a:21:a4:25:b7:bc:19:51:
2a:a6:9a:4a:0e:5e:08:6d:ae:3b:8f:19:07:82:25:2c:3f:a2:
1f:c7:d4:bc:8f:60:d6:30:84:45:98:2f:3c:45:e6:0f:04:2e:
aa:0a:c8:b4:cf:3e:f4:6f:b4:e0:8d:17:23:fa:09:b6:4d:ad:
ae:12:b1:ac:8c:8f:1b:50:53:7c:0c:ae:96:f8:f2:8d:0c:6e:
70:3b:f8:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZa2i2NDwHjkwxcHuvrl4jmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNTA5MTkzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE3NzgxNmFkZDMwNmZiNGM5ODkwYTE1NDM5MzgzZmY3OTBkMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34a006Xs6N360l3zCgPqnEP4TAT2
706/QWGPZo+31Uf1w4HWKFIurmR1ZZLF+G5+qNEtmxa/FEkBLwdiKW8h9ORzkowK
ene85dHfs3ajDjr4DBtoeA25YBSewH4+euKDYfFy25SoWDn06kt2lmQM6ezCG5UF
jS7x1JtJn1nIeLccwnZW+RN/AY0FxShrk7SFW07YYm4OZ1MnLriaSidiOovDqge9
8OKz6TxiDO+ZtsHIv8IlGdecX/gm5Wkc/omXykZJWQ93vvBPNUKo2asZu2WHf6Cx
Y2lrn9pXasL1Uxl8r0H8XGS6JLe6kej+IWcUxlKVX0ZW9GDQvgJa81ViRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHCneBat0wb7TJiQoVQ5OD/3kNA8MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvY0tkNEZxM1RCdnRNbUpDaFZEazRQX2VRMER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsUAwQA
W8jdAwQAW9KRAwQAbXoqAwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQB1KEht5u++
2eHawT6DV3euArk2l94RPK1yEVnSwzy0Cgj7DZnixh5Zq9hSVNj8x3FqHiWh1prA
yQ6AD3H9sv1/CF1icX+UkjuuXLcaqmpTFo1YbXYtc5c+yb/TkScsME9SsXp2Zng/
OTRnWDsYuwFMHdg+jVA+CyT0ua0D/gCYXi/JznWfsbj9LXybdHPU8xriMaDVWn+X
ax1XJU0W5jxJHUwWXSKyscmhg85oSiGkJbe8GVEqpppKDl4Iba47jxkHgiUsP6If
x9S8j2DWMIRFmC88ReYPBC6qCsi0zz70b7TgjRcj+gm2Ta2uErGsjI8bUFN8DK6W
+PKNDG5wO/jW
-----END CERTIFICATE-----
Generated at Sat May 10 23:58:48 2025 by rpki-client