Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/Xr6lOU6Tyn_u4v5GW5vdi-zMXGM.roa
File: Xr6lOU6Tyn_u4v5GW5vdi-zMXGM.roa (raw, json)
Hash identifier: 80FIdGSyhpgpiEyJdmuxntmRKHZK2fr3v8thq23exzs=
Subject key identifier: 5E:BE:A5:39:4E:93:CA:7F:EE:E2:FE:46:5B:9B:DD:8B:EC:CC:5C:63
Certificate issuer: /CN=73260aafefe2ee072e4062e7bf1ab8d9c4208561
Certificate serial: 019422FC13239E62932FC78D451CBC6931F2
Authority key identifier: 73:26:0A:AF:EF:E2:EE:07:2E:40:62:E7:BF:1A:B8:D9:C4:20:85:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cyYKr-_i7gcuQGLnvxq42cQghWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/Xr6lOU6Tyn_u4v5GW5vdi-zMXGM.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47227
IP address blocks: 93.190.168.0/21 maxlen: 30
2a02:6d0::/32 maxlen: 126
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/cyYKr-_i7gcuQGLnvxq42cQghWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/cyYKr-_i7gcuQGLnvxq42cQghWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cyYKr-_i7gcuQGLnvxq42cQghWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:13:23:9e:62:93:2f:c7:8d:45:1c:bc:69:31:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73260aafefe2ee072e4062e7bf1ab8d9c4208561
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ebea5394e93ca7feee2fe465b9bdd8beccc5c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:cc:2e:a2:5c:eb:c5:ee:87:28:83:b1:29:3a:
08:8c:58:fa:e1:48:28:32:dc:9e:02:2c:b9:7a:ea:
ba:41:b3:29:ce:33:6f:79:19:e8:2e:41:da:0a:e5:
ed:27:b9:0d:e4:34:ca:74:4d:5d:e3:be:1d:88:a2:
e7:27:26:73:aa:2d:24:67:9b:2d:05:b6:57:9f:8b:
9a:35:65:45:ee:0e:5a:85:8b:56:90:49:91:ec:63:
80:90:b1:de:f9:8d:45:47:4f:b2:fc:b6:1d:84:6d:
be:c0:c8:df:88:2e:94:81:1a:f3:24:6d:1a:54:42:
3e:4e:d2:2e:c2:9c:e9:aa:a1:eb:71:ee:31:c6:d4:
98:8d:ae:c1:f5:ef:35:a6:29:99:7f:d7:bb:22:67:
e0:c8:31:10:53:db:3d:1c:55:33:fd:4a:b4:3e:36:
dd:ec:e8:60:38:0f:dd:7d:38:a6:1e:cd:6c:eb:e2:
1f:84:d0:2c:ec:35:90:0d:e1:1a:f2:50:ca:ce:d1:
f3:f0:c5:cf:1e:b6:74:f0:a6:e9:c7:b7:b1:fc:c8:
dc:bc:b7:2e:fc:2c:b6:cb:f1:7c:08:14:44:62:80:
fc:59:dc:ec:09:df:06:d0:bb:c6:ea:bc:dc:e2:21:
28:f8:98:82:5b:79:4f:2a:dc:06:d7:80:59:0e:db:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BE:A5:39:4E:93:CA:7F:EE:E2:FE:46:5B:9B:DD:8B:EC:CC:5C:63
X509v3 Authority Key Identifier:
keyid:73:26:0A:AF:EF:E2:EE:07:2E:40:62:E7:BF:1A:B8:D9:C4:20:85:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cyYKr-_i7gcuQGLnvxq42cQghWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/Xr6lOU6Tyn_u4v5GW5vdi-zMXGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/36c2b8-12df-4552-9a1e-8ad0f068d161/1/cyYKr-_i7gcuQGLnvxq42cQghWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.168.0/21
