Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XFuigRA8MEoOFoeSisElJd3ZsTs.roa
File: XFuigRA8MEoOFoeSisElJd3ZsTs.roa (raw, json)
Hash identifier: 6UiYiGL9M04Fpw4dwtYLRNHZ/SpRJ4sN2n0AIpfwxcA=
Subject key identifier: 5C:5B:A2:81:10:3C:30:4A:0E:16:87:92:8A:C1:25:25:DD:D9:B1:3B
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 01956A9674DD24B7D91814DD3413CF40DE95
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XFuigRA8MEoOFoeSisElJd3ZsTs.roa
Signing time: Thu 06 Mar 2025 08:33:20 +0000
ROA not before: Thu 06 Mar 2025 08:33:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:96:74:dd:24:b7:d9:18:14:dd:34:13:cf:40:de:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Mar 6 08:33:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c5ba281103c304a0e1687928ac12525ddd9b13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a5:92:45:91:8a:76:45:92:27:e3:b5:c0:bd:
a8:7c:ab:0c:fd:26:f0:12:5f:f2:28:5d:47:98:49:
98:17:44:15:b2:0b:61:88:38:9b:ce:c0:17:77:11:
2f:67:2f:87:ae:dd:5d:fa:cf:73:a9:7b:ab:64:fb:
6c:10:d2:7c:0b:16:c0:a2:89:7b:91:56:03:03:65:
b7:46:59:08:74:96:b8:8d:15:76:7c:c2:18:b6:d6:
af:f9:90:a2:46:ed:56:67:09:19:7c:16:bf:7c:4e:
23:61:35:c0:5c:6a:0b:7c:dd:9a:c3:96:0b:4c:a9:
13:20:e4:69:5f:fe:9d:04:ae:e7:e7:6a:16:12:b9:
2a:75:f6:e6:32:47:e3:cb:1a:c8:58:11:ee:89:b0:
6b:4b:6a:07:5b:50:83:c3:82:38:5e:a0:a1:39:63:
43:29:30:b5:41:43:3b:4f:e2:28:01:15:e2:21:fb:
d8:29:d5:f5:4f:15:46:91:27:e2:01:72:f7:26:07:
72:d9:ca:d2:47:93:75:8d:5b:8f:8e:21:02:a9:4d:
bb:d2:bf:89:26:b3:17:f5:5e:37:e3:78:f2:0d:62:
63:31:20:46:fc:0a:6d:bf:38:1e:33:6b:8c:59:1b:
18:36:ed:ea:0c:bc:60:6c:70:8d:ec:84:04:c2:0e:
1a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:A2:81:10:3C:30:4A:0E:16:87:92:8A:C1:25:25:DD:D9:B1:3B
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XFuigRA8MEoOFoeSisElJd3ZsTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:2:ffff:ffff:ffff:ffff:ffff
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:c0:c0:61:81:eb:15:a1:c6:26:1e:6d:e3:99:86:22:2a:41:
da:b0:0a:50:a0:66:38:ec:bc:17:ca:62:d4:1a:d9:a1:1a:e1:
1b:45:05:42:eb:ad:6f:cd:87:54:55:1e:1c:09:49:2b:a7:5d:
03:f8:c3:b1:4d:f7:d0:ef:cb:08:8d:1b:30:90:cb:d4:40:6b:
6c:bb:f9:0b:56:05:8a:6c:82:f6:6d:72:b1:ee:95:4d:02:54:
d6:00:8c:2e:6a:82:4a:2b:8e:ba:68:ea:50:de:99:d1:f7:a5:
2d:ca:c0:d2:8b:b3:56:cf:84:d1:31:43:50:ee:70:df:ed:67:
68:ec:40:75:14:72:7c:54:7f:ea:cc:23:e4:93:1b:1e:ec:0c:
d0:95:bf:5b:33:7e:eb:f5:1c:d8:82:13:1f:a8:cc:2c:a0:cb:
f0:ff:11:51:f7:ec:e1:5c:0e:72:30:2e:7d:a8:90:90:6b:f2:
c8:e5:82:81:fa:4e:58:a2:20:37:3b:86:6f:dc:83:a8:b8:cb:
a2:fc:b7:7a:ee:71:90:1c:7b:0b:d3:ef:80:e7:20:ce:3d:e8:
6e:d1:6d:44:50:b1:59:40:ba:f7:e6:b2:0d:0b:e2:e2:d4:2d:
7e:4d:ae:99:b4:04:7a:ea:41:3a:dc:0c:5c:3f:26:8a:c4:fa:
51:dd:23:cc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZVqlnTdJLfZGBTdNBPPQN6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwMzA2MDgzMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzViYTI4MTEwM2MzMDRhMGUxNjg3OTI4YWMxMjUyNWRkZDliMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46WSRZGKdkWSJ+O1wL2ofKsM/Sbw
El/yKF1HmEmYF0QVsgthiDibzsAXdxEvZy+Hrt1d+s9zqXurZPtsENJ8CxbAool7
kVYDA2W3RlkIdJa4jRV2fMIYttav+ZCiRu1WZwkZfBa/fE4jYTXAXGoLfN2aw5YL
TKkTIORpX/6dBK7n52oWErkqdfbmMkfjyxrIWBHuibBrS2oHW1CDw4I4XqChOWND
KTC1QUM7T+IoARXiIfvYKdX1TxVGkSfiAXL3Jgdy2crSR5N1jVuPjiECqU270r+J
JrMX9V4343jyDWJjMSBG/AptvzgeM2uMWRsYNu3qDLxgbHCN7IQEwg4aFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFxbooEQPDBKDhaHkorBJSXd2bE7MB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvWEZ1aWdSQThNRW9PRm9lU2lzRWxKZDNac1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQALZtjMC4E
AgACMCgwEgMHACoQugAAAQMHACoQugAAAjASAwcFKhC6AL7gAwcBKhC6AL7kMA0G
CSqGSIb3DQEBCwUAA4IBAQAZwMBhgesVocYmHm3jmYYiKkHasApQoGY47LwXymLU
GtmhGuEbRQVC661vzYdUVR4cCUkrp10D+MOxTffQ78sIjRswkMvUQGtsu/kLVgWK
bIL2bXKx7pVNAlTWAIwuaoJKK466aOpQ3pnR96UtysDSi7NWz4TRMUNQ7nDf7Wdo
7EB1FHJ8VH/qzCPkkxse7AzQlb9bM37r9RzYghMfqMwsoMvw/xFR9+zhXA5yMC59
qJCQa/LI5YKB+k5YoiA3O4Zv3IOouMui/Ld67nGQHHsL0++A5yDOPehu0W1EULFZ
QLr35rINC+Li1C1+Ta6ZtAR66kE63AxcPyaKxPpR3SPM
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:52 2025 by rpki-client