Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/xeFduT4t99IjfBUoqwRGqNnzCHM.roa
File: xeFduT4t99IjfBUoqwRGqNnzCHM.roa (raw, json)
Hash identifier: uYSi4FkXJVOzlTHJNA+ypbvTrMlqYVky1pdQYnRIfBw=
Subject key identifier: C5:E1:5D:B9:3E:2D:F7:D2:23:7C:15:28:AB:04:46:A8:D9:F3:08:73
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01952303EC156B7DAEA4C8C995C2C2C4886E
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/xeFduT4t99IjfBUoqwRGqNnzCHM.roa
Signing time: Thu 20 Feb 2025 11:00:14 +0000
ROA not before: Thu 20 Feb 2025 11:00:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 192.53.64.0/21 maxlen: 21
192.53.136.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:03:ec:15:6b:7d:ae:a4:c8:c9:95:c2:c2:c4:88:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Feb 20 11:00:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5e15db93e2df7d2237c1528ab0446a8d9f30873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cf:1f:d7:b1:1b:8d:c2:40:ba:38:1b:1c:36:
d6:9d:50:5d:e2:79:dd:0e:15:e1:9d:97:d6:52:d0:
b5:09:b4:cc:44:87:b9:88:a3:99:4c:49:2a:55:73:
fe:1c:d8:91:70:ac:63:cd:94:03:eb:8e:d0:4f:e0:
2a:1f:b0:33:50:84:5b:f7:ca:5e:ee:55:3c:c4:61:
3c:71:fb:e1:67:e7:7b:ec:35:ad:34:f5:c8:65:fa:
85:95:61:6d:7e:80:28:5c:92:a8:bd:32:78:ee:39:
38:29:40:8d:e0:f7:ad:9c:b0:03:24:93:fa:e7:5f:
0b:3c:8f:58:31:74:2e:9e:8b:52:6d:0a:f4:8d:47:
7f:a2:e1:9b:f6:b9:94:00:fb:ca:97:05:93:29:bd:
5f:6b:1c:17:6b:7b:07:9b:61:c4:40:cd:f4:4c:0f:
af:ec:8e:39:fb:db:7c:6a:43:37:6e:66:75:9d:cf:
96:26:1c:bb:24:91:3a:c5:65:8c:c7:75:5e:78:1c:
bc:69:3f:f1:8c:14:c7:2f:3b:4b:f1:17:35:9d:ca:
ea:9d:b2:db:3f:de:4b:35:a9:50:3d:30:4a:99:d4:
12:7f:9b:29:b0:8a:a5:55:2d:a5:57:2a:aa:fc:13:
c7:c5:65:87:a0:d0:da:76:1c:ac:3d:a8:04:cd:c5:
da:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E1:5D:B9:3E:2D:F7:D2:23:7C:15:28:AB:04:46:A8:D9:F3:08:73
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/xeFduT4t99IjfBUoqwRGqNnzCHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:0f:01:16:49:2c:96:d7:02:a3:96:68:13:16:2b:d6:56:a5:
89:c2:92:13:61:01:b4:64:81:f4:d0:26:38:21:5b:0a:29:d4:
b8:9c:09:f1:85:f3:a2:52:05:57:01:b1:e9:52:8d:e9:5c:3e:
71:a7:1e:79:db:f7:f7:fd:49:84:b5:38:71:32:52:37:42:38:
d6:d5:c6:7c:56:87:52:31:56:bd:b3:df:58:cf:36:76:f3:16:
23:bc:4d:8c:8a:63:30:70:f7:4d:53:15:1b:46:74:46:21:69:
48:f3:45:c7:8e:98:5c:ed:7a:bd:a3:c6:92:d5:77:18:3c:f4:
30:f7:bc:d2:47:2b:41:cb:e4:38:67:1d:40:4d:6d:36:8c:a2:
ea:06:5b:d4:f7:52:2e:e3:55:0d:ba:ae:7c:b6:86:07:c5:ad:
4b:ce:32:ce:dc:02:4c:b6:7a:9e:75:ea:80:e0:ab:cf:72:38:
d8:e4:4b:d9:85:8a:8b:3a:bc:89:8f:27:19:d6:9b:eb:00:fa:
aa:ca:cd:43:12:5e:0d:e8:31:4c:89:d3:7b:49:39:3d:78:3b:
f6:e8:3e:68:21:ed:3f:1f:fc:eb:86:ce:4b:72:f3:b5:94:9e:
7c:d0:23:f3:0e:80:19:f0:22:6f:8f:04:85:0e:cb:1c:74:6f:
2e:39:41:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUjA+wVa32upMjJlcLCxIhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwMjIwMTEwMDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUxNWRiOTNlMmRmN2QyMjM3YzE1MjhhYjA0NDZhOGQ5ZjMwODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs8f17EbjcJAujgbHDbWnVBd4nnd
DhXhnZfWUtC1CbTMRIe5iKOZTEkqVXP+HNiRcKxjzZQD647QT+AqH7AzUIRb98pe
7lU8xGE8cfvhZ+d77DWtNPXIZfqFlWFtfoAoXJKovTJ47jk4KUCN4PetnLADJJP6
518LPI9YMXQunotSbQr0jUd/ouGb9rmUAPvKlwWTKb1faxwXa3sHm2HEQM30TA+v
7I45+9t8akM3bmZ1nc+WJhy7JJE6xWWMx3VeeBy8aT/xjBTHLztL8Rc1ncrqnbLb
P95LNalQPTBKmdQSf5spsIqlVS2lVyqq/BPHxWWHoNDadhysPagEzcXaxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMXhXbk+LffSI3wVKKsERqjZ8whzMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEveGVGZHVUNHQ5OUlqZkJVb3F3UkdxTm56Q0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDwDVAAwQD
wDWIMA0GCSqGSIb3DQEBCwUAA4IBAQAODwEWSSyW1wKjlmgTFivWVqWJwpITYQG0
ZIH00CY4IVsKKdS4nAnxhfOiUgVXAbHpUo3pXD5xpx552/f3/UmEtThxMlI3QjjW
1cZ8VodSMVa9s99YzzZ28xYjvE2MimMwcPdNUxUbRnRGIWlI80XHjphc7Xq9o8aS
1XcYPPQw97zSRytBy+Q4Zx1ATW02jKLqBlvU91Iu41UNuq58toYHxa1LzjLO3AJM
tnqedeqA4KvPcjjY5EvZhYqLOryJjycZ1pvrAPqqys1DEl4N6DFMidN7STk9eDv2
6D5oIe0/H/zrhs5LcvO1lJ580CPzDoAZ8CJvjwSFDsscdG8uOUF3
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:12 2025 by rpki-client