Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xVDocNP7aXKYtoVHkqJEWfEs39Q.roa
File: xVDocNP7aXKYtoVHkqJEWfEs39Q.roa (raw, json)
Hash identifier: uCspyXL19fDcE9oJyVLCJnaSZlJh0rG616wa+ybc/sk=
Subject key identifier: C5:50:E8:70:D3:FB:69:72:98:B6:85:47:92:A2:44:59:F1:2C:DF:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195DE76EBB83F9E1176F7F73901CE77703E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xVDocNP7aXKYtoVHkqJEWfEs39Q.roa
Signing time: Fri 28 Mar 2025 20:34:50 +0000
ROA not before: Fri 28 Mar 2025 20:34:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 45.149.235.0/24 maxlen: 24
94.156.154.0/24 maxlen: 24
94.156.155.0/24 maxlen: 24
94.156.180.0/24 maxlen: 24
94.156.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:de:76:eb:b8:3f:9e:11:76:f7:f7:39:01:ce:77:70:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 28 20:34:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c550e870d3fb697298b6854792a24459f12cdfd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:32:7d:31:40:2c:ed:8d:74:ae:39:78:1e:59:
aa:91:37:6a:c0:2b:4e:eb:23:79:e5:0d:6d:51:64:
b9:47:97:14:5f:5e:c7:b3:d2:f3:b6:38:59:20:a4:
03:36:df:af:19:98:5e:ed:72:35:98:4a:b0:ed:c7:
38:0f:4b:20:c9:fe:71:dc:5e:8c:25:78:df:49:cb:
f0:9c:c9:21:cb:f5:b5:f6:3b:08:e3:3a:00:02:a8:
db:e0:74:33:2a:fc:1e:0f:fe:1b:6c:29:58:13:61:
55:73:ea:3d:f3:d3:9a:c9:e9:7f:9a:70:44:a9:15:
9a:d0:59:8b:ba:06:81:24:57:a9:ac:bc:7c:cb:b9:
f9:44:de:1d:65:75:d3:f6:34:08:4c:d8:45:bf:e3:
45:62:bf:a4:20:67:3c:d5:00:4d:4b:f2:42:8b:22:
46:87:83:6f:86:d5:9c:c2:2a:dc:48:3a:aa:5b:2e:
6f:3c:d7:7b:c6:32:73:c9:33:db:7b:53:27:51:63:
ee:08:2b:60:f0:ce:8b:52:7b:f2:b5:df:df:8f:2e:
6c:dc:20:6f:a9:b6:0d:ac:3c:8d:7a:a0:2a:23:64:
c4:09:07:ad:41:03:42:9e:95:a7:6f:0a:bb:42:33:
61:a5:94:57:c3:d1:e0:d8:e7:8f:41:d8:b0:1f:63:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:50:E8:70:D3:FB:69:72:98:B6:85:47:92:A2:44:59:F1:2C:DF:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xVDocNP7aXKYtoVHkqJEWfEs39Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.235.0/24
94.156.154.0/23
94.156.180.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:05:e3:9f:c8:3f:d0:c3:46:86:ea:c6:dd:c4:21:0e:7c:4c:
36:19:4f:1b:12:64:ef:b9:b6:8b:85:9d:05:49:9b:48:ff:29:
31:2d:bc:a0:a4:f1:b9:a9:a7:dc:6d:ea:b8:c3:ab:14:36:74:
22:0a:d0:1f:73:af:90:a2:5e:f3:89:2b:7a:d1:29:37:69:e9:
6d:3a:8e:ee:80:3d:bf:61:52:a3:b1:f6:51:4c:2a:6a:31:de:
9b:15:be:e9:d5:a8:56:58:27:87:3e:c8:0f:e3:2a:26:02:83:
77:df:72:02:1c:d5:19:ce:7c:c3:e5:64:83:4d:33:b5:fe:51:
7c:71:d3:6c:88:7c:65:21:fc:b8:e3:fb:1b:d8:16:a8:cf:2c:
cb:ec:d9:b9:42:2e:db:52:1b:2d:6d:fb:5d:3d:c7:42:ba:11:
73:de:ea:62:90:52:f7:fb:12:33:e6:ec:fe:14:40:c8:52:fb:
13:d9:f7:2b:a5:72:42:db:b3:24:4a:5b:51:66:82:07:d7:c2:
53:00:22:9f:d5:99:31:71:7f:86:dc:46:c5:18:00:52:55:70:
4f:c6:66:5e:93:54:61:8e:a6:df:c7:d0:8b:8a:b2:77:5e:dd:
67:96:22:37:d5:3b:9f:75:6d:03:38:26:5c:25:2f:d8:4b:1f:
5d:ae:52:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXeduu4P54Rdvf3OQHOd3A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzI4MjAzNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTUwZTg3MGQzZmI2OTcyOThiNjg1NDc5MmEyNDQ1OWYxMmNkZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjJ9MUAs7Y10rjl4HlmqkTdqwCtO
6yN55Q1tUWS5R5cUX17Hs9LztjhZIKQDNt+vGZhe7XI1mEqw7cc4D0sgyf5x3F6M
JXjfScvwnMkhy/W19jsI4zoAAqjb4HQzKvweD/4bbClYE2FVc+o989Oayel/mnBE
qRWa0FmLugaBJFeprLx8y7n5RN4dZXXT9jQITNhFv+NFYr+kIGc81QBNS/JCiyJG
h4NvhtWcwircSDqqWy5vPNd7xjJzyTPbe1MnUWPuCCtg8M6LUnvytd/fjy5s3CBv
qbYNrDyNeqAqI2TECQetQQNCnpWnbwq7QjNhpZRXw9Hg2OePQdiwH2Oj0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMVQ6HDT+2lymLaFR5KiRFnxLN/UMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveFZEb2NOUDdhWEtZdG9WSGtxSkVXZkVzMzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZXrAwQB
XpyaAwQBXpy0MA0GCSqGSIb3DQEBCwUAA4IBAQB6BeOfyD/Qw0aG6sbdxCEOfEw2
GU8bEmTvubaLhZ0FSZtI/ykxLbygpPG5qafcbeq4w6sUNnQiCtAfc6+Qol7ziSt6
0Sk3aeltOo7ugD2/YVKjsfZRTCpqMd6bFb7p1ahWWCeHPsgP4yomAoN333ICHNUZ
znzD5WSDTTO1/lF8cdNsiHxlIfy44/sb2BaozyzL7Nm5Qi7bUhstbftdPcdCuhFz
3upikFL3+xIz5uz+FEDIUvsT2fcrpXJC27MkSltRZoIH18JTACKf1ZkxcX+G3EbF
GABSVXBPxmZek1Rhjqbfx9CLirJ3Xt1nliI31TufdW0DOCZcJS/YSx9drlLW
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:11 2025 by rpki-client