Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XGOuHgklPAXFF9PgAhcplLrpo5E.roa
File: XGOuHgklPAXFF9PgAhcplLrpo5E.roa (raw, json)
Hash identifier: Pv9wp2//FIn+5bdveKZPF+ZeW5gxmAnJZ0pNFRghqZU=
Subject key identifier: 5C:63:AE:1E:09:25:3C:05:C5:17:D3:E0:02:17:29:94:BA:E9:A3:91
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0195FAAD82DFC3090C98FF385843CC77FA89
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XGOuHgklPAXFF9PgAhcplLrpo5E.roa
Signing time: Thu 03 Apr 2025 08:03:49 +0000
ROA not before: Thu 03 Apr 2025 08:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 86.110.36.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:ad:82:df:c3:09:0c:98:ff:38:58:43:cc:77:fa:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Apr 3 08:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c63ae1e09253c05c517d3e002172994bae9a391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d0:57:54:0d:b1:e7:c9:91:bd:b2:8a:9f:39:
7b:92:ec:88:8a:c1:6e:9c:59:f2:6e:63:91:94:11:
2b:78:d2:51:b0:59:52:54:21:9e:f5:af:27:08:8d:
0e:33:c2:04:5d:e5:2a:9a:d5:de:7d:fe:0a:dd:c3:
7b:6d:49:d6:9a:9b:51:fb:2e:7a:c1:e2:29:b8:fa:
b4:10:38:3d:0e:2f:a8:e3:f3:42:04:b1:a7:cf:93:
17:8c:00:9f:99:eb:dd:ba:6f:40:f7:85:12:e1:b9:
d1:33:75:49:35:e3:98:cb:78:c2:04:c7:ea:17:00:
0c:c7:22:96:48:aa:dd:e9:c1:c8:41:10:19:da:8d:
09:a6:f4:2e:f2:90:d7:62:8b:9c:4c:70:08:1f:5e:
f6:b1:d6:33:b9:98:e5:78:f4:c6:ca:4a:5b:fb:cf:
1c:d5:b2:96:df:2a:ef:ca:32:91:f0:01:92:f9:0f:
5b:bb:f4:68:e4:bf:82:da:64:cb:3e:97:7d:5c:6a:
26:0e:35:2a:8d:7c:ec:8a:77:64:1d:29:44:11:8d:
17:10:7c:3b:fd:3e:58:00:42:52:68:d7:a7:99:ef:
8e:e3:da:7f:58:9d:58:7e:94:01:48:91:1b:d1:72:
44:16:58:84:e6:cf:f3:06:04:2b:09:10:80:39:4f:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:63:AE:1E:09:25:3C:05:C5:17:D3:E0:02:17:29:94:BA:E9:A3:91
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XGOuHgklPAXFF9PgAhcplLrpo5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.36.0/24
86.110.44.0/24
86.110.46.0/24
Signature Algorithm: sha256WithRSAEncryption
33:4b:11:f8:f1:ef:f1:c6:5d:0c:45:00:a4:b3:21:e1:69:ef:
b3:db:7d:95:ea:a7:93:fd:70:df:a6:49:26:99:5f:ef:c8:59:
e6:6a:0d:cc:12:0c:ad:bc:00:e0:7b:62:32:90:4b:2b:fa:f7:
66:ec:23:3e:7d:c2:08:d1:31:a2:85:33:2b:7c:00:bf:8e:b3:
47:bf:d0:b3:e3:c3:40:01:50:4d:7e:37:cf:79:f2:e5:e1:bc:
37:21:71:bf:f8:5f:cd:e2:32:28:97:ea:88:19:6c:c8:92:1d:
ae:0e:56:8f:b5:54:c4:99:b0:bf:63:b0:5a:da:47:e5:0a:fc:
36:5a:24:9e:92:00:4e:9d:ce:e9:5d:11:ae:b5:cd:46:fb:31:
56:fe:90:b9:48:75:e0:d5:65:f2:61:ce:b0:ee:3c:24:92:95:
31:8f:f0:08:cc:ac:27:f9:de:7c:03:a3:2f:cd:5c:e7:99:0f:
82:a5:f1:e7:c6:27:ec:8b:cb:b1:18:ce:02:1f:6a:7d:b9:e0:
1c:b9:6c:1a:b8:96:0c:fc:5f:81:0f:67:7f:4f:7a:48:80:67:
09:1a:52:87:f7:cc:3f:75:1b:55:ec:e4:4e:0e:9c:db:81:a3:
47:38:a3:5e:6d:7a:fe:77:7d:e2:fe:e8:f7:72:49:6c:5b:13:
eb:2c:89:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX6rYLfwwkMmP84WEPMd/qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwNDAzMDgwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzYzYWUxZTA5MjUzYzA1YzUxN2QzZTAwMjE3Mjk5NGJhZTlhMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dBXVA2x58mRvbKKnzl7kuyIisFu
nFnybmORlBEreNJRsFlSVCGe9a8nCI0OM8IEXeUqmtXeff4K3cN7bUnWmptR+y56
weIpuPq0EDg9Di+o4/NCBLGnz5MXjACfmevdum9A94US4bnRM3VJNeOYy3jCBMfq
FwAMxyKWSKrd6cHIQRAZ2o0JpvQu8pDXYoucTHAIH172sdYzuZjlePTGykpb+88c
1bKW3yrvyjKR8AGS+Q9bu/Ro5L+C2mTLPpd9XGomDjUqjXzsindkHSlEEY0XEHw7
/T5YAEJSaNenme+O49p/WJ1YfpQBSJEb0XJEFliE5s/zBgQrCRCAOU9TDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFxjrh4JJTwFxRfT4AIXKZS66aORMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvWEdPdUhna2xQQVhGRjlQZ0FoY3BsTHJwbzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVm4kAwQA
Vm4sAwQAVm4uMA0GCSqGSIb3DQEBCwUAA4IBAQAzSxH48e/xxl0MRQCksyHhae+z
232V6qeT/XDfpkkmmV/vyFnmag3MEgytvADge2IykEsr+vdm7CM+fcII0TGihTMr
fAC/jrNHv9Cz48NAAVBNfjfPefLl4bw3IXG/+F/N4jIol+qIGWzIkh2uDlaPtVTE
mbC/Y7Ba2kflCvw2WiSekgBOnc7pXRGutc1G+zFW/pC5SHXg1WXyYc6w7jwkkpUx
j/AIzKwn+d58A6MvzVznmQ+CpfHnxifsi8uxGM4CH2p9ueAcuWwauJYM/F+BD2d/
T3pIgGcJGlKH98w/dRtV7ORODpzbgaNHOKNebXr+d33i/uj3cklsWxPrLInL
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:35:18 2025 by rpki-client