Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/X6SMQ0jEGeZDJ_4uYPtUEXmYusc.roa
File: X6SMQ0jEGeZDJ_4uYPtUEXmYusc.roa (raw, json)
Hash identifier: FdAgr11itjQmO3uyq8UgNfN1pT9LErTuoVrKYdZ843k=
Subject key identifier: 5F:A4:8C:43:48:C4:19:E6:43:27:FE:2E:60:FB:54:11:79:98:BA:C7
Certificate issuer: /CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Certificate serial: 019425FC1C119B96FEEA76BFC6DBFE2328DF
Authority key identifier: 96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/X6SMQ0jEGeZDJ_4uYPtUEXmYusc.roa
Signing time: Thu 02 Jan 2025 07:47:46 +0000
ROA not before: Thu 02 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213222
IP address blocks: 91.220.113.0/24 maxlen: 24
176.126.120.0/24 maxlen: 24
2a06:ef00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/licbYtGOSsd8YQlpDqrkzDTQ6bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/licbYtGOSsd8YQlpDqrkzDTQ6bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 23:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1c:11:9b:96:fe:ea:76:bf:c6:db:fe:23:28:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Validity
Not Before: Jan 2 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa48c4348c419e64327fe2e60fb54117998bac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8a:5b:ec:02:f7:49:7f:77:40:f9:b8:bd:ad:
55:24:a4:25:61:71:41:a3:fe:ab:0b:0e:46:5e:fc:
95:5b:5d:e9:0c:0e:21:a4:16:bc:cf:f2:fa:59:d2:
30:d0:d0:d9:48:3f:8c:ee:39:52:7a:90:d2:73:7c:
33:ed:81:e7:8f:a6:fd:88:d5:7a:1c:f7:98:e0:dd:
1a:73:ef:51:26:25:95:c4:02:94:ed:00:17:af:4e:
3d:9a:30:7c:82:e9:6a:df:33:88:5c:d6:56:65:d4:
0e:a5:6c:06:ad:6d:0d:7c:be:89:75:f1:d8:ab:80:
c9:48:6b:e9:bf:3f:71:92:2e:5a:71:05:9c:f0:7e:
19:e5:ec:53:a3:fa:60:49:32:8c:28:10:f1:2d:87:
6a:ab:9a:2a:01:fc:e9:b1:51:d8:38:a0:18:89:c2:
b1:ba:9c:af:e6:69:c5:14:4e:6a:74:e0:aa:f4:68:
54:c4:80:22:82:a7:25:6c:94:15:dc:e8:fa:8b:9f:
98:59:99:68:4a:03:c4:85:51:2d:6d:7b:f8:87:6a:
8e:17:6c:8c:80:42:80:f5:82:8b:86:a4:d6:d7:d9:
fd:2b:6a:5b:90:2e:ff:bf:ec:56:7a:71:20:fc:82:
32:f4:bf:0f:ec:f9:4c:ba:87:ee:1a:a6:52:a9:9f:
69:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A4:8C:43:48:C4:19:E6:43:27:FE:2E:60:FB:54:11:79:98:BA:C7
X509v3 Authority Key Identifier:
keyid:96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/X6SMQ0jEGeZDJ_4uYPtUEXmYusc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/licbYtGOSsd8YQlpDqrkzDTQ6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.113.0/24
176.126.120.0/24
IPv6:
2a06:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
a6:57:97:e3:f2:be:87:8b:01:c2:91:4b:14:29:a2:2a:25:31:
23:c0:be:0d:6f:e3:ac:83:e9:ba:23:bd:cf:3e:21:46:1a:a6:
87:fc:19:75:6c:3e:50:36:b1:d9:ea:d6:cf:ff:f7:af:87:10:
a6:e1:8f:bc:2a:30:c4:74:bc:88:38:7e:ba:e7:d4:39:ff:f4:
4a:a0:ac:48:55:9d:9a:e6:61:3d:d5:94:fe:6f:f1:b1:95:22:
46:59:4f:15:0d:cc:9e:d7:ef:5b:50:10:36:47:04:05:60:6c:
18:84:30:96:88:6d:0b:06:f8:32:0f:c6:eb:7a:59:9f:50:ea:
7f:e8:2a:07:09:88:d6:79:67:23:d4:5b:bd:6e:4f:24:72:6c:
6b:8a:f3:d7:99:f6:c9:50:70:d4:ec:7c:08:05:21:db:44:84:
be:21:d6:47:f9:de:b9:67:45:f3:b4:11:f2:39:a2:ff:30:db:
47:f9:3a:83:fb:57:7e:38:b1:30:b6:18:ba:a1:e3:e5:8a:0e:
49:6d:51:96:b3:6c:9b:91:7d:1a:ff:d7:c6:23:71:8c:64:70:
1d:f9:15:3a:4b:23:92:f0:e1:e0:fc:7b:ed:70:fe:fa:15:fa:
9b:f6:63:26:8c:31:05:44:94:e0:95:48:67:94:aa:c7:29:b1:
9b:bd:fa:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/BwRm5b+6na/xtv+IyjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MjcxYjYyZDE4ZTRhYzc3YzYxMDk2OTBlYWFlNGNjMzRk
MGU5YjYwHhcNMjUwMTAyMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE0OGM0MzQ4YzQxOWU2NDMyN2ZlMmU2MGZiNTQxMTc5OThiYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkopb7AL3SX93QPm4va1VJKQlYXFB
o/6rCw5GXvyVW13pDA4hpBa8z/L6WdIw0NDZSD+M7jlSepDSc3wz7YHnj6b9iNV6
HPeY4N0ac+9RJiWVxAKU7QAXr049mjB8gulq3zOIXNZWZdQOpWwGrW0NfL6JdfHY
q4DJSGvpvz9xki5acQWc8H4Z5exTo/pgSTKMKBDxLYdqq5oqAfzpsVHYOKAYicKx
upyv5mnFFE5qdOCq9GhUxIAigqclbJQV3Oj6i5+YWZloSgPEhVEtbXv4h2qOF2yM
gEKA9YKLhqTW19n9K2pbkC7/v+xWenEg/IIy9L8P7PlMuofuGqZSqZ9pxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF+kjENIxBnmQyf+LmD7VBF5mLrHMB8GA1UdIwQY
MBaAFJYnG2LRjkrHfGEJaQ6q5Mw00Om2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMt
MWNhM2ZiYmZiYTNmLzEvWDZTTVEwakVHZVpESl80dVlQdFVFWG1ZdXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMtMWNhM2ZiYmZiYTNm
LzEvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9xxAwQA
sH54MA0EAgACMAcDBQMqBu8AMA0GCSqGSIb3DQEBCwUAA4IBAQCmV5fj8r6HiwHC
kUsUKaIqJTEjwL4Nb+Osg+m6I73PPiFGGqaH/Bl1bD5QNrHZ6tbP//evhxCm4Y+8
KjDEdLyIOH6659Q5//RKoKxIVZ2a5mE91ZT+b/GxlSJGWU8VDcye1+9bUBA2RwQF
YGwYhDCWiG0LBvgyD8brelmfUOp/6CoHCYjWeWcj1Fu9bk8kcmxrivPXmfbJUHDU
7HwIBSHbRIS+IdZH+d65Z0XztBHyOaL/MNtH+TqD+1d+OLEwthi6oePlig5JbVGW
s2ybkX0a/9fGI3GMZHAd+RU6SyOS8OHg/HvtcP76Ffqb9mMmjDEFRJTglUhnlKrH
KbGbvfp3
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:48:18 2025 by rpki-client