Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/XyWUYm4k4aoyZu4exVkzUEY6NsM.roa
File: XyWUYm4k4aoyZu4exVkzUEY6NsM.roa (raw, json)
Hash identifier: nfbYF1NSykMyHcBytLNKjU++mQtuxfs2vY7BM12cSnY=
Subject key identifier: 5F:25:94:62:6E:24:E1:AA:32:66:EE:1E:C5:59:33:50:46:3A:36:C3
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 019424B368AC36BDE3C0EE44E8A6921D57D2
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/XyWUYm4k4aoyZu4exVkzUEY6NsM.roa
Signing time: Thu 02 Jan 2025 01:48:44 +0000
ROA not before: Thu 02 Jan 2025 01:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215822
IP address blocks: 84.247.57.0/24 maxlen: 24
89.34.175.0/24 maxlen: 24
89.35.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:68:ac:36:bd:e3:c0:ee:44:e8:a6:92:1d:57:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Jan 2 01:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f2594626e24e1aa3266ee1ec5593350463a36c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:de:17:01:7a:ff:22:4b:b9:7e:72:55:99:d0:
21:a5:84:0d:d8:e4:d8:63:25:70:85:60:8b:f5:28:
2d:76:37:af:38:f5:ed:b1:b5:ea:ab:d1:3e:20:57:
3e:2f:f0:45:02:e3:73:48:44:13:a6:fa:8b:66:66:
43:ae:19:0e:52:bf:14:8b:1b:8a:77:64:2e:6e:02:
d5:8f:21:88:6c:85:e9:6b:26:65:67:a8:c6:f9:a3:
3f:a5:c0:49:b1:21:bd:58:f0:1e:6a:c5:68:d5:6e:
57:bc:30:c7:70:00:de:d7:f3:e7:8b:21:8e:5e:72:
2f:e5:00:85:88:06:8e:c5:6a:94:de:b4:69:cb:e2:
03:5d:98:4e:c6:31:96:c6:84:dc:1f:0d:be:d8:a6:
a6:87:75:bf:af:2c:b8:2c:87:dc:a6:a4:57:14:36:
1a:eb:0b:d9:1b:b9:03:35:8c:b8:01:b8:f0:a7:ef:
09:c4:b4:1c:fa:ac:f6:ea:6a:29:36:3e:ac:b2:d3:
0d:29:80:ba:d0:c9:14:65:25:e0:3f:07:a9:25:a0:
a6:7e:d3:14:73:79:ff:c6:42:7b:1f:a2:bd:51:b5:
82:32:ed:e0:cb:65:a7:f1:d6:b3:cd:94:71:97:6a:
43:af:1c:44:4a:03:c8:53:4d:3b:ea:ea:b9:f0:c0:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:25:94:62:6E:24:E1:AA:32:66:EE:1E:C5:59:33:50:46:3A:36:C3
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/XyWUYm4k4aoyZu4exVkzUEY6NsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.57.0/24
89.34.175.0/24
89.35.152.0/24
Signature Algorithm: sha256WithRSAEncryption
33:44:de:87:f0:98:89:15:ee:ce:ea:be:95:da:22:2d:2d:6d:
2a:a6:fb:32:b9:35:c5:30:a3:e8:2a:30:93:a4:59:6d:e5:31:
0c:a1:6c:bd:6b:25:1f:99:18:04:03:5a:bd:8a:d3:8d:e3:54:
3e:3f:f2:16:f6:27:32:0c:a8:7a:db:ff:f7:16:4c:2e:f4:fc:
58:e9:b8:ad:5c:23:4b:b3:49:73:07:42:58:c7:71:ee:0c:d6:
dd:30:3b:32:25:1c:f1:c3:ba:87:4a:7b:6c:f1:e4:76:b6:f4:
be:b3:0b:d8:49:95:00:66:14:25:ff:b6:7f:25:f7:02:2e:f1:
fc:72:4d:b3:ef:9c:93:c8:62:12:12:c0:9e:88:db:fd:85:1d:
dd:ea:ce:7e:33:0c:8a:3b:c0:12:36:f6:b3:94:90:01:65:f4:
8f:a0:79:a9:95:41:e5:cd:3a:ed:f8:9c:77:73:8f:c0:f6:52:
5b:f9:c9:4e:b5:7a:2c:39:19:44:34:ac:43:19:09:5e:ee:9c:
ee:c1:29:0d:3b:d6:ee:f6:98:0a:32:f6:8a:7b:92:ef:83:43:
07:9c:21:fd:4b:b6:8e:61:8b:72:e2:c0:37:21:67:12:af:0c:
52:f1:4d:30:53:5a:d7:ed:ef:0a:d1:ab:68:fa:07:39:c0:a5:
5e:e5:0e:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks2isNr3jwO5E6KaSHVfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm
NTg2YzcwHhcNMjUwMTAyMDE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI1OTQ2MjZlMjRlMWFhMzI2NmVlMWVjNTU5MzM1MDQ2M2EzNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj94XAXr/Iku5fnJVmdAhpYQN2OTY
YyVwhWCL9SgtdjevOPXtsbXqq9E+IFc+L/BFAuNzSEQTpvqLZmZDrhkOUr8UixuK
d2QubgLVjyGIbIXpayZlZ6jG+aM/pcBJsSG9WPAeasVo1W5XvDDHcADe1/PniyGO
XnIv5QCFiAaOxWqU3rRpy+IDXZhOxjGWxoTcHw2+2Kamh3W/ryy4LIfcpqRXFDYa
6wvZG7kDNYy4Abjwp+8JxLQc+qz26mopNj6sstMNKYC60MkUZSXgPwepJaCmftMU
c3n/xkJ7H6K9UbWCMu3gy2Wn8dazzZRxl2pDrxxESgPIU0076uq58MABHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8llGJuJOGqMmbuHsVZM1BGOjbDMB8GA1UdIwQY
MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt
ZjYyZjM1YWY0MzcxLzEvWHlXVVltNGs0YW95WnU0ZXhWa3pVRVk2TnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx
LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVPc5AwQA
WSKvAwQAWSOYMA0GCSqGSIb3DQEBCwUAA4IBAQAzRN6H8JiJFe7O6r6V2iItLW0q
pvsyuTXFMKPoKjCTpFlt5TEMoWy9ayUfmRgEA1q9itON41Q+P/IW9icyDKh62//3
Fkwu9PxY6bitXCNLs0lzB0JYx3HuDNbdMDsyJRzxw7qHSnts8eR2tvS+swvYSZUA
ZhQl/7Z/JfcCLvH8ck2z75yTyGISEsCeiNv9hR3d6s5+MwyKO8ASNvazlJABZfSP
oHmplUHlzTrt+Jx3c4/A9lJb+clOtXosORlENKxDGQle7pzuwSkNO9bu9pgKMvaK
e5Lvg0MHnCH9S7aOYYty4sA3IWcSrwxS8U0wU1rX7e8K0ato+gc5wKVe5Q5Y
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:09:54 2025 by rpki-client