Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/xm2GnCrITkLspXymDcS4A7YJbbI.roa
File: xm2GnCrITkLspXymDcS4A7YJbbI.roa (raw, json)
Hash identifier: +DAgDZIg9Wj4wTdH4O9JnrjTmjk3rUCiBhMUo5eAXI8=
Subject key identifier: C6:6D:86:9C:2A:C8:4E:42:EC:A5:7C:A6:0D:C4:B8:03:B6:09:6D:B2
Certificate issuer: /CN=f6eb355344f355f2c5f1c6b0ba8c309c1143c6c7
Certificate serial: 019420D6357AF8950DB9C9755408DB8B8EB9
Authority key identifier: F6:EB:35:53:44:F3:55:F2:C5:F1:C6:B0:BA:8C:30:9C:11:43:C6:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9us1U0TzVfLF8cawuowwnBFDxsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/xm2GnCrITkLspXymDcS4A7YJbbI.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43872
IP address blocks: 91.201.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/9us1U0TzVfLF8cawuowwnBFDxsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/9us1U0TzVfLF8cawuowwnBFDxsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9us1U0TzVfLF8cawuowwnBFDxsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:35:7a:f8:95:0d:b9:c9:75:54:08:db:8b:8e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6eb355344f355f2c5f1c6b0ba8c309c1143c6c7
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c66d869c2ac84e42eca57ca60dc4b803b6096db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:68:78:36:27:d4:5c:11:5f:7c:1f:ba:d7:ee:
dd:e1:58:4a:cc:4f:c2:70:47:4f:55:31:c3:29:8f:
77:5d:42:77:02:85:b4:d3:94:64:0e:92:af:64:7b:
e4:36:01:0b:0c:46:50:60:6e:1d:09:43:2e:91:68:
3e:e7:55:e1:9f:88:c9:b3:ee:11:54:28:79:7d:75:
8c:26:59:e9:6d:73:92:95:25:7c:96:e7:a2:d7:2d:
a6:c4:d1:0d:ba:4b:e6:cf:2b:36:5f:84:9a:34:26:
7b:69:e3:97:5c:f7:74:09:15:2a:0a:3e:5b:3b:5b:
a3:c1:9a:36:1d:60:bf:73:d7:50:fa:28:44:8c:72:
a0:51:93:16:50:65:e3:90:6d:db:30:24:7b:9e:0f:
02:32:44:fc:0f:e0:7e:62:14:76:d3:da:51:ad:92:
93:25:85:d8:43:bb:2f:51:ef:38:44:f4:4a:58:de:
c3:3c:ab:07:30:27:1d:18:ba:5d:14:f1:dc:78:6c:
81:0c:ae:3c:f4:f4:25:1e:59:b8:41:e2:ae:3c:c2:
f9:c7:1e:9d:a0:9a:1a:24:f9:b1:44:7d:aa:3b:df:
4c:f8:4a:f3:d1:60:1d:04:fb:b6:21:4d:ce:84:f1:
e0:66:b6:3f:5d:97:e0:1b:5e:18:6e:33:d2:f3:7f:
82:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6D:86:9C:2A:C8:4E:42:EC:A5:7C:A6:0D:C4:B8:03:B6:09:6D:B2
X509v3 Authority Key Identifier:
keyid:F6:EB:35:53:44:F3:55:F2:C5:F1:C6:B0:BA:8C:30:9C:11:43:C6:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9us1U0TzVfLF8cawuowwnBFDxsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/xm2GnCrITkLspXymDcS4A7YJbbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/810cf1-cf41-4cbb-a53a-493da9cc4c0c/1/9us1U0TzVfLF8cawuowwnBFDxsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.105.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f4:af:72:34:f1:54:d2:77:22:a8:6b:0a:c7:01:bf:70:42:
