Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Xyj8ZwDcUWqbEpHjYfOUcf0qYCs.roa
File: Xyj8ZwDcUWqbEpHjYfOUcf0qYCs.roa (raw, json)
Hash identifier: c2oymSas2wK23Gu8nnKHDl7VRkK6AmQgVCL9nk5rUFE=
Subject key identifier: 5F:28:FC:67:00:DC:51:6A:9B:12:91:E3:61:F3:94:71:FD:2A:60:2B
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428281247732D12F55E4C7C12CD86F4A1
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Xyj8ZwDcUWqbEpHjYfOUcf0qYCs.roa
Signing time: Thu 02 Jan 2025 17:55:02 +0000
ROA not before: Thu 02 Jan 2025 17:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36224
IP address blocks: 151.251.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:12:47:73:2d:12:f5:5e:4c:7c:12:cd:86:f4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f28fc6700dc516a9b1291e361f39471fd2a602b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:6a:5b:fe:13:8a:a1:a1:fc:5b:34:ac:93:
76:71:eb:cb:a0:a5:52:bf:55:42:44:6c:d6:3a:67:
62:e7:ce:3b:36:89:84:46:5a:2e:3c:ec:ea:5d:91:
c7:89:79:55:a7:4c:aa:a0:6b:60:3c:18:41:8f:24:
96:f3:28:80:ad:f6:fd:a0:f0:35:51:4e:b8:4d:59:
9d:16:e3:95:9a:44:81:14:79:78:15:62:12:1b:2d:
47:c4:b2:a0:9d:3c:4d:69:b8:81:bf:97:02:96:92:
0d:90:e7:1c:17:62:89:b2:76:70:81:6a:bc:10:a9:
f0:24:9f:1c:ff:20:a0:06:a2:06:0d:47:2b:56:b7:
63:e6:56:b2:d8:80:c6:2c:30:7a:f4:2b:59:0c:49:
22:d4:1f:1c:64:f2:dc:78:17:98:93:bb:0e:84:18:
33:8f:b7:ae:79:92:4e:ed:20:d2:dc:6a:17:36:a2:
46:eb:d7:9c:85:10:f2:ed:05:e0:d1:53:62:f8:9c:
fb:fb:d7:68:d8:4f:10:63:0b:d3:68:4f:b2:a5:82:
d6:eb:79:34:60:d2:8d:6f:45:5f:27:51:14:65:49:
8d:ea:89:d9:eb:04:73:24:79:2f:45:55:c7:db:0d:
bb:67:23:85:d9:03:bf:07:79:0c:4d:7a:4c:13:c8:
bb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:28:FC:67:00:DC:51:6A:9B:12:91:E3:61:F3:94:71:FD:2A:60:2B
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Xyj8ZwDcUWqbEpHjYfOUcf0qYCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.251.72.0/24
Signature Algorithm: sha256WithRSAEncryption
47:11:33:07:3b:43:f8:92:ed:50:55:5b:8c:f5:1c:d6:01:d8:
cb:92:7b:7b:05:b5:b5:65:40:a9:7e:dd:32:62:2a:0e:65:5e:
65:9e:a7:03:da:c9:a3:9f:88:22:3f:48:e2:8e:9d:1a:ca:5a:
f1:f8:aa:17:be:e7:36:4d:df:41:19:8d:44:82:10:40:7c:85:
27:91:ec:a5:37:16:fc:46:1d:78:d1:72:38:28:1c:16:02:be:
43:80:66:6c:98:7f:e8:7c:98:ff:30:1f:a6:84:9d:84:18:0c:
77:98:07:4b:86:ee:c0:bf:0b:6d:90:52:6d:69:59:2d:a1:00:
18:29:c0:51:d7:e0:8a:ab:03:c4:fe:77:cf:af:d2:6a:39:a6:
cb:a3:a3:ed:42:47:44:04:61:c1:61:2b:cc:cd:c8:44:9d:69:
ea:20:0f:4a:29:3e:60:77:08:1c:44:52:78:b6:89:ea:80:7e:
97:08:82:78:7a:b8:e4:b7:8c:56:c2:f9:1b:89:68:8a:9e:68:
13:b6:14:30:52:fb:0b:2a:17:eb:76:80:4b:77:2b:05:67:c7:
3c:3e:ff:f6:ad:6f:44:82:6b:c3:9d:19:92:22:7a:8f:d1:2c:
29:22:74:d1:ad:af:ae:15:e7:4c:8d:31:8c:59:56:47:6f:ea:
f2:9b:d7:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKBJHcy0S9V5MfBLNhvShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI4ZmM2NzAwZGM1MTZhOWIxMjkxZTM2MWYzOTQ3MWZkMmE2MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdRqW/4TiqGh/Fs0rJN2cevLoKVS
v1VCRGzWOmdi5847NomERlouPOzqXZHHiXlVp0yqoGtgPBhBjySW8yiArfb9oPA1
UU64TVmdFuOVmkSBFHl4FWISGy1HxLKgnTxNabiBv5cClpINkOccF2KJsnZwgWq8
EKnwJJ8c/yCgBqIGDUcrVrdj5lay2IDGLDB69CtZDEki1B8cZPLceBeYk7sOhBgz
j7eueZJO7SDS3GoXNqJG69echRDy7QXg0VNi+Jz7+9do2E8QYwvTaE+ypYLW63k0
YNKNb0VfJ1EUZUmN6onZ6wRzJHkvRVXH2w27ZyOF2QO/B3kMTXpME8i7iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8o/GcA3FFqmxKR42HzlHH9KmArMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvWHlqOFp3RGNVV3FiRXBIallmT1VjZjBxWUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/tIMA0G
CSqGSIb3DQEBCwUAA4IBAQBHETMHO0P4ku1QVVuM9RzWAdjLknt7BbW1ZUCpft0y
YioOZV5lnqcD2smjn4giP0jijp0aylrx+KoXvuc2Td9BGY1EghBAfIUnkeylNxb8
Rh140XI4KBwWAr5DgGZsmH/ofJj/MB+mhJ2EGAx3mAdLhu7AvwttkFJtaVktoQAY
KcBR1+CKqwPE/nfPr9JqOabLo6PtQkdEBGHBYSvMzchEnWnqIA9KKT5gdwgcRFJ4
tonqgH6XCIJ4erjkt4xWwvkbiWiKnmgTthQwUvsLKhfrdoBLdysFZ8c8Pv/2rW9E
gmvDnRmSInqP0SwpInTRra+uFedMjTGMWVZHb+rym9cp
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:29 2025 by rpki-client