Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/Xud5emWKez2CWje3_uKElUeeYZM.roa
File: Xud5emWKez2CWje3_uKElUeeYZM.roa (raw, json)
Hash identifier: JEEaFQSLgyko90PuBT5aCnY8R+bLlVoo/ly+wTonPTM=
Subject key identifier: 5E:E7:79:7A:65:8A:7B:3D:82:5A:37:B7:FE:E2:84:95:47:9E:61:93
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 019440C152DFD85C9D70E122BB5FF81EB19B
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/Xud5emWKez2CWje3_uKElUeeYZM.roa
Signing time: Tue 07 Jan 2025 12:33:19 +0000
ROA not before: Tue 07 Jan 2025 12:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209968
IP address blocks: 2a09:be41::/32 maxlen: 48
2a09:be42::/31 maxlen: 48
2a09:be44::/30 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a0e:ec04::/31 maxlen: 48
2a12:49c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:c1:52:df:d8:5c:9d:70:e1:22:bb:5f:f8:1e:b1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 7 12:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee7797a658a7b3d825a37b7fee28495479e6193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:de:7e:ed:85:03:c9:71:2b:bd:b8:0d:f3:
ce:14:21:26:68:bb:78:c6:ac:5b:79:51:14:0d:35:
41:73:df:5d:ec:1f:8f:92:69:19:63:d5:1b:3f:75:
91:a9:86:92:d7:90:98:01:e4:ff:ea:57:a1:1d:20:
28:fc:7e:ba:bd:22:4f:aa:a7:3a:43:a8:8b:20:15:
93:e7:23:da:ea:20:f2:41:10:0b:62:8d:e1:60:5b:
18:16:21:5e:55:b5:8b:04:b0:8d:99:97:c3:2a:15:
b6:91:7d:52:d6:65:90:0f:0c:09:f1:ce:e2:81:6b:
8c:bc:ad:bb:f4:90:68:3f:3d:2e:a5:59:3d:10:9b:
73:1c:5d:22:cf:78:92:9f:2c:f9:1c:05:c2:50:e6:
bb:87:81:48:6d:46:a7:0b:bf:19:46:00:56:89:af:
87:21:cc:76:a0:ea:c8:5c:76:72:f9:b9:46:c7:3b:
7c:2f:58:f1:96:8b:dc:2e:44:e6:98:2c:28:d4:3e:
a3:8f:a2:22:0f:cd:f7:cb:88:18:7b:1d:cc:06:69:
15:e1:14:ad:c5:91:5b:03:0f:41:9f:50:46:91:0d:
8d:cd:a6:ee:43:89:e3:a9:09:b5:cc:77:82:b8:10:
cc:ea:98:b5:5f:f0:dd:6d:37:8c:1f:f1:ad:57:f7:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E7:79:7A:65:8A:7B:3D:82:5A:37:B7:FE:E2:84:95:47:9E:61:93
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/Xud5emWKez2CWje3_uKElUeeYZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:05:e3:e0:36:a2:95:05:82:e5:93:c8:c6:44:af:c1:4b:81:
03:4d:2b:3b:ab:d2:e8:eb:10:d6:1e:0d:37:03:0e:38:1b:ec:
af:8e:91:ef:34:84:9b:50:65:37:4e:a8:f1:34:18:3f:3a:bc:
d1:3f:b6:09:61:49:55:25:5b:30:75:e5:8e:83:70:f6:6e:04:
8f:44:0a:8b:b5:fd:3e:7e:ff:49:8d:11:fe:8e:4c:c9:b0:86:
f5:ca:af:7e:46:cb:4c:78:4c:7f:23:c2:ff:1c:62:f0:89:89:
e9:04:d0:4b:b9:2c:07:0f:99:86:b5:3e:5b:28:1b:fc:09:18:
8e:75:78:20:f3:c1:4b:9d:86:21:ad:76:06:39:b9:42:ad:bf:
b8:43:80:cc:e1:40:61:e9:0a:52:b5:e8:82:34:27:ad:b7:be:
c4:36:ab:28:76:97:e7:8f:9e:ea:06:e3:b8:a7:80:e6:32:5a:
64:4e:0f:fe:13:fd:28:2e:a1:25:83:71:4e:69:14:2e:eb:25:
27:90:7c:8a:52:20:af:9c:90:c9:44:a3:8f:82:09:45:ef:b2:
a7:d0:28:18:d5:c3:45:61:b0:56:28:2d:65:7b:a3:a7:66:2c:
9d:74:67:ca:00:04:6e:10:c6:33:8f:f7:ff:ea:3c:8e:3b:4d:
17:96:7d:c0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRAwVLf2FydcOEiu1/4HrGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjUwMTA3MTIzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU3Nzk3YTY1OGE3YjNkODI1YTM3YjdmZWUyODQ5NTQ3OWU2MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TLefu2FA8lxK724DfPOFCEmaLt4
xqxbeVEUDTVBc99d7B+PkmkZY9UbP3WRqYaS15CYAeT/6lehHSAo/H66vSJPqqc6
Q6iLIBWT5yPa6iDyQRALYo3hYFsYFiFeVbWLBLCNmZfDKhW2kX1S1mWQDwwJ8c7i
gWuMvK279JBoPz0upVk9EJtzHF0iz3iSnyz5HAXCUOa7h4FIbUanC78ZRgBWia+H
Icx2oOrIXHZy+blGxzt8L1jxlovcLkTmmCwo1D6jj6IiD833y4gYex3MBmkV4RSt
xZFbAw9Bn1BGkQ2NzabuQ4njqQm1zHeCuBDM6pi1X/DdbTeMH/GtV/dj3QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF7neXplins9glo3t/7ihJVHnmGTMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvWHVkNWVtV0tlejJDV2plM191S0VsVWVlWVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMA4DBQAqCb5B
AwUDKgm+QDANAwQCKg7sAwUBKg7sBAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEB
AJMF4+A2opUFguWTyMZEr8FLgQNNKzur0ujrENYeDTcDDjgb7K+Oke80hJtQZTdO
qPE0GD86vNE/tglhSVUlWzB15Y6DcPZuBI9ECou1/T5+/0mNEf6OTMmwhvXKr35G
y0x4TH8jwv8cYvCJiekE0Eu5LAcPmYa1PlsoG/wJGI51eCDzwUudhiGtdgY5uUKt
v7hDgMzhQGHpClK16II0J623vsQ2qyh2l+ePnuoG47ingOYyWmROD/4T/SguoSWD
cU5pFC7rJSeQfIpSIK+ckMlEo4+CCUXvsqfQKBjVw0VhsFYoLWV7o6dmLJ10Z8oA
BG4QxjOP9//qPI47TReWfcA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:44:23 2025 by rpki-client