Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/XmRB73HQVRNuOd8gSyu0pOX_szA.roa
File: XmRB73HQVRNuOd8gSyu0pOX_szA.roa (raw, json)
Hash identifier: Z3NZNHbAVBQYIrZf2R+qbSLii19pTfBO9VPDC5dlP94=
Subject key identifier: 5E:64:41:EF:71:D0:55:13:6E:39:DF:20:4B:2B:B4:A4:E5:FF:B3:30
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 019512F7C65872BCE547321ECFA604CC283D
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/XmRB73HQVRNuOd8gSyu0pOX_szA.roa
Signing time: Mon 17 Feb 2025 08:13:02 +0000
ROA not before: Mon 17 Feb 2025 08:13:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 62.112.206.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:f7:c6:58:72:bc:e5:47:32:1e:cf:a6:04:cc:28:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Feb 17 08:13:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e6441ef71d055136e39df204b2bb4a4e5ffb330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:ef:50:fa:8a:c8:4a:2c:5b:8b:13:72:72:
7d:df:49:8f:fa:01:93:de:2c:87:7d:87:ae:1c:39:
c9:ea:63:5a:a0:c9:04:9c:9f:7e:3b:2d:fc:8c:78:
b0:c4:06:40:c3:ea:56:66:a1:56:21:8c:a5:3c:30:
43:5b:6c:b2:09:f1:7e:9f:eb:28:0f:42:b6:5e:e4:
f2:db:7b:3d:ba:df:48:41:60:d4:4f:b6:f8:85:e6:
70:e8:9a:a2:f3:65:10:e3:c1:07:4f:43:37:75:0a:
fc:82:f9:d1:86:3a:a7:53:39:0a:f9:7d:92:ea:ee:
7d:f6:ce:d6:e6:56:13:68:cb:9b:8c:29:75:8a:95:
8d:c0:c3:40:31:b0:6b:22:6f:7d:3c:ae:5d:8d:c9:
9b:96:6d:83:62:10:05:cd:39:a3:f8:1b:b7:a8:9f:
80:9c:47:39:ad:92:c6:47:4b:92:82:e4:e2:15:3b:
64:07:ec:4b:33:ee:94:10:1c:c4:65:0e:44:c4:4b:
8e:41:ef:3d:78:eb:88:20:30:72:4c:db:ed:90:0c:
6a:b9:05:7e:91:06:96:09:0e:95:b6:5b:ca:5f:d5:
99:96:b9:b6:1b:c3:00:2e:f2:63:b7:a0:ac:3d:af:
ec:f1:a1:3b:c9:78:82:4d:a1:3e:38:5f:88:35:af:
0e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:64:41:EF:71:D0:55:13:6E:39:DF:20:4B:2B:B4:A4:E5:FF:B3:30
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/XmRB73HQVRNuOd8gSyu0pOX_szA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.206.0/24
178.210.248.0/23
178.210.251.0/24
Signature Algorithm: sha256WithRSAEncryption
04:76:f4:af:d5:c6:8b:ba:3b:ba:ca:8e:53:14:34:a4:75:f7:
b2:15:13:52:a5:11:7f:60:11:4d:fe:74:be:09:8b:4a:3d:33:
8e:9a:e4:e6:4e:5f:41:d5:1e:8f:ef:a4:52:22:da:23:f1:89:
a8:26:e9:b7:f6:ee:a8:16:15:4c:51:25:5c:a0:bd:37:97:e5:
06:8f:62:57:42:47:d4:bd:f2:a0:1c:b9:81:5a:92:b0:0a:e1:
fd:8e:f4:ad:b3:10:fc:99:43:b8:14:b6:56:30:01:df:8f:67:
36:18:f1:0c:a4:71:f6:00:55:f5:ae:4e:8f:c2:0b:ae:29:3f:
29:8e:35:5f:76:68:55:1b:68:7a:22:f9:eb:ce:0f:a3:5f:0d:
ad:4c:03:fb:37:c6:33:0c:23:76:0e:61:5d:3a:14:b7:e4:3b:
6b:1f:a6:03:f5:aa:6c:34:51:74:ab:6b:48:5b:6f:63:ca:d9:
67:dc:d0:5a:11:4b:5f:ad:f6:42:f5:00:3e:2f:bb:72:a2:e9:
21:94:f0:a4:9b:d2:2e:46:af:b0:27:c1:73:fd:5c:89:35:ca:
c8:06:5c:dc:e6:cd:e9:00:75:39:51:1f:33:12:72:ac:00:50:
c8:a5:e4:91:a0:41:86:ce:72:0e:90:22:9e:aa:9b:04:09:83:
46:f2:9f:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUS98ZYcrzlRzIez6YEzCg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMjE3MDgxMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY0NDFlZjcxZDA1NTEzNmUzOWRmMjA0YjJiYjRhNGU1ZmZiMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotvvUPqKyEosW4sTcnJ930mP+gGT
3iyHfYeuHDnJ6mNaoMkEnJ9+Oy38jHiwxAZAw+pWZqFWIYylPDBDW2yyCfF+n+so
D0K2XuTy23s9ut9IQWDUT7b4heZw6Jqi82UQ48EHT0M3dQr8gvnRhjqnUzkK+X2S
6u599s7W5lYTaMubjCl1ipWNwMNAMbBrIm99PK5djcmblm2DYhAFzTmj+Bu3qJ+A
nEc5rZLGR0uSguTiFTtkB+xLM+6UEBzEZQ5ExEuOQe89eOuIIDByTNvtkAxquQV+
kQaWCQ6VtlvKX9WZlrm2G8MALvJjt6CsPa/s8aE7yXiCTaE+OF+INa8OKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF5kQe9x0FUTbjnfIEsrtKTl/7MwMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvWG1SQjczSFFWUk51T2Q4Z1N5dTBwT1hfc3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPnDOAwQB
stL4AwQAstL7MA0GCSqGSIb3DQEBCwUAA4IBAQAEdvSv1caLuju6yo5TFDSkdfey
FRNSpRF/YBFN/nS+CYtKPTOOmuTmTl9B1R6P76RSItoj8YmoJum39u6oFhVMUSVc
oL03l+UGj2JXQkfUvfKgHLmBWpKwCuH9jvStsxD8mUO4FLZWMAHfj2c2GPEMpHH2
AFX1rk6PwguuKT8pjjVfdmhVG2h6Ivnrzg+jXw2tTAP7N8YzDCN2DmFdOhS35Dtr
H6YD9apsNFF0q2tIW29jytln3NBaEUtfrfZC9QA+L7tyoukhlPCkm9IuRq+wJ8Fz
/VyJNcrIBlzc5s3pAHU5UR8zEnKsAFDIpeSRoEGGznIOkCKeqpsECYNG8p/0
-----END CERTIFICATE-----
Generated at Sun Apr 13 18:32:03 2025 by rpki-client