Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/yXSI300Xb0fHUGX2H4LyzLugHJw.roa
File: yXSI300Xb0fHUGX2H4LyzLugHJw.roa (raw, json)
Hash identifier: lfxMflPHK3x8X2DTET3r/QnFen44eiLQvcUftmVoo/Q=
Subject key identifier: C9:74:88:DF:4D:17:6F:47:C7:50:65:F6:1F:82:F2:CC:BB:A0:1C:9C
Certificate issuer: /CN=5e23518faa9b94a42d1a3b4d9f63b974394d0662
Certificate serial: 0194228E0D83097C746B607BB5AFC5D468F0
Authority key identifier: 5E:23:51:8F:AA:9B:94:A4:2D:1A:3B:4D:9F:63:B9:74:39:4D:06:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/yXSI300Xb0fHUGX2H4LyzLugHJw.roa
Signing time: Wed 01 Jan 2025 15:48:42 +0000
ROA not before: Wed 01 Jan 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62160
IP address blocks: 78.108.176.0/20 maxlen: 20
78.108.187.0/24 maxlen: 24
94.198.224.0/21 maxlen: 21
94.198.240.0/21 maxlen: 21
2a04:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0d:83:09:7c:74:6b:60:7b:b5:af:c5:d4:68:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e23518faa9b94a42d1a3b4d9f63b974394d0662
Validity
Not Before: Jan 1 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c97488df4d176f47c75065f61f82f2ccbba01c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:22:e4:81:7d:4e:aa:cc:cb:bb:bd:dd:af:90:
b3:0a:22:fb:b3:70:aa:70:07:e9:5a:af:d2:28:a0:
b2:f8:11:46:7d:87:14:a2:83:f3:d7:ab:69:42:20:
3a:31:da:df:35:c2:13:bb:3d:f6:f4:3d:f1:ce:fb:
1f:48:62:fa:9f:ed:5d:22:0f:14:cd:b5:0b:67:17:
88:90:b5:b2:fe:57:eb:ca:07:40:4c:8c:39:82:45:
9e:c6:05:cd:9e:2c:67:9b:29:3f:8c:18:b0:fe:8a:
54:88:11:26:09:6b:fe:49:aa:3f:7b:f3:32:cb:63:
8d:43:fd:04:53:fc:e6:22:c0:6d:1a:49:6e:ae:f7:
ce:84:09:1e:21:58:25:d3:10:36:97:4e:5f:65:06:
8b:c1:37:a4:0a:f8:95:9c:bb:9e:41:f3:e4:0a:f5:
af:cf:e6:99:13:0e:0c:dd:f5:2b:b0:f8:12:9d:6e:
7d:43:e3:cd:03:51:8b:a7:38:b6:6b:85:65:2e:4a:
d6:00:ba:0d:ee:10:b9:6c:05:99:dc:c8:54:4a:c0:
cc:80:eb:77:f8:13:4c:94:4e:9f:fd:0f:1b:ae:90:
e5:58:bd:3d:66:85:76:18:a6:65:c7:81:aa:44:f0:
3d:d9:e9:c4:0f:42:5b:8c:94:e0:8d:c7:38:8c:bf:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:74:88:DF:4D:17:6F:47:C7:50:65:F6:1F:82:F2:CC:BB:A0:1C:9C
X509v3 Authority Key Identifier:
keyid:5E:23:51:8F:AA:9B:94:A4:2D:1A:3B:4D:9F:63:B9:74:39:4D:06:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/yXSI300Xb0fHUGX2H4LyzLugHJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.176.0/20
94.198.224.0/21
94.198.240.0/21
IPv6:
2a04:a380::/29
Signature Algorithm: sha256WithRSAEncryption
6b:5b:33:77:c4:58:05:c5:f1:30:11:46:18:a9:b3:8e:4d:f6:
