Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/xfilALq9xVm7LJX_uaRRDqm1ZX0.roa
File: xfilALq9xVm7LJX_uaRRDqm1ZX0.roa (raw, json)
Hash identifier: o3xsXXS0G1bR6xk5CmXK470ksv+YeZHYJ06DDMgu6J0=
Subject key identifier: C5:F8:A5:00:BA:BD:C5:59:BB:2C:95:FF:B9:A4:51:0E:A9:B5:65:7D
Certificate issuer: /CN=6f060474088606ec4ee8eed7c41b6943f89a09bd
Certificate serial: 01942143C11B8CA7A96C10FBCDBFCE13DA64
Authority key identifier: 6F:06:04:74:08:86:06:EC:4E:E8:EE:D7:C4:1B:69:43:F8:9A:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/xfilALq9xVm7LJX_uaRRDqm1ZX0.roa
Signing time: Wed 01 Jan 2025 09:47:55 +0000
ROA not before: Wed 01 Jan 2025 09:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212038
IP address blocks: 185.218.197.0/24 maxlen: 24
2a10:c780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c1:1b:8c:a7:a9:6c:10:fb:cd:bf:ce:13:da:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f060474088606ec4ee8eed7c41b6943f89a09bd
Validity
Not Before: Jan 1 09:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5f8a500babdc559bb2c95ffb9a4510ea9b5657d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e6:54:79:c9:2c:00:a0:ed:46:88:50:88:94:
e5:64:c8:bd:ba:b9:23:97:8a:ce:3a:f2:b1:0f:0a:
63:7c:77:1b:1e:03:be:94:b5:6b:87:63:27:c5:50:
0a:01:6f:0a:38:ee:a0:1d:b4:cd:35:b7:d7:ee:9d:
51:31:be:e9:55:d1:8b:1f:34:b9:78:2e:4d:03:18:
ed:f0:94:64:16:d1:5c:09:a1:60:cb:e1:96:c5:12:
85:f9:b0:96:71:86:49:2e:4b:27:8d:9a:36:49:c4:
a5:46:82:67:90:51:a8:fe:a7:29:27:6f:ee:d3:32:
db:18:17:42:35:bf:85:19:8b:c7:42:a9:cd:73:25:
43:04:54:b2:d0:1a:73:01:88:74:d5:7a:e9:d5:1f:
6e:b8:1e:34:a7:be:10:82:b5:37:77:1d:4b:aa:57:
af:9d:15:31:81:ca:39:3b:0a:22:44:6a:91:f9:a1:
dd:5e:f3:61:48:a3:58:dc:82:92:16:bf:95:ce:ee:
f8:52:71:a9:85:59:2c:5c:5e:10:62:6b:3d:44:ac:
7b:28:19:0c:36:81:8e:67:0c:64:bf:23:d0:5a:03:
a1:c4:73:36:64:0e:79:84:49:84:33:96:a7:39:9e:
ef:be:7d:3c:87:02:c4:7b:5b:56:88:fd:12:a1:ad:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F8:A5:00:BA:BD:C5:59:BB:2C:95:FF:B9:A4:51:0E:A9:B5:65:7D
X509v3 Authority Key Identifier:
keyid:6F:06:04:74:08:86:06:EC:4E:E8:EE:D7:C4:1B:69:43:F8:9A:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/xfilALq9xVm7LJX_uaRRDqm1ZX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2bfa6b-baa8-4c8c-9bc6-7aa6eb012190/1/bwYEdAiGBuxO6O7XxBtpQ_iaCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.197.0/24
IPv6:
2a10:c780::/29
Signature Algorithm: sha256WithRSAEncryption
