Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/kI_UKMcmunYMY9TjK1VDTbIdCXE.roa
File: kI_UKMcmunYMY9TjK1VDTbIdCXE.roa (raw, json)
Hash identifier: /3d7l1sDA4ix/P9CQv22eTNSFswBDUH2vFeOZFQU5WA=
Subject key identifier: 90:8F:D4:28:C7:26:BA:76:0C:63:D4:E3:2B:55:43:4D:B2:1D:09:71
Certificate issuer: /CN=dfb8d9140502c9e035305189bf658234db14f54c
Certificate serial: 0196AF5784E0BD8735F50F9E91A379A5AE4D
Authority key identifier: DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/kI_UKMcmunYMY9TjK1VDTbIdCXE.roa
Signing time: Thu 08 May 2025 10:01:10 +0000
ROA not before: Thu 08 May 2025 10:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212175
IP address blocks: 79.135.120.0/23 maxlen: 24
185.165.50.0/23 maxlen: 24
185.225.9.0/24 maxlen: 24
194.110.239.0/24 maxlen: 24
212.104.134.0/23 maxlen: 24
212.104.138.0/23 maxlen: 24
213.254.166.0/23 maxlen: 24
213.254.168.0/23 maxlen: 24
2a10:9e80::/29 maxlen: 64
2a12:df40::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 04:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:57:84:e0:bd:87:35:f5:0f:9e:91:a3:79:a5:ae:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8d9140502c9e035305189bf658234db14f54c
Validity
Not Before: May 8 10:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=908fd428c726ba760c63d4e32b55434db21d0971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:18:55:10:27:db:40:94:75:68:bc:87:c7:
8a:b2:a0:c3:b7:e0:84:e4:8b:11:be:44:08:a6:49:
f2:a5:4a:07:37:6e:5b:19:17:ea:51:76:99:0c:71:
ec:7a:01:08:97:f8:b9:51:36:0d:8c:58:d3:f0:63:
64:88:2e:03:ec:0f:e5:df:73:b8:26:66:48:40:76:
c1:52:b3:68:e3:d6:c9:87:f3:96:4c:94:c6:07:a9:
98:96:d7:9b:7a:3c:83:91:10:81:87:90:3f:64:2a:
3e:47:04:cb:c7:31:93:2f:12:f0:c6:94:10:1e:b4:
28:57:eb:12:9e:7a:bb:1a:0e:46:12:3d:7d:57:02:
1a:59:56:68:17:e9:45:13:14:55:69:9a:a8:37:c8:
43:fd:19:4f:43:d7:4c:83:23:d3:69:29:02:97:18:
68:fa:ec:ae:21:e4:96:11:22:40:12:a9:e0:71:e7:
d0:b9:79:42:a2:50:98:a1:79:47:3b:d0:5b:e1:cc:
39:59:e4:3d:35:81:4c:48:96:d7:0e:9e:d8:7f:6b:
c1:83:6d:b8:55:d9:24:47:db:cc:4d:a7:f1:d6:e9:
2a:2b:bd:61:88:32:09:d2:b0:ae:7a:e4:0a:5c:f5:
34:53:2a:69:75:8b:00:4c:45:64:e5:e8:01:d8:f2:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8F:D4:28:C7:26:BA:76:0C:63:D4:E3:2B:55:43:4D:B2:1D:09:71
X509v3 Authority Key Identifier:
keyid:DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/kI_UKMcmunYMY9TjK1VDTbIdCXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.120.0/23
185.165.50.0/23
185.225.9.0/24
194.110.239.0/24
212.104.134.0/23
212.104.138.0/23