16:61:74:aa:35:32:07:02:b2:f2:ab:20:29:1a:43:7a:4e:14:
58:1e:6c:fd:c9:43:32:11:55:39:b5:c3:d4:d5:07:6b:d8:a6:
79:69:1e:61:18:bf:69:cb:09:0c:20:04:b4:ea:60:0f:48:55:
a3:62:b5:36:61:43:9c:b1:43:70:a7:f5:20:f5:5c:c6:52:90:
5d:34:5e:e2:19:15:0a:bf:ab:ae:15:33:0f:3e:68:4f:6c:ee:
89:ac:e6:63:b1:57:ac:af:4c:43:bb:0b:6b:1d:1a:53:e4:ec:
c6:17:80:32:00:cf:b6:e1:e4:cd:de:f2:67:8c:45:e3:dd:01:
9a:77:08:3f:86:a1:d1:67:09:b6:b6:d3:92:76:ff:5a:48:dc:
af:2b:a0:64:96:15:23:28:d1:a7:77:36:b4:97:bd:57:e5:c9:
bb:7a:19:30:85:2f:e6:18:33:80:33:12:e3:a4:cb:a3:15:65:
97:a7:14:65:30:6d:ed:af:99:c3:b8:8b:47:d3:e8:fb:a4:45:
f4:9b:25:8b:c0:ba:61:79:b7:aa:a4:dd:cb:3d:fe:e1:98:fa:
2c:5e:fa:a2:f8:1c:70:c5:7e:6b:fd:f1:7d:dd:c2:81:12:ab:
56:49:7d:27
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijg2DCXx0a2B7ta/F1GjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjM1MThmYWE5Yjk0YTQyZDFhM2I0ZDlmNjNiOTc0Mzk0
ZDA2NjIwHhcNMjUwMTAxMTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc0ODhkZjRkMTc2ZjQ3Yzc1MDY1ZjYxZjgyZjJjY2JiYTAxYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CLkgX1OqszLu73dr5CzCiL7s3Cq
cAfpWq/SKKCy+BFGfYcUooPz16tpQiA6MdrfNcITuz329D3xzvsfSGL6n+1dIg8U
zbULZxeIkLWy/lfrygdATIw5gkWexgXNnixnmyk/jBiw/opUiBEmCWv+Sao/e/My
y2ONQ/0EU/zmIsBtGklurvfOhAkeIVgl0xA2l05fZQaLwTekCviVnLueQfPkCvWv
z+aZEw4M3fUrsPgSnW59Q+PNA1GLpzi2a4VlLkrWALoN7hC5bAWZ3MhUSsDMgOt3
+BNMlE6f/Q8brpDlWL09ZoV2GKZlx4GqRPA92enED0JbjJTgjcc4jL8zhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMl0iN9NF29Hx1Bl9h+C8sy7oBycMB8GA1UdIwQY
MBaAFF4jUY+qm5SkLRo7TZ9juXQ5TQZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlOUmo2cWJsS1F0R2p0Tm4yTzVkRGxOQm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MTRiMzYtZWNhOS00ZTIyLWFlZDUt
YTQ4YWMzMWRiYmYwLzEveVhTSTMwMFhiMGZIVUdYMkg0THl6THVnSEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MTRiMzYtZWNhOS00ZTIyLWFlZDUtYTQ4YWMzMWRiYmYw
LzEvWGlOUmo2cWJsS1F0R2p0Tm4yTzVkRGxOQm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETmywAwQD
XsbgAwQDXsbwMA0EAgACMAcDBQMqBKOAMA0GCSqGSIb3DQEBCwUAA4IBAQBrWzN3
xFgFxfEwEUYYqbOOTfYWYXSqNTIHArLyqyApGkN6ThRYHmz9yUMyEVU5tcPU1Qdr
2KZ5aR5hGL9pywkMIAS06mAPSFWjYrU2YUOcsUNwp/Ug9VzGUpBdNF7iGRUKv6uu
FTMPPmhPbO6JrOZjsVesr0xDuwtrHRpT5OzGF4AyAM+24eTN3vJnjEXj3QGadwg/
hqHRZwm2ttOSdv9aSNyvK6BklhUjKNGndza0l71X5cm7ehkwhS/mGDOAMxLjpMuj
FWWXpxRlMG3tr5nDuItH0+j7pEX0myWLwLphebeqpN3LPf7hmPosXvqi+BxwxX5r
/fF93cKBEqtWSX0n
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:11:17 2025 by rpki-client