Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/Xje5uU3T9TbH4JJyT4gZJ5Wfu20.roa
File: Xje5uU3T9TbH4JJyT4gZJ5Wfu20.roa (raw, json)
Hash identifier: GIEcr4GCOYUurd6bJwNhKNeysjD37nKkx50Iee+P/nk=
Subject key identifier: 5E:37:B9:B9:4D:D3:F5:36:C7:E0:92:72:4F:88:19:27:95:9F:BB:6D
Certificate issuer: /CN=af6eaeff123ca67446d0e49401e495057078e174
Certificate serial: 0195DC2112988EEFEFB017A64AA466B13BBA
Authority key identifier: AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/Xje5uU3T9TbH4JJyT4gZJ5Wfu20.roa
Signing time: Fri 28 Mar 2025 09:41:49 +0000
ROA not before: Fri 28 Mar 2025 09:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30962
IP address blocks: 93.89.4.0/22 maxlen: 22
93.89.4.0/24 maxlen: 24
93.89.5.0/24 maxlen: 24
93.89.6.0/24 maxlen: 24
93.89.7.0/24 maxlen: 24
2a0b:2300::/32 maxlen: 32
2a0b:2301::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 18:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:21:12:98:8e:ef:ef:b0:17:a6:4a:a4:66:b1:3b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6eaeff123ca67446d0e49401e495057078e174
Validity
Not Before: Mar 28 09:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e37b9b94dd3f536c7e092724f881927959fbb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:71:bc:ab:cb:05:85:5f:e6:e7:c7:96:6a:
f9:5e:64:f5:54:bf:9d:54:62:77:96:b4:a3:3a:ba:
bc:bc:e6:7e:80:c9:d8:c4:0f:b4:71:b5:32:94:65:
47:6b:96:96:10:1b:4a:22:c5:af:8c:d3:d1:a7:25:
d8:86:e1:32:aa:fc:71:49:e5:db:63:25:33:b1:b2:
34:b5:91:77:e4:45:89:e3:69:d4:cc:d2:f5:c2:d6:
20:d1:e4:ac:1e:5a:ff:0c:44:45:f0:0f:2c:38:7c:
5b:29:ba:82:8b:ff:79:85:a1:89:79:dd:c0:7d:0f:
33:33:da:11:70:49:a3:26:11:71:cf:49:41:fc:a4:
da:38:7e:b2:87:d1:be:1c:d2:e5:f5:69:bc:20:24:
51:9d:b5:32:6a:a6:a6:1a:1e:ab:58:23:09:f3:e2:
b6:7f:56:2d:a5:b6:d4:5e:a7:ea:9e:28:5b:a8:38:
01:94:2c:99:37:30:48:dc:ca:34:23:be:4a:7f:b8:
22:58:8e:ef:0e:62:ac:10:07:3c:9b:e3:f7:f0:fb:
d1:7c:be:4b:11:96:9d:59:b3:8e:1f:b0:8b:2a:df:
7a:65:0c:7c:23:84:0b:13:70:ee:98:b1:7c:3e:a2:
07:d1:ca:b1:14:4a:39:03:e2:7c:ce:78:fe:ac:55:
ff:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:37:B9:B9:4D:D3:F5:36:C7:E0:92:72:4F:88:19:27:95:9F:BB:6D
X509v3 Authority Key Identifier:
keyid:AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/Xje5uU3T9TbH4JJyT4gZJ5Wfu20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.4.0/22
IPv6:
2a0b:2300::/31
