Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/XYlDbmNEweM6LqFALkkvUh2W9lE.roa
File: XYlDbmNEweM6LqFALkkvUh2W9lE.roa (raw, json)
Hash identifier: 9gP6l/HCX+2ev9Uk9YYU1pfiHW7Ig/5Pk5coTY/utmY=
Subject key identifier: 5D:89:43:6E:63:44:C1:E3:3A:2E:A1:40:2E:49:2F:52:1D:96:F6:51
Certificate issuer: /CN=d6108a485dfaf06a931f543c085a009c6aea2d9c
Certificate serial: 0194222041F59B26E610559C8017A12D2D6E
Authority key identifier: D6:10:8A:48:5D:FA:F0:6A:93:1F:54:3C:08:5A:00:9C:6A:EA:2D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hCKSF368GqTH1Q8CFoAnGrqLZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/XYlDbmNEweM6LqFALkkvUh2W9lE.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400513
IP address blocks: 88.214.192.0/24 maxlen: 24
88.214.196.0/24 maxlen: 24
88.214.197.0/24 maxlen: 24
88.214.200.0/24 maxlen: 24
88.214.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/1hCKSF368GqTH1Q8CFoAnGrqLZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/1hCKSF368GqTH1Q8CFoAnGrqLZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1hCKSF368GqTH1Q8CFoAnGrqLZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:41:f5:9b:26:e6:10:55:9c:80:17:a1:2d:2d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6108a485dfaf06a931f543c085a009c6aea2d9c
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d89436e6344c1e33a2ea1402e492f521d96f651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:37:89:12:59:ce:2b:67:ab:40:39:a1:bb:
f4:95:55:94:32:ed:6e:47:90:f0:40:af:fd:d1:25:
f9:c7:bc:8e:29:d0:ac:ec:0b:ce:46:c8:3c:e1:36:
55:e0:51:b2:6d:ff:f5:49:a1:c4:44:0d:b4:99:80:
52:0c:f0:21:9f:65:98:7d:11:36:82:fe:b0:59:45:
51:49:b8:0a:ee:8a:63:af:07:d9:a9:4f:1a:58:57:
99:bc:2e:80:ae:0f:2a:47:a6:f9:32:ba:17:bd:22:
f2:8b:1d:6b:89:6a:c3:d1:89:7f:58:27:8d:a2:1a:
e7:c9:e9:a4:8e:8c:fa:82:ae:10:88:9a:30:5c:4d:
ac:db:0b:4c:70:48:dc:d5:0f:96:34:25:9d:0c:ee:
68:45:1e:4b:6a:61:f7:a9:b5:09:14:f6:6e:7d:af:
fe:67:5f:04:92:d8:36:35:b8:5c:10:5c:e8:3f:38:
98:c6:50:97:cc:aa:4f:34:4f:dd:56:5e:46:8e:a0:
6f:76:a4:79:94:2d:da:53:56:dc:34:1c:ff:cf:27:
5b:2c:71:36:9a:a8:c8:26:b8:ad:f1:e3:c4:d0:70:
5c:49:7b:b2:ff:0f:82:3f:cf:d1:82:f2:74:eb:ff:
80:57:0e:99:45:71:f5:0b:36:20:08:21:1f:1e:89:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:89:43:6E:63:44:C1:E3:3A:2E:A1:40:2E:49:2F:52:1D:96:F6:51
X509v3 Authority Key Identifier:
keyid:D6:10:8A:48:5D:FA:F0:6A:93:1F:54:3C:08:5A:00:9C:6A:EA:2D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hCKSF368GqTH1Q8CFoAnGrqLZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/XYlDbmNEweM6LqFALkkvUh2W9lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7588ca-5677-4795-8a81-b6f9df455249/1/1hCKSF368GqTH1Q8CFoAnGrqLZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.192.0/24
