Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/Xlu1RjkLIjpUuW9uaM7jn9hmpOM.roa
File: Xlu1RjkLIjpUuW9uaM7jn9hmpOM.roa (raw, json)
Hash identifier: 4HPailMxVKUe4raNE7C7jB5qTjzwPsjAoquzi7o0XrM=
Subject key identifier: 5E:5B:B5:46:39:0B:22:3A:54:B9:6F:6E:68:CE:E3:9F:D8:66:A4:E3
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 019427B688D4F9A6E204F122C3C1D25CEC92
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/Xlu1RjkLIjpUuW9uaM7jn9hmpOM.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58322
IP address blocks: 91.106.32.0/22 maxlen: 22
91.106.32.0/23 maxlen: 23
91.106.32.0/24 maxlen: 24
91.106.33.0/24 maxlen: 24
91.106.34.0/23 maxlen: 23
91.106.34.0/24 maxlen: 24
91.106.35.0/24 maxlen: 24
91.106.40.0/21 maxlen: 21
91.106.40.0/22 maxlen: 22
91.106.40.0/23 maxlen: 23
91.106.40.0/24 maxlen: 24
91.106.41.0/24 maxlen: 24
91.106.42.0/23 maxlen: 23
91.106.42.0/24 maxlen: 24
91.106.43.0/24 maxlen: 24
91.106.44.0/22 maxlen: 22
91.106.44.0/23 maxlen: 23
91.106.44.0/24 maxlen: 24
91.106.45.0/24 maxlen: 24
91.106.46.0/23 maxlen: 23
91.106.46.0/24 maxlen: 24
91.106.47.0/24 maxlen: 24
91.106.48.0/24 maxlen: 24
91.106.50.0/24 maxlen: 24
91.106.51.0/24 maxlen: 24
109.61.4.0/22 maxlen: 22
109.61.4.0/23 maxlen: 23
109.61.4.0/24 maxlen: 24
109.61.5.0/24 maxlen: 24
109.61.6.0/23 maxlen: 23
109.61.6.0/24 maxlen: 24
109.61.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.mft
rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:88:d4:f9:a6:e2:04:f1:22:c3:c1:d2:5c:ec:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e5bb546390b223a54b96f6e68cee39fd866a4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c6:32:f0:b4:88:56:72:f6:17:f8:6d:b9:26:
8a:43:3b:ca:53:90:59:f8:64:fa:9c:1c:84:b0:81:
60:ae:51:1e:57:b2:81:1b:7e:8c:9a:ed:b5:d7:fc:
bc:3a:62:c9:2a:f7:60:ff:f4:f8:e9:8c:c1:ca:1f:
95:8c:83:8c:26:2b:00:03:b4:5e:6d:8e:fc:ff:8d:
9c:0f:35:c0:f5:62:82:01:27:c4:52:48:ba:7f:64:
ad:8b:a2:b5:a0:fd:66:d4:f9:a6:58:0d:9a:fc:75:
21:f3:ea:97:53:0c:1d:e1:8b:2b:60:0a:21:e2:57:
5f:52:94:f1:d5:32:5f:b9:75:ab:2f:7e:12:9f:b1:
40:15:b8:43:73:05:13:65:8a:e5:dd:1f:40:51:b1:
ec:61:d0:13:ec:cb:3b:16:77:dd:4b:3a:13:f0:71:
8e:cb:f4:13:75:bd:e0:76:db:98:3e:4f:c1:1c:34:
1d:b2:96:89:2f:19:5b:76:a6:d8:d1:e5:10:b5:b4:
87:29:fa:70:be:29:3a:76:43:8f:19:bd:42:e8:ab:
3f:ba:7e:5e:e1:8c:b8:84:c0:56:97:d9:87:1e:33:
cf:6e:dd:61:65:fd:bd:0a:88:99:46:22:0e:4a:b6:
