Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/X_aVeFquSC3m-PMjHrEvpk2VJz4.roa
File: X_aVeFquSC3m-PMjHrEvpk2VJz4.roa (raw, json)
Hash identifier: RPg/GmbTQ/RxMw6j8morZIVLsZei0/BLB2RoD8OBVBc=
Subject key identifier: 5F:F6:95:78:5A:AE:48:2D:E6:F8:F3:23:1E:B1:2F:A6:4D:95:27:3E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA11A4239F4E4E4F3FED063A980F8
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/X_aVeFquSC3m-PMjHrEvpk2VJz4.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62122
IP address blocks: 141.101.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a1:1a:42:39:f4:e4:e4:f3:fe:d0:63:a9:80:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ff695785aae482de6f8f3231eb12fa64d95273e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:a2:ec:b1:2a:8f:c5:be:e1:96:fc:6c:d6:
00:48:89:12:c8:1a:f1:ce:ab:b7:0c:53:bc:64:b5:
6f:df:ac:5b:cf:63:2c:d4:d9:18:a4:28:e8:17:44:
59:f9:ae:a3:63:5d:d6:cc:ae:46:63:c9:64:9d:64:
d2:2c:8f:9a:be:f0:76:78:85:91:dc:4c:d6:cd:84:
f0:6e:02:05:e0:89:ad:49:7d:47:0f:ce:85:61:c7:
08:b0:8d:1f:1d:cf:a7:84:bb:b1:6d:83:a0:0d:e4:
5f:2e:1c:8f:01:54:dd:7e:c4:4a:6d:e7:ab:76:78:
7a:b8:be:67:54:04:7d:5a:b4:75:07:9f:a4:81:88:
18:30:60:e7:0c:1f:d8:0e:ef:a2:b2:ab:54:71:55:
fb:ab:4e:1b:51:50:ad:9f:35:6a:ee:12:af:34:78:
af:ef:31:53:f8:7b:0d:5c:11:27:ae:fc:9a:fa:77:
aa:b2:65:b9:04:9f:9f:8a:6e:25:ea:3c:9b:06:1b:
42:e0:94:0e:aa:5f:e6:8e:f4:1f:cf:32:6a:16:b6:
b9:ac:96:cb:83:f4:83:fe:eb:41:f1:c4:66:71:44:
93:67:e5:ff:3f:be:16:5f:cc:b7:c4:e7:76:18:f3:
c5:26:66:c3:88:58:37:db:88:4e:47:e5:da:18:2f:
d8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:95:78:5A:AE:48:2D:E6:F8:F3:23:1E:B1:2F:A6:4D:95:27:3E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/X_aVeFquSC3m-PMjHrEvpk2VJz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.240.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b2:a1:36:20:41:d7:50:59:b3:cd:64:02:7c:82:f1:ed:39:
fb:32:e0:15:ef:d6:64:5b:1c:72:3b:f1:98:5c:f3:6d:6c:df:
ba:e6:1e:15:f7:71:a1:29:5d:d0:f0:2e:d1:26:1b:b3:bd:f9:
44:db:4d:38:e3:b2:78:72:dd:51:58:b5:e9:dd:50:6c:81:fa:
fb:6b:e0:89:1c:1e:12:9a:c2:59:12:a8:ea:30:33:6b:81:58:
4a:28:10:41:15:a6:74:40:12:52:27:a1:88:ef:71:00:93:cb:
3a:ec:b5:12:99:0e:6a:21:89:41:97:12:12:1d:38:d3:83:ea:
5e:ca:b2:5b:d3:3f:d6:19:85:a4:4b:d5:e2:de:fa:02:2a:77:
f7:5d:73:1b:b2:25:36:fe:2a:b5:b5:f3:30:26:3b:41:5f:2f:
ff:41:23:fd:b6:88:97:69:54:58:59:cc:3e:f8:51:2e:50:bb:
80:2f:7e:e0:af:f3:11:4b:17:6f:79:c9:9f:5f:6a:f2:96:4f:
69:bd:48:79:b1:ca:be:5e:b8:e0:1c:ef:95:73:ef:08:87:80:
7e:dd:ed:45:43:32:9c:f9:00:cf:60:20:a2:dd:2b:d3:27:a2:
84:de:61:31:5c:9e:44:e8:47:fc:69:5d:7b:19:fd:3d:30:3e:
26:c4:dd:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qEaQjn05OTz/tBjqYD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY2OTU3ODVhYWU0ODJkZTZmOGYzMjMxZWIxMmZhNjRkOTUyNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHai7LEqj8W+4Zb8bNYASIkSyBrx
zqu3DFO8ZLVv36xbz2Ms1NkYpCjoF0RZ+a6jY13WzK5GY8lknWTSLI+avvB2eIWR
3EzWzYTwbgIF4ImtSX1HD86FYccIsI0fHc+nhLuxbYOgDeRfLhyPAVTdfsRKbeer
dnh6uL5nVAR9WrR1B5+kgYgYMGDnDB/YDu+isqtUcVX7q04bUVCtnzVq7hKvNHiv
7zFT+HsNXBEnrvya+neqsmW5BJ+fim4l6jybBhtC4JQOql/mjvQfzzJqFra5rJbL
g/SD/utB8cRmcUSTZ+X/P74WX8y3xOd2GPPFJmbDiFg324hOR+XaGC/Y1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/2lXharkgt5vjzIx6xL6ZNlSc+MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvWF9hVmVGcXVTQzNtLVBNakhyRXZwazJWSno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWXwMA0G
CSqGSIb3DQEBCwUAA4IBAQAXsqE2IEHXUFmzzWQCfILx7Tn7MuAV79ZkWxxyO/GY
XPNtbN+65h4V93GhKV3Q8C7RJhuzvflE200447J4ct1RWLXp3VBsgfr7a+CJHB4S
msJZEqjqMDNrgVhKKBBBFaZ0QBJSJ6GI73EAk8s67LUSmQ5qIYlBlxISHTjTg+pe
yrJb0z/WGYWkS9Xi3voCKnf3XXMbsiU2/iq1tfMwJjtBXy//QSP9toiXaVRYWcw+
+FEuULuAL37gr/MRSxdvecmfX2rylk9pvUh5scq+XrjgHO+Vc+8Ih4B+3e1FQzKc
+QDPYCCi3SvTJ6KE3mExXJ5E6Ef8aV17Gf09MD4mxN00
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:09 2025 by rpki-client