213.254.166.0-213.254.169.255
IPv6:
2a10:9e80::/29
2a12:df40::/29
Signature Algorithm: sha256WithRSAEncryption
10:19:1a:8f:1c:e8:fe:0e:5f:fc:cb:ed:0d:a9:b5:1f:9b:47:
c0:96:28:70:38:f7:72:b8:66:6c:78:60:67:b2:d7:63:75:00:
fc:74:0f:43:eb:ee:6d:4a:02:74:91:7b:2e:2a:49:0e:69:ab:
e5:f9:00:39:65:41:c5:97:56:93:76:f9:41:71:9a:f7:85:03:
2b:90:b2:dd:35:72:8f:e7:33:c3:10:fd:dd:9e:8c:ca:13:0b:
6e:ac:a2:1d:4f:74:24:9f:40:15:a2:82:69:86:d1:c6:07:ed:
dc:c2:dc:62:4f:e3:91:c0:8c:a9:3b:ae:6f:99:45:8d:31:23:
8f:1f:b1:29:28:98:65:20:e5:fe:d5:7d:9b:6d:e8:de:97:4c:
84:d7:e4:6f:3c:08:65:b2:9a:88:69:b7:ed:61:9b:ce:61:11:
b0:10:8c:8c:ea:a9:53:18:b3:3e:94:ff:27:54:66:a1:36:9f:
57:ee:28:f2:22:5a:b3:3f:a7:8a:8b:d6:1f:15:4b:84:1c:73:
c5:ce:1b:87:69:c6:6d:ad:d1:7c:0b:fb:69:8b:3b:ed:fc:e8:
3f:94:54:f3:6f:2b:a1:8c:a3:65:b5:8b:3a:1d:4f:30:c6:0a:
91:bc:1c:06:b6:11:84:0a:38:94:89:51:a9:df:91:a5:cd:a0:
d9:ef:52:40
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZavV4TgvYc19Q+ekaN5pa5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhkOTE0MDUwMmM5ZTAzNTMwNTE4OWJmNjU4MjM0ZGIx
NGY1NGMwHhcNMjUwNTA4MTAwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhmZDQyOGM3MjZiYTc2MGM2M2Q0ZTMyYjU1NDM0ZGIyMWQwOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiQYVRAn20CUdWi8h8eKsqDDt+CE
5IsRvkQIpknypUoHN25bGRfqUXaZDHHsegEIl/i5UTYNjFjT8GNkiC4D7A/l33O4
JmZIQHbBUrNo49bJh/OWTJTGB6mYltebejyDkRCBh5A/ZCo+RwTLxzGTLxLwxpQQ
HrQoV+sSnnq7Gg5GEj19VwIaWVZoF+lFExRVaZqoN8hD/RlPQ9dMgyPTaSkClxho
+uyuIeSWESJAEqngcefQuXlColCYoXlHO9Bb4cw5WeQ9NYFMSJbXDp7Yf2vBg224
VdkkR9vMTafx1ukqK71hiDIJ0rCueuQKXPU0UyppdYsATEVk5egB2PJpdQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJCP1CjHJrp2DGPU4ytVQ02yHQlxMB8GA1UdIwQY
MBaAFN+42RQFAsngNTBRib9lgjTbFPVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgt
NDFlNzNjMWViYWUxLzEva0lfVUtNY211bllNWTlUaksxVkRUYklkQ1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgtNDFlNzNjMWViYWUx
LzEvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQBT4d4AwQB
uaUyAwQAueEJAwQAwm7vAwQB1GiGAwQB1GiKMAwDBAHV/qYDBAHV/qgwFAQCAAIw
DgMFAyoQnoADBQMqEt9AMA0GCSqGSIb3DQEBCwUAA4IBAQAQGRqPHOj+Dl/8y+0N
qbUfm0fAlihwOPdyuGZseGBnstdjdQD8dA9D6+5tSgJ0kXsuKkkOaavl+QA5ZUHF
l1aTdvlBcZr3hQMrkLLdNXKP5zPDEP3dnozKEwturKIdT3Qkn0AVooJphtHGB+3c
wtxiT+ORwIypO65vmUWNMSOPH7EpKJhlIOX+1X2bbejel0yE1+RvPAhlspqIabft
YZvOYRGwEIyM6qlTGLM+lP8nVGahNp9X7ijyIlqzP6eKi9YfFUuEHHPFzhuHacZt
rdF8C/tpizvt/Og/lFTzbyuhjKNltYs6HU8wxgqRvBwGthGECjiUiVGp35GlzaDZ
71JA
-----END CERTIFICATE-----
Generated at Mon May 12 12:48:30 2025 by rpki-client