Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XWgY9IE5WPWEYKpZb_DdJSKgmNk.roa
File: XWgY9IE5WPWEYKpZb_DdJSKgmNk.roa (raw, json)
Hash identifier: RjaBA1nT0ZNCp2uF/Bf1faWMk5+nUdGucIKvPd+4FJg=
Subject key identifier: 5D:68:18:F4:81:39:58:F5:84:60:AA:59:6F:F0:DD:25:22:A0:98:D9
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 0194228D3764E3A7A7E59B46228345B91923
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XWgY9IE5WPWEYKpZb_DdJSKgmNk.roa
Signing time: Wed 01 Jan 2025 15:47:47 +0000
ROA not before: Wed 01 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8207
IP address blocks: 195.114.128.0/24 maxlen: 24
195.114.129.0/24 maxlen: 24
195.114.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:37:64:e3:a7:a7:e5:9b:46:22:83:45:b9:19:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Jan 1 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d6818f4813958f58460aa596ff0dd2522a098d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e3:02:df:b1:05:6f:79:d8:ec:1f:ab:e0:b4:
c8:95:26:f5:01:b2:dc:ad:69:d8:f3:44:6f:3c:9a:
bd:51:d3:5e:a0:cc:b2:2b:cc:12:ac:2d:76:96:1d:
2a:b1:37:1d:50:e1:72:cc:17:e7:0a:46:47:19:f0:
fc:3f:d1:f6:ef:f9:4b:53:48:7f:ec:2a:d1:c7:5c:
5d:77:71:b3:f8:ef:2c:4e:52:7f:bb:f8:57:92:7e:
3a:f0:d0:3e:c6:8d:bc:d8:d9:0c:a5:11:45:f1:d2:
12:08:0b:cb:5d:6b:39:a1:4a:eb:df:e4:fd:95:05:
0d:60:c2:2e:dc:58:a1:27:4b:11:09:88:11:cf:6a:
50:a6:90:c3:40:7e:cb:5b:28:05:c6:5f:b9:8d:48:
1f:88:29:b6:08:e1:72:08:c1:8f:2a:13:0b:db:b2:
8d:48:0f:91:19:61:34:ab:6b:b7:48:00:40:08:95:
49:21:96:a8:fa:0b:9f:4f:09:a9:33:c2:70:be:57:
aa:ba:6c:91:26:2b:9f:4d:ab:5d:d4:04:3e:01:ad:
59:88:4f:76:4f:99:e6:e4:6e:4f:63:2f:24:11:40:
5e:e9:62:21:22:d6:5a:68:00:d8:00:15:70:f9:80:
c7:47:a8:b2:3d:da:4f:f7:3f:0a:c6:d3:e4:4f:f3:
f2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:68:18:F4:81:39:58:F5:84:60:AA:59:6F:F0:DD:25:22:A0:98:D9
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XWgY9IE5WPWEYKpZb_DdJSKgmNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.128.0/23
195.114.135.0/24
Signature Algorithm: sha256WithRSAEncryption
17:70:de:c1:ef:a5:42:3b:f3:47:04:ff:c6:47:05:53:71:76:
86:8e:b7:08:52:94:5a:e5:bc:73:cd:1d:ae:f4:ed:e5:67:f8:
06:56:af:11:cd:93:6b:3f:34:37:70:6c:f6:85:00:61:5e:f7:
16:04:90:b8:c2:67:0e:46:f0:3e:9b:a9:49:c1:40:eb:dc:e7:
5a:19:2f:53:19:a7:f9:32:ec:b8:fd:d6:89:60:f5:b9:76:70:
16:f3:3d:4e:e7:59:7f:05:a4:d8:99:55:34:98:8c:b5:1d:3d:
17:04:86:df:bf:15:7f:fc:2d:02:49:dc:da:71:8a:a6:81:18:
18:10:d6:2e:b6:fc:6b:91:f1:6d:34:97:2f:c8:fc:c4:68:4d:
93:1b:1c:a9:e6:a5:55:9f:e8:01:cd:a3:9b:9a:06:74:2a:0e:
37:d9:ac:6c:b2:d6:f0:46:45:eb:50:0a:0b:5d:21:85:44:03:
ca:16:00:f2:30:4c:01:11:14:94:5a:ad:d9:e5:13:10:02:4c:
0a:fc:6e:c3:5a:29:71:37:88:1b:8a:7f:77:fd:c5:3d:16:10:
a6:9e:bc:d4:4b:53:14:b2:c1:fe:58:23:a5:b6:53:fd:e7:2d:
6f:b9:ea:02:32:30:39:b2:cc:84:14:36:8a:45:84:8b:2a:7a:
0f:dc:8c:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijTdk46en5ZtGIoNFuRkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjUwMTAxMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY4MThmNDgxMzk1OGY1ODQ2MGFhNTk2ZmYwZGQyNTIyYTA5OGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOMC37EFb3nY7B+r4LTIlSb1AbLc
rWnY80RvPJq9UdNeoMyyK8wSrC12lh0qsTcdUOFyzBfnCkZHGfD8P9H27/lLU0h/
7CrRx1xdd3Gz+O8sTlJ/u/hXkn468NA+xo282NkMpRFF8dISCAvLXWs5oUrr3+T9
lQUNYMIu3FihJ0sRCYgRz2pQppDDQH7LWygFxl+5jUgfiCm2COFyCMGPKhML27KN
SA+RGWE0q2u3SABACJVJIZao+gufTwmpM8JwvlequmyRJiufTatd1AQ+Aa1ZiE92
T5nm5G5PYy8kEUBe6WIhItZaaADYABVw+YDHR6iyPdpP9z8KxtPkT/PyWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1oGPSBOVj1hGCqWW/w3SUioJjZMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvWFdnWTlJRTVXUFdFWUtwWmJfRGRKU0tnbU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw3KAAwQA
w3KHMA0GCSqGSIb3DQEBCwUAA4IBAQAXcN7B76VCO/NHBP/GRwVTcXaGjrcIUpRa
5bxzzR2u9O3lZ/gGVq8RzZNrPzQ3cGz2hQBhXvcWBJC4wmcORvA+m6lJwUDr3Oda
GS9TGaf5Muy4/daJYPW5dnAW8z1O51l/BaTYmVU0mIy1HT0XBIbfvxV//C0CSdza
cYqmgRgYENYutvxrkfFtNJcvyPzEaE2TGxyp5qVVn+gBzaObmgZ0Kg432axsstbw
RkXrUAoLXSGFRAPKFgDyMEwBERSUWq3Z5RMQAkwK/G7DWilxN4gbin93/cU9FhCm
nrzUS1MUssH+WCOltlP95y1vueoCMjA5ssyEFDaKRYSLKnoP3Izt
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:15:06 2025 by rpki-client