Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuTv6_c2CIDTZhMFuaYSJNKgsRM.roa
File: kuTv6_c2CIDTZhMFuaYSJNKgsRM.roa (raw, json)
Hash identifier: SnRkUnRIOJiPsO3/d08VQc8j5v0EaAHibqk1fFApwgg=
Subject key identifier: 92:E4:EF:EB:F7:36:08:80:D3:66:13:05:B9:A6:12:24:D2:A0:B1:13
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0197A8462B9D382D55DA78C5A757377CDC53
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuTv6_c2CIDTZhMFuaYSJNKgsRM.roa
Signing time: Wed 25 Jun 2025 18:07:40 +0000
ROA not before: Wed 25 Jun 2025 18:07:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:46:2b:9d:38:2d:55:da:78:c5:a7:57:37:7c:dc:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jun 25 18:07:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92e4efebf7360880d3661305b9a61224d2a0b113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8d:ed:df:64:5d:98:eb:47:be:7a:29:21:2f:
1e:30:7b:eb:1b:8e:b3:e7:0d:66:36:44:24:e0:84:
60:22:91:fe:fa:16:87:85:96:85:03:47:09:a2:b0:
75:48:13:cd:14:5f:4d:5b:63:92:67:58:44:de:b4:
cb:ec:1a:22:77:97:ee:fa:7d:7d:13:21:56:d1:26:
dc:a9:d8:31:be:61:52:a0:fc:b6:51:84:f3:0d:11:
fd:84:23:7e:85:f5:08:85:78:9f:1c:8e:3c:f4:08:
96:37:be:a7:59:c4:01:aa:63:c8:72:7e:82:f0:46:
bf:fa:c7:57:14:b9:5d:0c:ef:4f:88:56:9e:55:cb:
8a:db:57:d2:f7:f6:53:11:a7:9b:79:d1:41:14:8d:
da:13:88:d9:a6:97:4b:b3:37:91:1a:f0:5f:7a:ea:
86:54:70:47:30:03:ec:83:a7:be:ac:7f:15:79:2d:
0b:12:ba:1d:b7:81:19:32:fd:9b:ad:d4:c3:05:1b:
b1:60:e9:bb:8c:ce:c7:4b:ca:d7:6a:74:c9:ee:c8:
39:75:5c:45:f5:25:3d:2c:90:fa:40:1f:14:7b:53:
75:f6:9b:ae:38:e5:59:21:02:20:95:12:ca:71:af:
5c:1f:b1:4c:33:5a:09:28:21:2d:8a:a8:95:c4:3c:
09:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E4:EF:EB:F7:36:08:80:D3:66:13:05:B9:A6:12:24:D2:A0:B1:13
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuTv6_c2CIDTZhMFuaYSJNKgsRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
86.106.104.0/24
89.34.8.0/21
89.37.136.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
7a:b0:41:d1:27:e9:a6:dc:6f:0f:86:81:4f:b9:e0:a5:d3:13:
99:47:b4:ae:cb:98:67:24:b5:a6:0c:78:3e:40:83:99:4e:d3:
8a:cc:55:08:15:60:03:1c:78:5b:49:d0:05:1f:5e:f9:a9:d4:
46:bb:d7:ba:3d:b9:37:8d:7f:2d:0e:fe:e6:a2:90:34:77:3d:
b1:d0:43:b8:5a:e3:f1:2f:ae:70:f0:8a:89:20:ac:a4:7e:54:
bc:62:a2:92:ae:5f:1a:8a:65:bf:6b:e1:75:58:69:e1:d6:59:
e2:cb:5f:ee:f0:8b:d6:a5:fa:7e:86:16:7e:83:cb:02:b6:17:
d6:5c:e1:a3:11:cf:56:d4:74:59:9e:26:35:3d:53:ab:a0:58:
02:a6:ef:51:8c:46:57:b8:c3:15:e0:b7:ac:e5:bd:1b:0b:28:
67:4b:6b:0e:89:a8:8a:77:05:f7:f4:79:81:0d:90:99:83:94:
93:a6:2f:e9:e8:ec:e1:e3:95:17:36:0f:eb:2c:53:d8:90:71:
2b:4b:f1:e9:03:d7:f7:c3:ee:98:bd:c1:db:ea:d4:eb:36:b2:
eb:06:14:3f:69:3a:56:2c:96:7d:f2:ec:ce:b4:8e:ac:56:2c:
2a:42:e9:f5:57:a2:46:70:87:65:a0:ad:9c:c9:66:8f:44:f0:
0c:27:3b:c6
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZeoRiudOC1V2njFp1c3fNxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwNjI1MTgwNzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU0ZWZlYmY3MzYwODgwZDM2NjEzMDViOWE2MTIyNGQyYTBiMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo3t32RdmOtHvnopIS8eMHvrG46z
5w1mNkQk4IRgIpH++haHhZaFA0cJorB1SBPNFF9NW2OSZ1hE3rTL7Boid5fu+n19
EyFW0SbcqdgxvmFSoPy2UYTzDRH9hCN+hfUIhXifHI489AiWN76nWcQBqmPIcn6C
8Ea/+sdXFLldDO9PiFaeVcuK21fS9/ZTEaebedFBFI3aE4jZppdLszeRGvBfeuqG
VHBHMAPsg6e+rH8VeS0LErodt4EZMv2brdTDBRuxYOm7jM7HS8rXanTJ7sg5dVxF
9SU9LJD6QB8Ue1N19puuOOVZIQIglRLKca9cH7FMM1oJKCEtiqiVxDwJnwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJLk7+v3NgiA02YTBbmmEiTSoLETMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEva3VUdjZfYzJDSURUWmhNRnVhWVNKTktnc1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCAwQAVcx9AwQA
VmpoAwQDWSIIAwQAWSWIAwQAXXGeAwQAXXI3AwQAXXJjAwQAXXKrAwQAvNUSAwQB
vNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcNAQELBQADggEBAHqw
QdEn6abcbw+GgU+54KXTE5lHtK7LmGcktaYMeD5Ag5lO04rMVQgVYAMceFtJ0AUf
Xvmp1Ea717o9uTeNfy0O/uaikDR3PbHQQ7ha4/EvrnDwiokgrKR+VLxiopKuXxqK
Zb9r4XVYaeHWWeLLX+7wi9al+n6GFn6DywK2F9Zc4aMRz1bUdFmeJjU9U6ugWAKm
71GMRle4wxXgt6zlvRsLKGdLaw6JqIp3Bff0eYENkJmDlJOmL+no7OHjlRc2D+ss
U9iQcStL8ekD1/fD7pi9wdvq1Os2susGFD9pOlYsln3y7M60jqxWLCpC6fVXokZw
h2WgrZzJZo9E8AwnO8Y=
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:18:10 2025 by rpki-client