Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/xuTySrtO69FPOcG6SUnZEPsSQ9o.roa
File: xuTySrtO69FPOcG6SUnZEPsSQ9o.roa (raw, json)
Hash identifier: luyQlxdtnhbzwgU08jLpwvc2YYpUGSiEGEb8snEjI6A=
Subject key identifier: C6:E4:F2:4A:BB:4E:EB:D1:4F:39:C1:BA:49:49:D9:10:FB:12:43:DA
Certificate issuer: /CN=342e6536b2e74220ef4b092bc090cc4c250f3ed6
Certificate serial: 0195B00D34107484E45F0C84FC48AFF31F8D
Authority key identifier: 34:2E:65:36:B2:E7:42:20:EF:4B:09:2B:C0:90:CC:4C:25:0F:3E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/xuTySrtO69FPOcG6SUnZEPsSQ9o.roa
Signing time: Wed 19 Mar 2025 20:16:49 +0000
ROA not before: Wed 19 Mar 2025 20:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59816
IP address blocks: 185.70.132.0/22 maxlen: 22
185.241.36.0/24 maxlen: 24
185.241.37.0/24 maxlen: 24
185.241.38.0/24 maxlen: 24
185.251.224.0/22 maxlen: 22
185.251.225.0/24 maxlen: 24
185.251.226.0/24 maxlen: 24
185.254.88.0/22 maxlen: 22
194.147.120.0/22 maxlen: 22
194.147.120.0/24 maxlen: 24
194.147.121.0/24 maxlen: 24
194.147.122.0/24 maxlen: 24
2a05:2a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b0:0d:34:10:74:84:e4:5f:0c:84:fc:48:af:f3:1f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=342e6536b2e74220ef4b092bc090cc4c250f3ed6
Validity
Not Before: Mar 19 20:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6e4f24abb4eebd14f39c1ba4949d910fb1243da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c4:e2:66:00:4b:21:d1:44:4d:2c:d0:72:54:
ff:66:48:a2:f8:9d:e7:ed:28:92:97:14:b4:1c:56:
cd:77:69:68:b0:91:55:d8:a6:d2:f5:7c:2b:cc:d0:
46:e2:da:09:60:81:2e:c6:00:78:85:d0:52:c5:b6:
4d:65:30:88:49:83:7e:61:86:bd:57:57:08:f4:33:
02:8a:76:9d:a7:44:ab:25:87:68:4c:c3:ca:18:a0:
dc:93:e5:c3:43:9c:54:cd:31:46:ff:cd:7c:ff:52:
fc:ec:30:0c:df:b0:da:18:e1:cc:a0:5d:15:39:da:
e1:22:eb:eb:d0:38:9a:79:f7:e5:ea:36:f8:66:73:
22:c3:a7:77:9b:ca:3f:3a:01:5b:5f:eb:56:1b:4b:
41:25:d7:ec:df:83:50:82:d1:1e:bd:96:d4:a9:e4:
77:3d:f0:42:1f:42:79:a0:9b:28:f2:af:c9:55:bc:
91:f4:f5:51:77:26:f5:3c:fa:ce:a8:2b:e5:9f:06:
ed:c6:5a:00:19:9b:2f:54:e0:97:d6:5c:2e:4a:a3:
b6:f5:73:ee:99:22:a4:e5:48:e1:3e:0c:e5:90:7e:
33:1d:d3:e2:b9:22:f8:4f:81:32:eb:33:e7:59:17:
26:63:7e:21:8a:b7:f3:f1:62:d5:9b:7f:ca:66:79:
e3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E4:F2:4A:BB:4E:EB:D1:4F:39:C1:BA:49:49:D9:10:FB:12:43:DA
X509v3 Authority Key Identifier:
keyid:34:2E:65:36:B2:E7:42:20:EF:4B:09:2B:C0:90:CC:4C:25:0F:3E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/xuTySrtO69FPOcG6SUnZEPsSQ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.132.0/22
185.241.36.0-185.241.38.255
185.251.224.0/22
185.254.88.0/22
