Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XbO5uxRXr_KMlaiB8Da6QOoN3_0.roa
File: XbO5uxRXr_KMlaiB8Da6QOoN3_0.roa (raw, json)
Hash identifier: gsKkB4l3mqKSulocNcAV5ehpnj61otuh5GBUx8v8W24=
Subject key identifier: 5D:B3:B9:BB:14:57:AF:F2:8C:95:A8:81:F0:36:BA:40:EA:0D:DF:FD
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0195FFFEE63084914B6BC2864B044CF56A67
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XbO5uxRXr_KMlaiB8Da6QOoN3_0.roa
Signing time: Fri 04 Apr 2025 08:50:49 +0000
ROA not before: Fri 04 Apr 2025 08:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.31.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:fe:e6:30:84:91:4b:6b:c2:86:4b:04:4c:f5:6a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 4 08:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5db3b9bb1457aff28c95a881f036ba40ea0ddffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:07:2b:70:3d:83:d1:c1:dd:ab:76:b1:27:
44:1a:e6:4d:c7:bf:5a:63:5c:87:19:67:91:20:dc:
14:90:03:85:4f:21:e3:65:88:40:14:0a:12:47:d2:
39:87:02:50:73:f8:96:49:12:f6:47:49:16:11:34:
b0:aa:36:98:e7:6a:d8:81:b2:6d:98:9c:f1:2b:5a:
0b:63:1c:8f:30:99:8d:b3:b8:41:38:1c:44:34:c4:
4d:ef:1d:78:8b:c3:15:e4:0a:fe:42:62:47:5b:20:
75:96:d1:20:07:03:38:cc:5e:4f:f8:7f:7f:bc:0e:
8a:8f:0c:0b:83:3f:4a:cc:f4:b4:dd:77:c9:e8:96:
e8:12:cd:bd:41:87:7f:d5:18:90:0a:94:a5:ec:c7:
29:6f:35:d0:96:0b:d6:35:76:4d:b9:7e:e2:a9:db:
7b:9f:a2:09:b8:fc:0a:3d:d9:9c:1e:88:4a:6a:67:
e8:dd:28:46:7a:a2:c9:cd:1c:fd:15:4b:83:e7:93:
d8:18:00:27:04:36:b4:d0:7a:2b:2f:f7:6d:07:f2:
92:46:68:b7:e8:f2:5b:4d:09:9a:2b:ee:c5:cb:54:
10:77:3f:56:09:a7:01:8d:4a:7e:72:00:1a:fd:ed:
04:58:b6:6c:6c:87:05:1e:d4:16:f5:0a:3f:8a:37:
ea:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B3:B9:BB:14:57:AF:F2:8C:95:A8:81:F0:36:BA:40:EA:0D:DF:FD
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XbO5uxRXr_KMlaiB8Da6QOoN3_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.31.0/24
87.229.125.0/24
Signature Algorithm: sha256WithRSAEncryption
69:59:7e:dc:d7:73:b6:98:a9:57:bd:38:a5:b2:2a:d7:7c:e0:
7c:f8:66:4c:c2:6b:d5:38:5e:df:a3:3a:97:2b:3b:1b:c2:a1:
38:05:3f:92:69:1c:e9:0b:1a:5c:e0:f8:18:d3:c4:f2:69:9b:
5b:98:ca:60:63:0b:5f:4b:13:4f:3a:fe:36:fc:a3:85:08:9c:
e9:f1:bc:f9:74:7d:18:ac:12:53:37:53:19:1b:64:01:18:e4:
82:de:cf:18:cf:0b:f1:19:49:cb:44:0c:43:79:7e:21:65:2d:
35:ab:85:13:f9:26:d4:33:ba:ad:de:d4:ca:d0:db:12:0e:9d:
48:1b:a9:9c:89:d6:ce:d2:6c:92:d8:a5:5a:8c:77:80:99:bf:
f5:ec:ac:dc:03:4c:90:54:da:e3:e8:1c:f5:01:8f:a1:f4:82:
bd:f7:b1:79:77:28:9a:6d:d8:5d:6f:92:4d:cb:a5:30:bf:16:
9a:04:c6:b1:fe:6c:d4:b2:7b:5a:e9:69:e7:da:c7:58:6a:aa:
f5:1b:ba:93:a8:0b:ed:5e:81:f1:87:d5:45:87:21:49:66:6f:
70:76:3e:a9:a7:6e:35:5a:29:56:88:42:97:78:d7:18:16:0f:
84:c0:02:71:20:11:92:e9:b1:17:03:84:ed:c5:45:88:83:86:
2a:7f:2a:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX//uYwhJFLa8KGSwRM9WpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDA0MDg1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIzYjliYjE0NTdhZmYyOGM5NWE4ODFmMDM2YmE0MGVhMGRkZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFQHK3A9g9HB3at2sSdEGuZNx79a
Y1yHGWeRINwUkAOFTyHjZYhAFAoSR9I5hwJQc/iWSRL2R0kWETSwqjaY52rYgbJt
mJzxK1oLYxyPMJmNs7hBOBxENMRN7x14i8MV5Ar+QmJHWyB1ltEgBwM4zF5P+H9/
vA6KjwwLgz9KzPS03XfJ6JboEs29QYd/1RiQCpSl7McpbzXQlgvWNXZNuX7iqdt7
n6IJuPwKPdmcHohKamfo3ShGeqLJzRz9FUuD55PYGAAnBDa00HorL/dtB/KSRmi3
6PJbTQmaK+7Fy1QQdz9WCacBjUp+cgAa/e0EWLZsbIcFHtQW9Qo/ijfqoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF2zubsUV6/yjJWogfA2ukDqDd/9MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWGJPNXV4UlhyX0tNbGFpQjhEYTZRT29OM18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCV+UIAwQA
V+UfAwQAV+V9MA0GCSqGSIb3DQEBCwUAA4IBAQBpWX7c13O2mKlXvTilsirXfOB8
+GZMwmvVOF7fozqXKzsbwqE4BT+SaRzpCxpc4PgY08TyaZtbmMpgYwtfSxNPOv42
/KOFCJzp8bz5dH0YrBJTN1MZG2QBGOSC3s8YzwvxGUnLRAxDeX4hZS01q4UT+SbU
M7qt3tTK0NsSDp1IG6mcidbO0myS2KVajHeAmb/17KzcA0yQVNrj6Bz1AY+h9IK9
97F5dyiabdhdb5JNy6UwvxaaBMax/mzUsnta6Wnn2sdYaqr1G7qTqAvtXoHxh9VF
hyFJZm9wdj6pp241WilWiEKXeNcYFg+EwAJxIBGS6bEXA4TtxUWIg4Yqfyol
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:17:59 2025 by rpki-client