Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/Xgr5P1UaBLoKB0nFSdLdMnYEAcA.roa
File: Xgr5P1UaBLoKB0nFSdLdMnYEAcA.roa (raw, json)
Hash identifier: xFI+ynIKk4Nft8+Xpcr+WB8ws9nItuL+8WRyzYu3/Do=
Subject key identifier: 5E:0A:F9:3F:55:1A:04:BA:0A:07:49:C5:49:D2:DD:32:76:04:01:C0
Certificate issuer: /CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Certificate serial: 019423D758CDC36FDA9F2C9487C998B6D493
Authority key identifier: 5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/Xgr5P1UaBLoKB0nFSdLdMnYEAcA.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33916
IP address blocks: 45.133.164.0/22 maxlen: 22
195.242.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/W2-maQmXQS5xZhbIHk98CHX_2XY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/W2-maQmXQS5xZhbIHk98CHX_2XY.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 22:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:58:cd:c3:6f:da:9f:2c:94:87:c9:98:b6:d4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e0af93f551a04ba0a0749c549d2dd32760401c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:b6:0c:95:10:65:ba:c2:53:69:05:e3:83:
09:f2:29:fc:13:4f:b5:0e:5d:af:db:f3:e8:ef:d8:
dc:82:85:a9:6c:17:b3:99:ee:ea:c1:72:e7:68:77:
f7:53:f7:db:84:3a:f5:ca:12:2a:6f:3a:78:04:aa:
62:7d:37:ec:65:8e:f0:54:d8:1b:e4:50:19:f7:09:
42:ca:91:3a:67:5b:2c:64:cd:79:1d:11:f7:4a:20:
85:6d:22:4d:74:cb:15:f6:4f:bf:c0:b3:ce:31:27:
07:bc:a5:ca:c6:26:e7:44:ec:f3:2c:5d:e1:6e:3b:
68:b6:e4:28:aa:8f:da:aa:8d:96:94:b0:fe:cf:d8:
47:00:aa:3b:ee:22:6a:1a:4e:9b:fa:53:15:66:3c:
96:92:6b:de:30:3c:bb:a6:e5:21:fc:12:09:4b:6e:
b1:8a:69:28:71:b6:a5:05:c6:94:28:d7:3d:28:14:
e3:07:92:fc:82:10:2d:a8:d0:40:2d:92:bf:26:c0:
c2:0d:68:02:c1:0d:d0:af:7c:d5:01:a8:44:2f:5c:
7c:59:7f:ad:2f:19:ed:f8:2e:aa:fd:dc:5e:99:e0:
4b:51:f0:5a:4e:5f:62:77:3f:6a:c1:da:59:0f:75:
5a:8b:54:22:b0:d1:58:b0:54:c1:bb:a2:9e:8a:1c:
8e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0A:F9:3F:55:1A:04:BA:0A:07:49:C5:49:D2:DD:32:76:04:01:C0
X509v3 Authority Key Identifier:
keyid:5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/Xgr5P1UaBLoKB0nFSdLdMnYEAcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/W2-maQmXQS5xZhbIHk98CHX_2XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.164.0/22
195.242.192.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:29:4d:26:76:cf:04:b6:a7:65:94:d7:94:76:ae:33:9c:92:
ce:2e:af:cc:f2:24:57:c6:47:1b:bc:92:f7:8a:ce:ce:65:0f:
89:67:9e:46:7b:94:58:4d:43:2f:3c:68:d6:be:f9:6d:a1:7c:
19:2d:54:ae:5e:77:8c:b1:d8:cc:0d:3a:16:32:79:24:c5:2f:
0c:c3:ef:08:8e:dd:31:48:3c:1c:22:14:7f:6c:e4:25:be:ca:
a6:a7:89:5f:19:e4:98:2d:5e:76:58:09:1d:4d:cb:9c:90:7e:
db:6d:47:a9:d8:b8:55:79:6d:0e:7a:b1:0f:53:e4:93:e5:83:
b4:b7:29:64:f6:94:f5:3e:67:52:2a:b7:0a:4b:fb:4c:ee:89:
98:96:52:c2:a3:5a:e7:a0:09:1f:ae:dd:d3:e5:63:e7:b8:71:
cc:2e:e3:bd:74:9a:0d:6a:af:66:29:f5:95:82:4f:89:47:df:
0e:f0:7c:5d:2b:1b:e9:c7:67:4e:e3:88:7f:04:08:2d:9e:3b:
0d:3d:34:68:4a:12:ac:46:35:97:e6:0a:57:90:61:f5:ac:5c:
e9:bb:bf:af:ba:6a:5f:5b:56:b5:da:51:6b:75:71:80:49:8f:
28:c9:e6:a1:26:89:95:4c:f2:ce:00:60:d1:d2:ce:3a:16:59:
39:15:38:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj11jNw2/anyyUh8mYttSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmZhNjY5MDk5NzQxMmU3MTY2MTZjODFlNGY3YzA4NzVm
ZmQ5NzYwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBhZjkzZjU1MWEwNGJhMGEwNzQ5YzU0OWQyZGQzMjc2MDQwMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh062DJUQZbrCU2kF44MJ8in8E0+1
Dl2v2/Po79jcgoWpbBezme7qwXLnaHf3U/fbhDr1yhIqbzp4BKpifTfsZY7wVNgb
5FAZ9wlCypE6Z1ssZM15HRH3SiCFbSJNdMsV9k+/wLPOMScHvKXKxibnROzzLF3h
bjtotuQoqo/aqo2WlLD+z9hHAKo77iJqGk6b+lMVZjyWkmveMDy7puUh/BIJS26x
imkocbalBcaUKNc9KBTjB5L8ghAtqNBALZK/JsDCDWgCwQ3Qr3zVAahEL1x8WX+t
Lxnt+C6q/dxemeBLUfBaTl9idz9qwdpZD3Vai1QisNFYsFTBu6KeihyOPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF4K+T9VGgS6CgdJxUnS3TJ2BAHAMB8GA1UdIwQY
MBaAFFtvpmkJl0EucWYWyB5PfAh1/9l2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTct
MTJhZDE0NjY1NWNlLzEvWGdyNVAxVWFCTG9LQjBuRlNkTGRNbllFQWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTctMTJhZDE0NjY1NWNl
LzEvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYWkAwQC
w/LAMA0GCSqGSIb3DQEBCwUAA4IBAQArKU0mds8EtqdllNeUdq4znJLOLq/M8iRX
xkcbvJL3is7OZQ+JZ55Ge5RYTUMvPGjWvvltoXwZLVSuXneMsdjMDToWMnkkxS8M
w+8Ijt0xSDwcIhR/bOQlvsqmp4lfGeSYLV52WAkdTcuckH7bbUep2LhVeW0OerEP
U+ST5YO0tylk9pT1PmdSKrcKS/tM7omYllLCo1rnoAkfrt3T5WPnuHHMLuO9dJoN
aq9mKfWVgk+JR98O8HxdKxvpx2dO44h/BAgtnjsNPTRoShKsRjWX5gpXkGH1rFzp
u7+vumpfW1a12lFrdXGASY8oyeahJomVTPLOAGDR0s46Flk5FTh+
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:54:42 2025 by rpki-client