194.147.120.0/22
IPv6:
2a05:2a00::/29
Signature Algorithm: sha256WithRSAEncryption
11:7b:5f:57:ca:a0:0f:35:ea:ae:91:e6:58:69:27:4b:84:2f:
50:a5:89:26:ff:6c:b7:f9:61:ba:42:a6:dc:b8:4e:64:6d:03:
42:8e:84:88:6c:51:21:f7:71:b9:8a:77:46:a7:0d:bb:34:fd:
5d:44:d5:58:47:aa:27:7b:87:15:95:6b:39:e3:88:6e:21:69:
da:a5:71:de:ab:38:ee:69:d6:11:f9:f4:a8:fd:c0:ad:db:4f:
c3:fb:5d:f4:ff:17:ab:11:84:70:a5:46:3b:91:7a:97:79:93:
88:ec:91:62:2a:73:84:84:ab:64:a0:ab:2c:e2:d6:95:63:b7:
a5:40:c3:de:32:86:82:46:35:36:00:19:f8:4c:32:9b:2d:54:
f3:37:63:35:dc:97:7f:3b:e4:f0:f7:36:06:ff:47:51:83:1d:
d5:a9:47:39:e0:a3:10:5d:c0:90:60:ce:ad:3e:0b:59:4a:79:
81:94:35:c6:98:e7:66:8d:2c:60:ac:1f:9c:d0:e6:ea:91:86:
5b:0d:e4:74:e4:b3:be:e7:a6:05:60:07:04:e1:8f:9f:c7:54:
54:1e:7d:22:e2:e0:26:93:c5:ae:81:f9:09:e0:41:15:26:63:
81:92:6d:32:4c:ce:26:c1:f3:5b:44:30:0c:36:93:be:53:47:
73:cd:7e:06
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZWwDTQQdITkXwyE/Eiv8x+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MmU2NTM2YjJlNzQyMjBlZjRiMDkyYmMwOTBjYzRjMjUw
ZjNlZDYwHhcNMjUwMzE5MjAxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU0ZjI0YWJiNGVlYmQxNGYzOWMxYmE0OTQ5ZDkxMGZiMTI0M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcTiZgBLIdFETSzQclT/Zkii+J3n
7SiSlxS0HFbNd2losJFV2KbS9XwrzNBG4toJYIEuxgB4hdBSxbZNZTCISYN+YYa9
V1cI9DMCinadp0SrJYdoTMPKGKDck+XDQ5xUzTFG/818/1L87DAM37DaGOHMoF0V
OdrhIuvr0Diaeffl6jb4ZnMiw6d3m8o/OgFbX+tWG0tBJdfs34NQgtEevZbUqeR3
PfBCH0J5oJso8q/JVbyR9PVRdyb1PPrOqCvlnwbtxloAGZsvVOCX1lwuSqO29XPu
mSKk5UjhPgzlkH4zHdPiuSL4T4Ey6zPnWRcmY34hirfz8WLVm3/KZnnjjwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMbk8kq7TuvRTznBuklJ2RD7EkPaMB8GA1UdIwQY
MBaAFDQuZTay50Ig70sJK8CQzEwlDz7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkM1bE5yTG5RaUR2U3drcndKRE1UQ1VQUHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mOTQ2MmItMzc0OS00NGJiLTg0ZWUt
ZWNkOGEyNDc0YTAyLzEveHVUeVNydE82OUZQT2NHNlNVblpFUHNTUTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mOTQ2MmItMzc0OS00NGJiLTg0ZWUtZWNkOGEyNDc0YTAy
LzEvTkM1bE5yTG5RaUR2U3drcndKRE1UQ1VQUHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuUaEMAwD
BAK58SQDBAC58SYDBAK5++ADBAK5/lgDBALCk3gwDQQCAAIwBwMFAyoFKgAwDQYJ
KoZIhvcNAQELBQADggEBABF7X1fKoA816q6R5lhpJ0uEL1CliSb/bLf5YbpCpty4
TmRtA0KOhIhsUSH3cbmKd0anDbs0/V1E1VhHqid7hxWVaznjiG4hadqlcd6rOO5p
1hH59Kj9wK3bT8P7XfT/F6sRhHClRjuRepd5k4jskWIqc4SEq2Sgqyzi1pVjt6VA
w94yhoJGNTYAGfhMMpstVPM3YzXcl3875PD3Ngb/R1GDHdWpRzngoxBdwJBgzq0+
C1lKeYGUNcaY52aNLGCsH5zQ5uqRhlsN5HTks77npgVgBwThj5/HVFQefSLi4CaT
xa6B+QngQRUmY4GSbTJMzibB81tEMAw2k75TR3PNfgY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:21:09 2025 by rpki-client