ec:69:43:bd:d6:a5:91:67:ab:39:53:f2:ab:e8:cf:0b:5d:22:
d5:6a:ce:a6:47:f1:f1:d8:33:76:37:1e:8f:00:42:80:a3:99:
c1:84:50:2e:0d:ef:f4:e6:ab:72:52:26:9d:07:ad:2b:17:b2:
8f:23:f8:16:5d:1f:86:b4:4e:32:13:4b:d1:ec:dd:0d:36:84:
bf:98:b6:e1:3f:38:9f:31:ad:bf:26:c1:0f:9f:8d:89:06:16:
aa:3f:61:35:7c:dc:18:c7:f0:35:39:1e:02:a3:c5:ff:17:cb:
96:e0:1f:ad:c8:6d:32:68:24:28:50:7a:05:01:ec:ef:86:26:
9b:95:b0:4e:1e:01:56:56:f8:f8:3b:5f:80:99:e2:ca:47:56:
d0:5e:23:c1:71:33:f0:18:f2:46:c8:57:3a:d7:18:fb:28:9f:
a7:00:24:55:7e:3b:cf:9b:e2:e7:40:ec:cc:fa:e2:cb:a4:b4:
9a:48:9f:60:7b:c0:81:07:2a:93:ea:63:0f:c0:32:5f:cb:59:
f0:02:44:b9:b6:c5:fc:4b:eb:8d:c8:09:37:e1:c5:7e:7e:8e:
ce:00:e5:b6:05:69:84:95:ae:3a:9c:45:57:9d:79:34:bf:f9:
91:96:48:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1jV6+JUNucl1VAjbi465MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZWIzNTUzNDRmMzU1ZjJjNWYxYzZiMGJhOGMzMDljMTE0
M2M2YzcwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZkODY5YzJhYzg0ZTQyZWNhNTdjYTYwZGM0YjgwM2I2MDk2ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2h4NifUXBFffB+61+7d4VhKzE/C
cEdPVTHDKY93XUJ3AoW005RkDpKvZHvkNgELDEZQYG4dCUMukWg+51Xhn4jJs+4R
VCh5fXWMJlnpbXOSlSV8luei1y2mxNENukvmzys2X4SaNCZ7aeOXXPd0CRUqCj5b
O1ujwZo2HWC/c9dQ+ihEjHKgUZMWUGXjkG3bMCR7ng8CMkT8D+B+YhR209pRrZKT
JYXYQ7svUe84RPRKWN7DPKsHMCcdGLpdFPHceGyBDK489PQlHlm4QeKuPML5xx6d
oJoaJPmxRH2qO99M+Erz0WAdBPu2IU3OhPHgZrY/XZfgG14YbjPS83+C/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZthpwqyE5C7KV8pg3EuAO2CW2yMB8GA1UdIwQY
MBaAFPbrNVNE81XyxfHGsLqMMJwRQ8bHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXVzMVUwVHpWZkxGOGNhd3Vvd3duQkZEeHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MTBjZjEtY2Y0MS00Y2JiLWE1M2Et
NDkzZGE5Y2M0YzBjLzEveG0yR25DcklUa0xzcFh5bURjUzRBN1lKYmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84MTBjZjEtY2Y0MS00Y2JiLWE1M2EtNDkzZGE5Y2M0YzBj
LzEvOXVzMVUwVHpWZkxGOGNhd3Vvd3duQkZEeHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8lpMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ9K9yNPFU0nciqGsKxwG/cELsaUO91qWRZ6s5U/Kr
6M8LXSLVas6mR/Hx2DN2Nx6PAEKAo5nBhFAuDe/05qtyUiadB60rF7KPI/gWXR+G
tE4yE0vR7N0NNoS/mLbhPzifMa2/JsEPn42JBhaqP2E1fNwYx/A1OR4Co8X/F8uW
4B+tyG0yaCQoUHoFAezvhiablbBOHgFWVvj4O1+AmeLKR1bQXiPBcTPwGPJGyFc6
1xj7KJ+nACRVfjvPm+LnQOzM+uLLpLSaSJ9ge8CBByqT6mMPwDJfy1nwAkS5tsX8
S+uNyAk34cV+fo7OAOW2BWmEla46nEVXnXk0v/mRlkih
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:04:05 2025 by rpki-client