Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xqJvMehEaxNCvv8nspTX_Lsf0Ro.roa
File: xqJvMehEaxNCvv8nspTX_Lsf0Ro.roa (raw, json)
Hash identifier: WvdRQRLU0muhP/E/hdEXMm0bUaMDfT2zSq+1ZZPBALs=
Subject key identifier: C6:A2:6F:31:E8:44:6B:13:42:BE:FF:27:B2:94:D7:FC:BB:1F:D1:1A
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195C7FAFE5EAB61B1237E105CA716E63B4D
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xqJvMehEaxNCvv8nspTX_Lsf0Ro.roa
Signing time: Mon 24 Mar 2025 11:47:49 +0000
ROA not before: Mon 24 Mar 2025 11:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210415
IP address blocks: 45.10.104.0/23 maxlen: 23
45.80.80.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
89.42.113.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
185.226.192.0/24 maxlen: 24
201.49.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:fa:fe:5e:ab:61:b1:23:7e:10:5c:a7:16:e6:3b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 24 11:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6a26f31e8446b1342beff27b294d7fcbb1fd11a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fa:7e:7d:b4:e4:ba:b9:2b:4b:3e:86:86:c4:
42:8b:84:2f:76:25:27:33:05:05:15:00:73:2a:ff:
f4:d9:92:62:d8:9e:bd:2e:d9:e2:19:59:3e:a2:f8:
e8:f1:ca:95:0f:14:71:37:e0:52:97:75:6f:0c:d4:
7c:6b:89:99:8a:09:c7:35:10:aa:49:0d:4e:cb:be:
82:78:8d:b6:4a:e9:24:5c:b2:db:b3:aa:60:08:ae:
2f:c1:86:eb:be:bb:69:22:10:17:65:a5:5d:10:68:
be:71:d6:d6:b4:96:16:c1:19:64:1f:07:70:7a:52:
3c:98:bb:ce:8a:d8:58:ad:47:a6:9f:8e:71:9d:70:
ad:b7:41:f1:77:e9:f3:b8:02:3b:c9:05:29:9d:68:
1f:aa:4e:9d:c9:09:88:21:e3:42:08:dd:8f:37:a5:
7f:39:e7:73:c3:b0:77:b2:a4:94:0b:a0:7b:0c:84:
59:ad:9f:95:d0:56:d6:63:68:9c:f4:cc:ab:16:8a:
bc:aa:63:8f:90:f4:c1:a6:c8:5f:56:db:7d:34:15:
38:c7:13:31:c7:a3:bb:97:18:36:4f:b7:2a:a6:06:
06:8a:96:49:c0:40:fc:a5:bb:c8:79:2c:7c:59:e8:
01:0f:95:8b:85:ef:a1:d4:6a:82:c8:c2:59:e6:ba:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A2:6F:31:E8:44:6B:13:42:BE:FF:27:B2:94:D7:FC:BB:1F:D1:1A
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xqJvMehEaxNCvv8nspTX_Lsf0Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/23
45.80.80.0/24
80.66.125.0/24
89.42.113.0/24
178.19.42.0/24
185.226.192.0/24
201.49.188.0/24
Signature Algorithm: sha256WithRSAEncryption
65:3e:3d:5e:7e:ea:0c:c6:8c:30:77:de:3f:7f:10:63:64:cb:
1f:8e:4c:58:cc:e0:80:85:db:69:09:fb:54:24:e1:ed:b8:15:
e2:c3:90:e9:99:db:36:5e:33:47:c9:fb:2c:ac:86:44:9d:ae:
b8:73:6c:83:ed:ab:ad:71:0f:28:1f:e8:3d:37:d6:d9:84:91:
e0:d8:ef:61:44:99:b1:a3:d6:24:da:8f:f7:3d:58:26:82:03:
dd:55:e3:ec:ee:38:f9:ff:b7:b4:dd:2c:48:ac:f8:ae:f5:39:
d7:63:4a:53:f0:3e:57:f8:b7:0b:46:ae:71:ed:48:04:15:d7:
c2:c0:47:27:32:a8:a2:b6:7c:71:ea:52:11:71:37:12:4b:99:
39:2d:be:4b:7c:d3:28:9f:82:92:c5:27:ab:af:27:6b:22:81:
0a:66:0a:99:a2:db:ae:d0:f3:3a:a0:21:8c:b1:fe:41:1b:05:
ad:48:58:03:c3:ce:36:a0:54:43:df:5c:17:c3:ff:7e:bf:d0:
0a:e7:70:c5:da:27:38:bd:ca:10:1e:48:93:89:42:08:71:2d:
a9:71:92:3a:72:25:18:3d:a7:7d:0f:78:a2:23:3c:69:18:a2:
7a:32:2b:37:9e:eb:fe:30:b2:be:ae:42:d8:08:51:8a:1c:0d:
ef:01:01:ba
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZXH+v5eq2GxI34QXKcW5jtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzI0MTE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmEyNmYzMWU4NDQ2YjEzNDJiZWZmMjdiMjk0ZDdmY2JiMWZkMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vp+fbTkurkrSz6GhsRCi4QvdiUn
MwUFFQBzKv/02ZJi2J69LtniGVk+ovjo8cqVDxRxN+BSl3VvDNR8a4mZignHNRCq
SQ1Oy76CeI22SukkXLLbs6pgCK4vwYbrvrtpIhAXZaVdEGi+cdbWtJYWwRlkHwdw
elI8mLvOithYrUemn45xnXCtt0Hxd+nzuAI7yQUpnWgfqk6dyQmIIeNCCN2PN6V/
Oedzw7B3sqSUC6B7DIRZrZ+V0FbWY2ic9MyrFoq8qmOPkPTBpshfVtt9NBU4xxMx
x6O7lxg2T7cqpgYGipZJwED8pbvIeSx8WegBD5WLhe+h1GqCyMJZ5rpdxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMaibzHoRGsTQr7/J7KU1/y7H9EaMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveHFKdk1laEVheE5DdnY4bnNwVFhfTHNmMFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLQpoAwQA
LVBQAwQAUEJ9AwQAWSpxAwQAshMqAwQAueLAAwQAyTG8MA0GCSqGSIb3DQEBCwUA
A4IBAQBlPj1efuoMxowwd94/fxBjZMsfjkxYzOCAhdtpCftUJOHtuBXiw5Dpmds2
XjNHyfssrIZEna64c2yD7autcQ8oH+g9N9bZhJHg2O9hRJmxo9Yk2o/3PVgmggPd
VePs7jj5/7e03SxIrPiu9TnXY0pT8D5X+LcLRq5x7UgEFdfCwEcnMqiitnxx6lIR
cTcSS5k5Lb5LfNMon4KSxSerrydrIoEKZgqZotuu0PM6oCGMsf5BGwWtSFgDw842
oFRD31wXw/9+v9AK53DF2ic4vcoQHkiTiUIIcS2pcZI6ciUYPad9D3iiIzxpGKJ6
Mis3nuv+MLK+rkLYCFGKHA3vAQG6
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:42:03 2025 by rpki-client