Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/Xo3ldLDsIsZwGbJ3VdetX-GULwc.roa
File: Xo3ldLDsIsZwGbJ3VdetX-GULwc.roa (raw, json)
Hash identifier: 81La9U37EUF9V2tnd1e+qs0cFhZ17T44E32Wc8vicAU=
Subject key identifier: 5E:8D:E5:74:B0:EC:22:C6:70:19:B2:77:55:D7:AD:5F:E1:94:2F:07
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 019422FBAAAA9D157255B7E89C18DFF84C7B
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/Xo3ldLDsIsZwGbJ3VdetX-GULwc.roa
Signing time: Wed 01 Jan 2025 17:48:25 +0000
ROA not before: Wed 01 Jan 2025 17:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 164.18.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:aa:aa:9d:15:72:55:b7:e8:9c:18:df:f8:4c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jan 1 17:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e8de574b0ec22c67019b27755d7ad5fe1942f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:4c:60:fb:f0:e0:9e:c7:25:81:58:66:8a:
aa:b5:43:27:1d:85:69:3f:96:f7:12:8e:58:0e:a0:
62:2a:d0:7c:9f:bf:d1:3c:d3:31:1c:84:27:18:2c:
5e:f5:1d:2f:4e:46:26:cf:8e:4c:9f:b0:cc:9c:b1:
87:14:a9:b7:25:4a:ff:08:0d:91:f5:6b:69:80:77:
3f:8f:f4:22:0e:18:d1:0b:6d:15:57:0b:cc:b0:86:
2c:24:33:a4:56:a9:7a:bc:91:85:25:ed:0b:a9:43:
e5:d7:48:13:09:00:91:1c:7f:b4:0d:14:a2:4b:9a:
8c:bd:7f:be:5e:e5:f9:3d:79:e5:3b:d2:1b:62:6b:
8a:b5:6f:86:0a:3f:e3:d4:01:40:29:45:f0:90:18:
c3:e8:49:4e:2f:2e:0d:6d:99:17:09:a1:32:0d:fd:
e8:09:0d:6b:1d:98:a4:1b:ff:00:33:f7:55:8d:e4:
af:52:2f:0e:fb:55:94:72:75:64:91:7e:72:e7:f9:
b2:62:fd:8c:72:69:d7:79:29:51:2c:0d:70:8a:40:
70:fa:3c:de:0d:5a:fd:38:30:bb:6f:6b:48:3a:5c:
28:6f:ca:89:89:75:21:7c:bb:5f:97:1c:c3:3c:52:
8b:01:89:52:ee:c6:8e:2d:50:b6:a2:1a:ae:2a:35:
5b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8D:E5:74:B0:EC:22:C6:70:19:B2:77:55:D7:AD:5F:E1:94:2F:07
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/Xo3ldLDsIsZwGbJ3VdetX-GULwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.48.0/24
Signature Algorithm: sha256WithRSAEncryption
17:50:cc:52:82:6f:e5:5a:52:b5:a1:b2:fa:af:c8:60:9e:9d:
b9:4b:91:f2:57:06:ab:e1:69:7e:46:fa:84:72:8b:e2:e8:fa:
8d:b7:59:75:86:0e:52:bc:59:45:c6:b4:ec:e2:36:bd:87:6d:
b4:32:b0:6e:c9:34:3b:22:5d:72:ef:c2:88:9e:9c:e8:d2:91:
c2:1a:5c:c3:4f:6e:b1:f2:19:60:47:c6:6e:7e:a1:a5:27:52:
7e:f6:97:77:10:b8:28:7f:ac:29:3d:74:46:f3:62:4b:b8:6c:
fc:24:63:59:e4:61:8c:60:f2:dc:16:0d:46:cd:f1:2b:27:eb:
a2:f5:b0:2f:c9:65:cc:a3:56:7f:d0:8b:14:4e:03:b2:fd:85:
4b:b6:fa:aa:75:d8:e9:f6:6d:72:84:2c:82:5f:0d:fe:3a:62:
ef:34:98:9e:1b:80:5f:11:ff:1c:f7:52:75:09:11:fa:2d:07:
ed:74:b3:e2:f6:ba:e7:87:6c:66:4b:45:0e:1d:0f:f9:8d:2d:
23:ca:57:a7:79:f5:d0:36:6e:86:cf:19:f2:6e:7d:9d:69:7a:
10:b3:ac:df:b5:73:69:46:20:a6:7d:0f:42:e5:30:6e:0f:79:
87:6b:d9:7d:27:f1:5b:aa:53:98:51:4d:5e:9e:9d:30:9f:c3:
e5:90:f4:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+6qqnRVyVbfonBjf+Ex7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjUwMTAxMTc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThkZTU3NGIwZWMyMmM2NzAxOWIyNzc1NWQ3YWQ1ZmUxOTQyZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH9MYPvw4J7HJYFYZoqqtUMnHYVp
P5b3Eo5YDqBiKtB8n7/RPNMxHIQnGCxe9R0vTkYmz45Mn7DMnLGHFKm3JUr/CA2R
9WtpgHc/j/QiDhjRC20VVwvMsIYsJDOkVql6vJGFJe0LqUPl10gTCQCRHH+0DRSi
S5qMvX++XuX5PXnlO9IbYmuKtW+GCj/j1AFAKUXwkBjD6ElOLy4NbZkXCaEyDf3o
CQ1rHZikG/8AM/dVjeSvUi8O+1WUcnVkkX5y5/myYv2McmnXeSlRLA1wikBw+jze
DVr9ODC7b2tIOlwob8qJiXUhfLtflxzDPFKLAYlS7saOLVC2ohquKjVb/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6N5XSw7CLGcBmyd1XXrV/hlC8HMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvWG8zbGRMRHNJc1p3R2JKM1ZkZXRYLUdVTHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApBIwMA0G
CSqGSIb3DQEBCwUAA4IBAQAXUMxSgm/lWlK1obL6r8hgnp25S5HyVwar4Wl+RvqE
covi6PqNt1l1hg5SvFlFxrTs4ja9h220MrBuyTQ7Il1y78KInpzo0pHCGlzDT26x
8hlgR8ZufqGlJ1J+9pd3ELgof6wpPXRG82JLuGz8JGNZ5GGMYPLcFg1GzfErJ+ui
9bAvyWXMo1Z/0IsUTgOy/YVLtvqqddjp9m1yhCyCXw3+OmLvNJieG4BfEf8c91J1
CRH6LQftdLPi9rrnh2xmS0UOHQ/5jS0jylenefXQNm6Gzxnybn2daXoQs6zftXNp
RiCmfQ9C5TBuD3mHa9l9J/FbqlOYUU1enp0wn8PlkPSD
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:45:33 2025 by rpki-client