6e:d3:83:06:d0:68:af:f5:ca:ee:6d:c0:d4:5e:a1:9b:0a:31:
3f:70:60:08:cb:21:a1:3d:ad:7c:38:26:83:24:95:96:82:b8:
76:21:35:db:4d:df:a0:de:55:66:b6:24:34:ee:e5:c5:d7:37:
1c:41:29:47:59:20:c5:38:69:0b:e4:4f:b9:6c:16:d4:8d:c5:
16:d0:3b:f6:92:3c:88:41:64:f1:43:93:44:e1:cd:0a:d2:25:
11:7f:96:12:31:7c:28:f3:2c:87:9a:85:f0:32:34:58:27:eb:
17:f9:84:49:e9:e8:c5:ca:e5:bc:d2:c0:62:cd:3f:3d:15:af:
27:71:d6:a5:5f:5d:03:78:b5:bf:ab:68:5f:3f:31:70:3c:62:
97:7d:c9:1a:56:98:53:a7:14:ec:b1:7d:ab:9a:7d:95:8d:76:
52:04:84:d9:93:8b:ef:57:21:a7:fe:12:ab:a4:ed:e8:40:06:
b2:4c:d4:48:f9:35:a4:2f:a3:1c:79:01:4c:84:8f:8b:91:81:
dd:97:9b:ba:a8:51:20:41:b4:40:44:9c:9b:4e:e3:e5:e2:fc:
6e:2b:8b:9c:a5:e9:14:43:ee:8f:62:c2:1e:86:89:21:43:c8:
47:d3:f1:47:65:ca:2a:ff:81:1f:89:3a:69:85:bb:0a:12:5c:
df:8d:02:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ8EbjKepbBD7zb/OE9pkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMDYwNDc0MDg4NjA2ZWM0ZWU4ZWVkN2M0MWI2OTQzZjg5
YTA5YmQwHhcNMjUwMTAxMDk0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY4YTUwMGJhYmRjNTU5YmIyYzk1ZmZiOWE0NTEwZWE5YjU2NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eZUecksAKDtRohQiJTlZMi9urkj
l4rOOvKxDwpjfHcbHgO+lLVrh2MnxVAKAW8KOO6gHbTNNbfX7p1RMb7pVdGLHzS5
eC5NAxjt8JRkFtFcCaFgy+GWxRKF+bCWcYZJLksnjZo2ScSlRoJnkFGo/qcpJ2/u
0zLbGBdCNb+FGYvHQqnNcyVDBFSy0BpzAYh01Xrp1R9uuB40p74QgrU3dx1Lqlev
nRUxgco5OwoiRGqR+aHdXvNhSKNY3IKSFr+Vzu74UnGphVksXF4QYms9RKx7KBkM
NoGOZwxkvyPQWgOhxHM2ZA55hEmEM5anOZ7vvn08hwLEe1tWiP0Soa1adwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMX4pQC6vcVZuyyV/7mkUQ6ptWV9MB8GA1UdIwQY
MBaAFG8GBHQIhgbsTuju18QbaUP4mgm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndZRWRBaUdCdXhPNk83WHhCdHBRX2lhQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yYmZhNmItYmFhOC00YzhjLTliYzYt
N2FhNmViMDEyMTkwLzEveGZpbEFMcTl4Vm03TEpYX3VhUlJEcW0xWlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yYmZhNmItYmFhOC00YzhjLTliYzYtN2FhNmViMDEyMTkw
LzEvYndZRWRBaUdCdXhPNk83WHhCdHBRX2lhQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudrFMA0E
AgACMAcDBQMqEMeAMA0GCSqGSIb3DQEBCwUAA4IBAQBu04MG0Giv9crubcDUXqGb
CjE/cGAIyyGhPa18OCaDJJWWgrh2ITXbTd+g3lVmtiQ07uXF1zccQSlHWSDFOGkL
5E+5bBbUjcUW0Dv2kjyIQWTxQ5NE4c0K0iURf5YSMXwo8yyHmoXwMjRYJ+sX+YRJ
6ejFyuW80sBizT89Fa8ncdalX10DeLW/q2hfPzFwPGKXfckaVphTpxTssX2rmn2V
jXZSBITZk4vvVyGn/hKrpO3oQAayTNRI+TWkL6MceQFMhI+LkYHdl5u6qFEgQbRA
RJybTuPl4vxuK4ucpekUQ+6PYsIehokhQ8hH0/FHZcoq/4EfiTpphbsKElzfjQLf
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:26 2025 by rpki-client