88.214.196.0/23
88.214.200.0/24
88.214.203.0/24
Signature Algorithm: sha256WithRSAEncryption
88:14:7c:b4:33:b9:51:b2:3c:b0:83:7a:76:44:9f:6c:ca:19:
fa:79:af:bc:a6:bc:d5:02:8f:17:1e:f2:0c:ae:22:ff:0c:53:
89:6b:f2:2e:e5:8c:22:45:c9:c6:2e:20:dd:74:19:0d:fa:0a:
76:69:a1:06:99:3a:d6:41:97:36:7d:9c:ad:59:14:aa:e6:87:
a4:80:8b:83:c0:71:99:93:6c:fd:58:ce:fe:5b:a0:22:74:74:
fe:ee:5b:5e:0b:51:86:de:4a:f5:c6:d0:d9:65:9e:28:75:e5:
c8:d1:20:1b:f1:e1:7b:76:a2:89:d0:d3:53:56:ae:ac:9f:a5:
37:74:c6:62:9e:72:ce:27:b9:1a:11:0a:d7:c9:c0:a8:f2:55:
1e:26:63:be:07:3a:8b:fa:54:38:bd:af:0f:57:47:c4:bb:60:
6e:21:08:b7:f1:1a:74:fb:ad:58:f7:80:e2:b0:9d:40:21:48:
09:42:8f:74:63:16:ef:18:47:e4:0b:23:10:57:47:15:a2:63:
43:6b:a6:b6:96:d0:a3:c6:b7:59:d3:15:c4:9e:bd:59:cc:71:
ea:68:e2:6d:ef:4f:a1:f4:e6:8f:58:12:83:65:e0:67:ee:35:
d2:bb:41:60:a0:41:c4:b1:c5:2d:41:a9:48:56:92:d6:8b:0f:
60:c7:0a:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIEH1mybmEFWcgBehLS1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTA4YTQ4NWRmYWYwNmE5MzFmNTQzYzA4NWEwMDljNmFl
YTJkOWMwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg5NDM2ZTYzNDRjMWUzM2EyZWExNDAyZTQ5MmY1MjFkOTZmNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy383iRJZzitnq0A5obv0lVWUMu1u
R5DwQK/90SX5x7yOKdCs7AvORsg84TZV4FGybf/1SaHERA20mYBSDPAhn2WYfRE2
gv6wWUVRSbgK7opjrwfZqU8aWFeZvC6Arg8qR6b5MroXvSLyix1riWrD0Yl/WCeN
ohrnyemkjoz6gq4QiJowXE2s2wtMcEjc1Q+WNCWdDO5oRR5LamH3qbUJFPZufa/+
Z18Ektg2NbhcEFzoPziYxlCXzKpPNE/dVl5GjqBvdqR5lC3aU1bcNBz/zydbLHE2
mqjIJrit8ePE0HBcSXuy/w+CP8/RgvJ06/+AVw6ZRXH1CzYgCCEfHonsPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF2JQ25jRMHjOi6hQC5JL1IdlvZRMB8GA1UdIwQY
MBaAFNYQikhd+vBqkx9UPAhaAJxq6i2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhDS1NGMzY4R3FUSDFROENGb0FuR3JxTFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83NTg4Y2EtNTY3Ny00Nzk1LThhODEt
YjZmOWRmNDU1MjQ5LzEvWFlsRGJtTkV3ZU02THFGQUxra3ZVaDJXOWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83NTg4Y2EtNTY3Ny00Nzk1LThhODEtYjZmOWRmNDU1MjQ5
LzEvMWhDS1NGMzY4R3FUSDFROENGb0FuR3JxTFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNbAAwQB
WNbEAwQAWNbIAwQAWNbLMA0GCSqGSIb3DQEBCwUAA4IBAQCIFHy0M7lRsjywg3p2
RJ9syhn6ea+8przVAo8XHvIMriL/DFOJa/Iu5YwiRcnGLiDddBkN+gp2aaEGmTrW
QZc2fZytWRSq5oekgIuDwHGZk2z9WM7+W6AidHT+7lteC1GG3kr1xtDZZZ4odeXI
0SAb8eF7dqKJ0NNTVq6sn6U3dMZinnLOJ7kaEQrXycCo8lUeJmO+BzqL+lQ4va8P
V0fEu2BuIQi38Rp0+61Y94DisJ1AIUgJQo90YxbvGEfkCyMQV0cVomNDa6a2ltCj
xrdZ0xXEnr1ZzHHqaOJt70+h9OaPWBKDZeBn7jXSu0FgoEHEscUtQalIVpLWiw9g
xwp2
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:31:00 2025 by rpki-client