Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Xih-EfVQ2lODpeM1Ya_8fjlb3e0.roa
File: Xih-EfVQ2lODpeM1Ya_8fjlb3e0.roa (raw, json)
Hash identifier: l4FttRaMYnWfbRGN1GiO7VFVJgCvU1nAC+1h/ttWafI=
Subject key identifier: 5E:28:7E:11:F5:50:DA:53:83:A5:E3:35:61:AF:FC:7E:39:5B:DD:ED
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 019427B53AAC852B479637856DAAB1AE09A0
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Xih-EfVQ2lODpeM1Ya_8fjlb3e0.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 2001:4c08:2002::/48 maxlen: 48
2001:4c08:2005::/48 maxlen: 48
2001:4c08:2006::/48 maxlen: 48
2001:4c08:2007::/48 maxlen: 48
2001:4c08:2008::/48 maxlen: 48
2001:4c08:2012::/48 maxlen: 48
2001:4c08:2018::/48 maxlen: 48
2001:4c08:201e::/48 maxlen: 48
2001:4c08:2020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3a:ac:85:2b:47:96:37:85:6d:aa:b1:ae:09:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e287e11f550da5383a5e33561affc7e395bdded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:aa:02:68:46:b8:ee:ba:ac:e4:9e:78:0e:68:
09:2f:13:29:a9:eb:5c:62:73:9c:8a:05:6a:cf:d4:
7f:95:46:f0:bf:86:4d:a6:7d:ba:90:65:76:ca:ae:
1c:65:73:a1:69:ed:8a:6a:b1:16:b9:15:71:f8:ec:
1e:ff:2e:98:91:0c:b2:da:54:4b:4d:05:4f:37:0c:
c6:59:44:f7:ed:54:28:32:d2:b5:3e:7a:ec:24:f3:
77:ec:a2:e3:6e:4f:1c:9a:44:a9:c3:e2:d8:2a:c4:
09:7d:4e:d3:9e:5a:8b:ce:a4:87:2a:19:a2:b6:7e:
a0:c3:1c:07:15:79:4f:c1:f5:a2:1c:72:ea:63:b3:
75:74:cf:e4:19:87:c6:71:a1:dd:44:fb:fa:95:0d:
c0:5d:e7:1c:bb:d9:d5:2f:b1:0c:c8:0d:e3:f3:9e:
cb:22:18:fd:ab:70:00:1f:f6:d6:3f:22:79:2a:94:
60:60:a8:8b:3a:c8:4a:32:37:1f:b0:bc:34:1b:b2:
1b:11:2a:cc:07:0a:c1:d4:3d:89:c5:2a:4c:09:ec:
51:79:4b:0c:69:63:4a:2a:2f:af:40:c8:a7:29:55:
ea:0b:b5:1b:bb:c8:92:fb:7b:37:74:5d:9b:a8:36:
c4:d2:b7:02:ab:54:95:c3:c6:3c:7a:c2:cf:9c:22:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:28:7E:11:F5:50:DA:53:83:A5:E3:35:61:AF:FC:7E:39:5B:DD:ED
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Xih-EfVQ2lODpeM1Ya_8fjlb3e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4c08:2002::/48
2001:4c08:2005::-2001:4c08:2008:ffff:ffff:ffff:ffff:ffff
2001:4c08:2012::/48
2001:4c08:2018::/48
2001:4c08:201e::/48
2001:4c08:2020::/48
Signature Algorithm: sha256WithRSAEncryption
c3:7a:5c:9e:0d:00:ba:cb:49:5e:da:40:eb:6e:68:94:18:ce:
cd:78:0e:f6:f7:4d:b7:4a:d7:dd:f8:5c:ef:2b:18:4d:c8:ee:
5b:4b:cf:d2:11:56:32:f2:7f:27:8d:56:95:1e:7a:5b:02:6f:
c4:6a:88:35:9b:d9:28:5c:57:4c:08:77:24:ac:ef:84:2f:80:
20:a1:06:df:d6:55:09:04:64:84:7e:a4:64:97:0a:92:23:24:
6f:b3:99:12:3c:a6:46:3b:36:14:cb:ad:df:00:2c:18:2b:2e:
0c:f0:7d:2e:5f:d1:8f:e4:6d:60:25:0d:e4:67:54:ba:c4:32:
9f:82:3c:0b:a0:9d:b5:ce:cd:de:66:26:b6:80:02:1b:97:97:
bd:30:63:5f:48:bd:5f:e2:5d:95:34:33:6d:af:33:60:51:17:
92:2a:0b:61:0a:c3:7d:2d:86:5a:a7:00:bb:7c:ac:1b:8b:10:
c2:42:6f:e6:8c:65:19:8f:e6:38:2e:95:fa:eb:64:66:02:d1:
1b:1e:aa:d1:2f:f1:a9:d7:db:7c:28:df:4a:b1:3b:7a:5c:5d:
62:68:77:ee:0c:d1:c4:8a:05:cc:fd:ce:44:da:43:fd:55:41:
a1:85:67:07:dc:8f:32:09:b9:b0:45:91:a9:ac:cf:35:61:61:
69:b2:95:e1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQntTqshStHljeFbaqxrgmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTI4N2UxMWY1NTBkYTUzODNhNWUzMzU2MWFmZmM3ZTM5NWJkZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKoCaEa47rqs5J54DmgJLxMpqetc
YnOcigVqz9R/lUbwv4ZNpn26kGV2yq4cZXOhae2KarEWuRVx+Owe/y6YkQyy2lRL
TQVPNwzGWUT37VQoMtK1PnrsJPN37KLjbk8cmkSpw+LYKsQJfU7TnlqLzqSHKhmi
tn6gwxwHFXlPwfWiHHLqY7N1dM/kGYfGcaHdRPv6lQ3AXeccu9nVL7EMyA3j857L
Ihj9q3AAH/bWPyJ5KpRgYKiLOshKMjcfsLw0G7IbESrMBwrB1D2JxSpMCexReUsM
aWNKKi+vQMinKVXqC7Ubu8iS+3s3dF2bqDbE0rcCq1SVw8Y8esLPnCK+MwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFF4ofhH1UNpTg6XjNWGv/H45W93tMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvWGloLUVmVlEybE9EcGVNMVlhXzhmamxiM2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAIAFMCCAC
MBIDBwAgAUwIIAUDBwAgAUwIIAgDBwAgAUwIIBIDBwAgAUwIIBgDBwAgAUwIIB4D
BwAgAUwIICAwDQYJKoZIhvcNAQELBQADggEBAMN6XJ4NALrLSV7aQOtuaJQYzs14
Dvb3TbdK1934XO8rGE3I7ltLz9IRVjLyfyeNVpUeelsCb8RqiDWb2ShcV0wIdySs
74QvgCChBt/WVQkEZIR+pGSXCpIjJG+zmRI8pkY7NhTLrd8ALBgrLgzwfS5f0Y/k
bWAlDeRnVLrEMp+CPAugnbXOzd5mJraAAhuXl70wY19IvV/iXZU0M22vM2BRF5Iq
C2EKw30thlqnALt8rBuLEMJCb+aMZRmP5jgulfrrZGYC0RseqtEv8anX23wo30qx
O3pcXWJod+4M0cSKBcz9zkTaQ/1VQaGFZwfcjzIJubBFkamszzVhYWmyleE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:53:29 2025 by rpki-client