IPv6:
2a02:6d0::/32
Signature Algorithm: sha256WithRSAEncryption
3b:8f:3c:f1:46:db:7c:bb:0f:d2:a5:47:b4:84:79:f4:ad:38:
64:4a:da:be:c0:9e:6b:9f:ba:6c:52:68:dd:77:d9:de:5d:d3:
44:c8:26:d2:7a:28:fd:9a:ad:ed:36:9c:02:f9:dd:47:19:5d:
51:de:4c:eb:ef:52:eb:6d:de:f0:4c:8a:e7:38:52:f0:43:9e:
80:bd:6d:72:03:93:07:53:6f:e8:e0:01:71:1f:2a:79:36:7b:
d5:72:8c:00:6d:a3:35:9a:df:15:a4:cd:81:3c:f6:4f:81:cc:
9f:44:4d:16:a9:43:b0:cb:0c:45:ed:51:f0:d7:8c:38:77:fd:
73:7b:67:b0:e6:92:58:f2:d7:12:5c:05:10:be:0d:35:f9:2a:
45:0d:39:49:06:16:3b:ef:52:da:23:1f:b0:85:86:dd:a5:5a:
93:7a:8a:06:0a:7a:01:a5:69:b7:8f:2a:c8:74:e9:79:6b:71:
7d:89:70:ba:69:dd:bd:f0:79:ff:e1:7e:98:e4:e7:e4:5f:b0:
0a:40:f5:f3:d0:cb:f1:d9:69:80:d7:a3:43:6c:21:70:64:c5:
f2:c8:3a:3a:e9:f6:47:f3:6f:c7:bf:16:65:e4:ab:6f:b3:45:
1e:b6:42:8f:eb:49:01:8b:f6:64:c4:89:9b:cd:ca:ed:44:13:
de:74:0d:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/BMjnmKTL8eNRRy8aTHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMjYwYWFmZWZlMmVlMDcyZTQwNjJlN2JmMWFiOGQ5YzQy
MDg1NjEwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJlYTUzOTRlOTNjYTdmZWVlMmZlNDY1YjliZGQ4YmVjY2M1YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+cwuolzrxe6HKIOxKToIjFj64Ugo
MtyeAiy5euq6QbMpzjNveRnoLkHaCuXtJ7kN5DTKdE1d474diKLnJyZzqi0kZ5st
BbZXn4uaNWVF7g5ahYtWkEmR7GOAkLHe+Y1FR0+y/LYdhG2+wMjfiC6UgRrzJG0a
VEI+TtIuwpzpqqHrce4xxtSYja7B9e81pimZf9e7ImfgyDEQU9s9HFUz/Uq0Pjbd
7OhgOA/dfTimHs1s6+IfhNAs7DWQDeEa8lDKztHz8MXPHrZ08Kbpx7ex/MjcvLcu
/Cy2y/F8CBREYoD8WdzsCd8G0LvG6rzc4iEo+JiCW3lPKtwG14BZDtvBPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF6+pTlOk8p/7uL+Rlub3YvszFxjMB8GA1UdIwQY
MBaAFHMmCq/v4u4HLkBi578auNnEIIVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3lZS3ItX2k3Z2N1UUdMbnZ4cTQyY1FnaFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8zNmMyYjgtMTJkZi00NTUyLTlhMWUt
OGFkMGYwNjhkMTYxLzEvWHI2bE9VNlR5bl91NHY1R1c1dmRpLXpNWEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8zNmMyYjgtMTJkZi00NTUyLTlhMWUtOGFkMGYwNjhkMTYx
LzEvY3lZS3ItX2k3Z2N1UUdMbnZ4cTQyY1FnaFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXb6oMA0E
AgACMAcDBQAqAgbQMA0GCSqGSIb3DQEBCwUAA4IBAQA7jzzxRtt8uw/SpUe0hHn0
rThkStq+wJ5rn7psUmjdd9neXdNEyCbSeij9mq3tNpwC+d1HGV1R3kzr71Lrbd7w
TIrnOFLwQ56AvW1yA5MHU2/o4AFxHyp5NnvVcowAbaM1mt8VpM2BPPZPgcyfRE0W
qUOwywxF7VHw14w4d/1ze2ew5pJY8tcSXAUQvg01+SpFDTlJBhY771LaIx+whYbd
pVqTeooGCnoBpWm3jyrIdOl5a3F9iXC6ad298Hn/4X6Y5OfkX7AKQPXz0Mvx2WmA
16NDbCFwZMXyyDo66fZH82/HvxZl5Ktvs0UetkKP60kBi/ZkxImbzcrtRBPedA3b
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:16 2025 by rpki-client