fd:81:f8:c4:f3:9e:34:a4:33:44:d3:8d:2b:67:8c:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5B:B5:46:39:0B:22:3A:54:B9:6F:6E:68:CE:E3:9F:D8:66:A4:E3
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/Xlu1RjkLIjpUuW9uaM7jn9hmpOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.32.0/22
91.106.40.0-91.106.48.255
91.106.50.0/23
109.61.4.0/22
Signature Algorithm: sha256WithRSAEncryption
41:c4:4f:12:aa:29:ac:7f:ad:8f:01:df:ab:f5:19:f4:c6:0f:
fb:1c:8b:57:74:bd:a1:88:4b:e3:45:8f:c5:d5:3a:da:52:a9:
1a:87:73:6e:df:d8:13:6c:de:30:ae:5b:8b:f6:cf:92:87:37:
0b:0e:66:f1:31:2b:7e:23:6d:7a:72:6f:d4:14:8a:f3:49:92:
2e:92:8c:cb:b9:70:16:33:17:68:15:a3:1c:0e:c2:68:b6:c3:
00:41:86:0f:d1:78:c2:a0:40:93:1b:63:db:8a:bf:89:0e:86:
23:29:66:af:c7:cc:fd:61:83:77:16:8d:e6:06:80:49:f8:b9:
ec:64:ae:3e:ea:61:6d:b2:e4:e8:5e:14:88:33:b8:df:90:94:
bb:80:a0:54:f0:43:c1:10:31:af:15:fd:b2:dc:f7:ba:44:1c:
b4:83:a9:ec:eb:08:9c:ab:8e:0e:6b:94:d2:be:0e:8b:6b:32:
67:6a:53:c6:42:9f:44:58:2c:a0:3a:21:96:76:5d:17:59:ff:
af:e7:fb:af:e5:bf:60:1e:99:21:e2:1d:09:69:85:f2:f0:44:
ec:b9:42:d8:9d:28:30:16:d7:c8:77:e0:5e:e2:3b:5e:38:71:
51:14:ec:53:e9:48:b0:5a:87:3f:a3:88:24:1c:da:77:95:3e:
ae:3b:12:ef
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQntojU+abiBPEiw8HSXOySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTViYjU0NjM5MGIyMjNhNTRiOTZmNmU2OGNlZTM5ZmQ4NjZhNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMYy8LSIVnL2F/htuSaKQzvKU5BZ
+GT6nByEsIFgrlEeV7KBG36Mmu211/y8OmLJKvdg//T46YzByh+VjIOMJisAA7Re
bY78/42cDzXA9WKCASfEUki6f2Sti6K1oP1m1PmmWA2a/HUh8+qXUwwd4YsrYAoh
4ldfUpTx1TJfuXWrL34Sn7FAFbhDcwUTZYrl3R9AUbHsYdAT7Ms7FnfdSzoT8HGO
y/QTdb3gdtuYPk/BHDQdspaJLxlbdqbY0eUQtbSHKfpwvik6dkOPGb1C6Ks/un5e
4Yy4hMBWl9mHHjPPbt1hZf29CoiZRiIOSrb9gfjE8540pDNE040rZ4xA2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF5btUY5CyI6VLlvbmjO45/YZqTjMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvWGx1MVJqa0xJanBVdVc5dWFNN2puOWhtcE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCW2ogMAwD
BANbaigDBABbajADBAFbajIDBAJtPQQwDQYJKoZIhvcNAQELBQADggEBAEHETxKq
Kax/rY8B36v1GfTGD/sci1d0vaGIS+NFj8XVOtpSqRqHc27f2BNs3jCuW4v2z5KH
NwsOZvExK34jbXpyb9QUivNJki6SjMu5cBYzF2gVoxwOwmi2wwBBhg/ReMKgQJMb
Y9uKv4kOhiMpZq/HzP1hg3cWjeYGgEn4uexkrj7qYW2y5OheFIgzuN+QlLuAoFTw
Q8EQMa8V/bLc97pEHLSDqezrCJyrjg5rlNK+DotrMmdqU8ZCn0RYLKA6IZZ2XRdZ
/6/n+6/lv2AemSHiHQlphfLwROy5QtidKDAW18h34F7iO144cVEU7FPpSLBahz+j
iCQc2neVPq47Eu8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:23 2025 by rpki-client