Signature Algorithm: sha256WithRSAEncryption
74:b0:67:96:b9:18:bd:d1:d1:29:e1:49:67:3e:ad:87:42:e0:
53:5b:c0:b1:df:f6:e4:6c:8d:9c:66:15:8a:43:24:2c:3e:5a:
c2:e2:1f:21:4c:33:23:04:1f:14:e3:46:06:8d:62:74:8f:cf:
29:62:f4:c8:fb:ac:e7:ca:2b:23:0a:13:7a:16:57:54:2a:44:
20:26:a9:24:eb:10:a1:3c:14:db:b7:75:9c:38:d2:d5:12:67:
4a:f7:03:d4:d7:e4:35:e7:39:69:7b:5d:73:5a:cd:c2:37:43:
51:24:47:a4:8f:1d:6e:0d:5d:1b:47:31:48:53:84:06:6a:ca:
e1:38:d6:34:4c:33:7c:be:dd:23:0c:39:8a:ca:8d:d1:4a:aa:
5e:64:cd:60:8a:99:31:d8:0c:f6:62:67:f1:b7:d5:13:12:04:
29:9e:97:b3:3f:3b:47:4d:b1:e3:9f:8c:81:50:10:e0:fa:1a:
b3:9f:f4:52:5a:28:50:1c:94:4d:d2:fc:6f:d9:b7:66:e8:3d:
f4:79:74:a5:10:93:a2:31:a7:12:e7:49:17:f8:a9:a3:a5:36:
9f:31:8c:01:c0:2c:59:05:dc:fe:61:f0:0d:a2:2f:f8:5e:16:
e6:51:6a:8a:73:34:62:0f:2e:f1:4b:d4:c4:c6:7d:c9:57:e5:
c3:c4:6d:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXcIRKYju/vsBemSqRmsTu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmVhZWZmMTIzY2E2NzQ0NmQwZTQ5NDAxZTQ5NTA1NzA3
OGUxNzQwHhcNMjUwMzI4MDk0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM3YjliOTRkZDNmNTM2YzdlMDkyNzI0Zjg4MTkyNzk1OWZiYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok1xvKvLBYVf5ufHlmr5XmT1VL+d
VGJ3lrSjOrq8vOZ+gMnYxA+0cbUylGVHa5aWEBtKIsWvjNPRpyXYhuEyqvxxSeXb
YyUzsbI0tZF35EWJ42nUzNL1wtYg0eSsHlr/DERF8A8sOHxbKbqCi/95haGJed3A
fQ8zM9oRcEmjJhFxz0lB/KTaOH6yh9G+HNLl9Wm8ICRRnbUyaqamGh6rWCMJ8+K2
f1YtpbbUXqfqnihbqDgBlCyZNzBI3Mo0I75Kf7giWI7vDmKsEAc8m+P38PvRfL5L
EZadWbOOH7CLKt96ZQx8I4QLE3DumLF8PqIH0cqxFEo5A+J8znj+rFX/hwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF43ublN0/U2x+CSck+IGSeVn7ttMB8GA1UdIwQY
MBaAFK9urv8SPKZ0RtDklAHklQVweOF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUt
NGVmNDdmYzRiZDdmLzEvWGplNXVVM1Q5VGJINEpKeVQ0Z1pKNVdmdTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUtNGVmNDdmYzRiZDdm
LzEvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXVkEMA0E
AgACMAcDBQEqCyMAMA0GCSqGSIb3DQEBCwUAA4IBAQB0sGeWuRi90dEp4UlnPq2H
QuBTW8Cx3/bkbI2cZhWKQyQsPlrC4h8hTDMjBB8U40YGjWJ0j88pYvTI+6znyisj
ChN6FldUKkQgJqkk6xChPBTbt3WcONLVEmdK9wPU1+Q15zlpe11zWs3CN0NRJEek
jx1uDV0bRzFIU4QGasrhONY0TDN8vt0jDDmKyo3RSqpeZM1gipkx2Az2Ymfxt9UT
EgQpnpezPztHTbHjn4yBUBDg+hqzn/RSWihQHJRN0vxv2bdm6D30eXSlEJOiMacS
50kX+KmjpTafMYwBwCxZBdz+YfANoi/4XhbmUWqKczRiDy7xS9TExn3JV+XDxG29
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:25:46 2025 by rpki-client