Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/1-6XFLoPOdCVTnXJMZNU0hBiKubk.roa
File: 1-6XFLoPOdCVTnXJMZNU0hBiKubk.roa (raw, json)
Hash identifier: OxkphaRHymUnb8SN18Gdla2SO6vLVqs5y/4vbMpFmm4=
Subject key identifier: FB:A5:C5:2E:83:CE:74:25:53:9D:72:4C:64:D5:34:84:18:8A:B9:B9
Certificate issuer: /CN=8831d621d192f92db093d933092c1e236b4d497b
Certificate serial: 019541F13922AA740CFEC925248F54684B7D
Authority key identifier: 88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/1-6XFLoPOdCVTnXJMZNU0hBiKubk.roa
Signing time: Wed 26 Feb 2025 11:08:02 +0000
ROA not before: Wed 26 Feb 2025 11:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39798
IP address blocks: 5.181.156.0/22 maxlen: 24
5.252.176.0/22 maxlen: 24
94.158.244.0/22 maxlen: 24
185.163.44.0/22 maxlen: 24
185.225.16.0/22 maxlen: 24
194.180.157.0/24 maxlen: 24
194.180.158.0/24 maxlen: 24
194.180.174.0/24 maxlen: 24
194.180.191.0/24 maxlen: 24
2001:67c:2db8::/48 maxlen: 48
2a0a:c800::/29 maxlen: 48
2a0a:c802:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:f1:39:22:aa:74:0c:fe:c9:25:24:8f:54:68:4b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8831d621d192f92db093d933092c1e236b4d497b
Validity
Not Before: Feb 26 11:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fba5c52e83ce7425539d724c64d53484188ab9b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:84:7c:ce:1b:76:87:e4:99:50:d1:eb:23:
50:59:80:74:d4:04:af:20:f7:f9:58:4c:2d:10:f8:
0f:7e:ef:ee:63:81:94:e0:64:54:ca:f3:85:79:5b:
88:ee:6d:4b:f8:19:f1:4a:b2:6a:bc:11:23:f5:a9:
42:7a:09:cd:61:02:5e:b1:fa:ab:4f:6d:99:68:4f:
19:db:d0:41:9e:e4:66:7b:0e:c2:bd:5e:7c:e2:e3:
b0:96:dc:24:a1:b3:df:d3:0c:51:07:81:02:22:e2:
c5:47:5a:1a:31:c2:a6:25:f7:90:0b:09:17:d2:25:
83:1b:0b:0f:ea:f1:90:f4:c4:c9:c5:1c:e2:4d:ff:
5e:e6:86:e9:47:49:ec:aa:69:52:76:43:c6:d0:b6:
dc:60:af:39:da:74:63:e0:3d:ca:3f:92:a4:8a:20:
eb:8d:b0:ce:df:42:8d:b1:54:d0:77:db:48:34:32:
ca:90:aa:8a:f5:7b:fa:75:40:ca:5e:5b:f6:b5:40:
bc:07:b6:2f:42:e3:e2:65:81:80:f6:5b:e1:cd:97:
bb:5a:f2:17:34:27:69:0e:03:b6:7d:49:44:3b:be:
ff:97:17:8c:cc:3b:55:ed:39:ad:60:de:b4:23:11:
fd:fa:db:76:b4:36:e2:a7:8a:24:48:d6:02:23:16:
cb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A5:C5:2E:83:CE:74:25:53:9D:72:4C:64:D5:34:84:18:8A:B9:B9
X509v3 Authority Key Identifier:
keyid:88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/1-6XFLoPOdCVTnXJMZNU0hBiKubk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.156.0/22
5.252.176.0/22
94.158.244.0/22
185.163.44.0/22
185.225.16.0/22
194.180.157.0-194.180.158.255
194.180.174.0/24
194.180.191.0/24
IPv6:
2001:67c:2db8::/48
2a0a:c800::/29
Signature Algorithm: sha256WithRSAEncryption
