Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/bXLXdbvFGFR0FszgHn84rVBOGio.roa
File: bXLXdbvFGFR0FszgHn84rVBOGio.roa (raw, json)
Hash identifier: nmNBpS+PbDPDefHKYKNVtxbPVQnu+QoIycRrjJFcsBw=
Subject key identifier: 6D:72:D7:75:BB:C5:18:54:74:16:CC:E0:1E:7F:38:AD:50:4E:1A:2A
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 01942522053D73F16ACFBEAEA85EFA1EE386
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/bXLXdbvFGFR0FszgHn84rVBOGio.roa
Signing time: Thu 02 Jan 2025 03:49:34 +0000
ROA not before: Thu 02 Jan 2025 03:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 00:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:05:3d:73:f1:6a:cf:be:ae:a8:5e:fa:1e:e3:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 2 03:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d72d775bbc518547416cce01e7f38ad504e1a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5f:0c:06:1c:ea:9d:d1:34:44:58:1e:ab:60:
38:ee:c3:e8:87:3c:d1:be:6b:cc:9c:41:9d:62:1e:
4d:73:b5:ee:37:40:4c:aa:ca:09:4d:4b:25:09:de:
ac:09:fd:e6:4b:51:c5:f0:af:cf:e4:72:64:4c:53:
55:59:f6:e3:83:e1:2a:8c:b8:21:f1:01:f5:91:c9:
10:94:df:53:9f:1e:eb:2b:92:2f:1e:d9:3f:f4:2b:
2b:f0:d4:80:2c:fa:6c:47:a5:5a:5e:65:41:f6:db:
c7:2c:a1:87:5d:8e:7e:86:68:86:0b:ca:f8:ed:53:
d8:90:12:b1:55:1a:fb:df:7e:7d:16:2e:45:53:0d:
7b:ca:2d:d8:97:d5:dd:13:21:0f:83:ca:56:66:1d:
1c:29:1b:17:0a:03:d7:ff:66:3c:e1:22:cd:ed:9e:
df:4f:6a:cd:2c:91:d7:f1:57:ce:6b:ac:ce:69:da:
93:d0:8f:a0:69:d5:7b:e3:bf:60:56:83:f6:31:c6:
0e:eb:db:f5:1a:b0:0c:6e:68:3b:2e:ea:2d:b2:73:
89:0f:0e:83:c3:8c:b0:05:76:8d:b9:b4:a5:37:67:
dd:14:14:b4:65:20:e9:3b:e3:a7:b5:34:5f:01:b7:
d4:81:18:4f:c6:8b:35:27:db:9b:18:a3:9f:d9:44:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:72:D7:75:BB:C5:18:54:74:16:CC:E0:1E:7F:38:AD:50:4E:1A:2A
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/bXLXdbvFGFR0FszgHn84rVBOGio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:d2:4e:4f:87:71:85:4a:e8:9e:62:5b:94:53:11:25:cf:17:
ce:bb:b7:32:4a:5d:df:e4:4d:1a:f8:a1:04:5b:4f:73:59:d2:
bd:77:1d:b2:7b:88:ef:fa:ef:6f:5b:1b:a6:cf:04:78:3c:c1:
b6:7a:d1:ff:84:28:c0:63:d5:2d:96:74:a4:10:48:4a:56:54:
fb:03:00:dd:0d:5e:19:7f:5a:49:65:b8:41:e7:63:48:c8:b0:
77:1d:ff:e5:f9:a1:b5:78:d5:24:cf:62:00:33:5a:45:f7:e9:
64:1b:a6:6a:3f:e2:05:db:43:72:18:06:5d:f7:33:ed:e6:6d:
a6:f1:95:e9:82:af:27:fe:08:0c:44:8f:8e:68:30:71:94:04:
e9:9b:58:52:91:75:71:a9:29:65:ce:07:5d:87:87:00:d4:b8:
a5:bb:19:c2:ff:55:73:f4:a2:f3:af:c8:72:1e:82:21:5a:1f:
c6:85:e1:7e:90:da:14:c3:66:b1:ee:b4:76:de:92:b2:d7:43:
48:4b:dd:59:78:9a:95:8f:f8:20:5c:b2:a2:fd:e8:71:24:3c:
86:27:df:d2:7a:fa:a9:84:ec:fe:69:60:46:4c:96:04:6f:fa:
33:84:28:f6:9a:5d:20:68:2a:8f:45:73:a9:95:5b:af:57:fe:
1a:fb:5d:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgU9c/Fqz76uqF76HuOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjUwMTAyMDM0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDcyZDc3NWJiYzUxODU0NzQxNmNjZTAxZTdmMzhhZDUwNGUxYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn18MBhzqndE0RFgeq2A47sPohzzR
vmvMnEGdYh5Nc7XuN0BMqsoJTUslCd6sCf3mS1HF8K/P5HJkTFNVWfbjg+EqjLgh
8QH1kckQlN9Tnx7rK5IvHtk/9Csr8NSALPpsR6VaXmVB9tvHLKGHXY5+hmiGC8r4
7VPYkBKxVRr73359Fi5FUw17yi3Yl9XdEyEPg8pWZh0cKRsXCgPX/2Y84SLN7Z7f
T2rNLJHX8VfOa6zOadqT0I+gadV7479gVoP2McYO69v1GrAMbmg7LuotsnOJDw6D
w4ywBXaNubSlN2fdFBS0ZSDpO+OntTRfAbfUgRhPxos1J9ubGKOf2URrMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1y13W7xRhUdBbM4B5/OK1QThoqMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvYlhMWGRidkZHRlIwRnN6Z0huODRyVkJPR2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQA90k5Ph3GFSuieYluUUxElzxfOu7cySl3f5E0a+KEE
W09zWdK9dx2ye4jv+u9vWxumzwR4PMG2etH/hCjAY9UtlnSkEEhKVlT7AwDdDV4Z
f1pJZbhB52NIyLB3Hf/l+aG1eNUkz2IAM1pF9+lkG6ZqP+IF20NyGAZd9zPt5m2m
8ZXpgq8n/ggMRI+OaDBxlATpm1hSkXVxqSllzgddh4cA1LiluxnC/1Vz9KLzr8hy
HoIhWh/GheF+kNoUw2ax7rR23pKy10NIS91ZeJqVj/ggXLKi/ehxJDyGJ9/Sevqp
hOz+aWBGTJYEb/ozhCj2ml0gaCqPRXOplVuvV/4a+102
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:59:51 2025 by rpki-client