17:45:03:be:95:f9:73:d3:1a:b0:49:56:af:d6:4d:af:9b:04:
82:8f:35:3d:ad:f2:60:45:0b:ff:24:30:44:61:58:7d:3f:97:
59:31:6b:14:df:45:9e:f5:a0:d9:40:20:bc:9c:d4:8b:cb:af:
b2:15:2a:7e:58:61:14:24:d3:41:b9:6c:ac:37:07:47:41:23:
6d:9d:de:b5:d3:cd:35:fb:7e:23:d7:80:44:e5:c0:b4:ea:7e:
66:d8:9a:4e:7a:9d:b4:86:c4:90:18:0e:16:9a:a1:aa:a2:b3:
7b:03:04:76:c2:02:1a:0d:a9:27:ba:a0:4d:1a:80:bc:6c:12:
23:00:7b:b2:e6:c9:1a:91:43:85:ca:ad:24:80:75:e3:92:cf:
05:e1:f9:45:63:81:ad:6d:85:76:bc:6f:84:28:88:51:37:72:
9b:f6:db:e9:62:b9:a1:98:01:0f:b0:89:70:98:79:4a:ec:af:
36:40:29:eb:c2:6f:58:26:e9:6e:57:38:6b:5f:1d:bd:5b:9f:
fc:4b:cc:de:b0:28:39:34:4b:ce:35:8e:e3:1f:e6:ff:a3:de:
1c:fc:ce:04:e4:fe:eb:e8:5f:17:19:82:dd:88:8a:c5:56:69:
14:b9:98:f5:02:c4:4e:dd:67:14:2e:05:e6:69:bf:72:f2:ee:
8f:19:1b:90
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZVB8TkiqnQM/sklJI9UaEt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MzFkNjIxZDE5MmY5MmRiMDkzZDkzMzA5MmMxZTIzNmI0
ZDQ5N2IwHhcNMjUwMjI2MTEwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE1YzUyZTgzY2U3NDI1NTM5ZDcyNGM2NGQ1MzQ4NDE4OGFiOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjiEfM4bdofkmVDR6yNQWYB01ASv
IPf5WEwtEPgPfu/uY4GU4GRUyvOFeVuI7m1L+BnxSrJqvBEj9alCegnNYQJesfqr
T22ZaE8Z29BBnuRmew7CvV584uOwltwkobPf0wxRB4ECIuLFR1oaMcKmJfeQCwkX
0iWDGwsP6vGQ9MTJxRziTf9e5obpR0nsqmlSdkPG0LbcYK852nRj4D3KP5KkiiDr
jbDO30KNsVTQd9tINDLKkKqK9Xv6dUDKXlv2tUC8B7YvQuPiZYGA9lvhzZe7WvIX
NCdpDgO2fUlEO77/lxeMzDtV7TmtYN60IxH9+tt2tDbip4okSNYCIxbLJQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFPulxS6DznQlU51yTGTVNIQYirm5MB8GA1UdIwQY
MBaAFIgx1iHRkvktsJPZMwksHiNrTUl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaURIV0lkR1MtUzJ3azlrekNTd2VJMnROU1hzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS80NDA3ODEtZjYxNC00NTBkLTlkOWYt
MmI4NzYxZDhhMTM3LzEvMS02WEZMb1BPZENWVG5YSk1aTlUwaEJpS3Viay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvNDQwNzgxLWY2MTQtNDUwZC05ZDlmLTJiODc2MWQ4YTEz
Ny8xL2lESFdJZEdTLVMyd2s5a3pDU3dlSTJ0TlNYcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwPgQCAAEwOAMEAgW1nAME
AgX8sAMEAl6e9AMEArmjLAMEArnhEDAMAwQAwrSdAwQAwrSeAwQAwrSuAwQAwrS/
MBYEAgACMBADBwAgAQZ8LbgDBQMqCsgAMA0GCSqGSIb3DQEBCwUAA4IBAQAXRQO+
lflz0xqwSVav1k2vmwSCjzU9rfJgRQv/JDBEYVh9P5dZMWsU30We9aDZQCC8nNSL
y6+yFSp+WGEUJNNBuWysNwdHQSNtnd610801+34j14BE5cC06n5m2JpOep20hsSQ
GA4WmqGqorN7AwR2wgIaDaknuqBNGoC8bBIjAHuy5skakUOFyq0kgHXjks8F4flF
Y4GtbYV2vG+EKIhRN3Kb9tvpYrmhmAEPsIlwmHlK7K82QCnrwm9YJuluVzhrXx29
W5/8S8zesCg5NEvONY7jH+b/o94c/M4E5P7r6F8XGYLdiIrFVmkUuZj1AsRO3WcU
LgXmab9y8u6PGRuQ
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:57:24 2025 by rpki-client