Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/xYBkOkdRt8PDKOH8dzQ2NTMqI8M.roa
File: xYBkOkdRt8PDKOH8dzQ2NTMqI8M.roa (raw, json)
Hash identifier: ITHwZydQPAzKvryYx9N44bQeMeKILW1oaBs72ARfdxs=
Subject key identifier: C5:80:64:3A:47:51:B7:C3:C3:28:E1:FC:77:34:36:35:33:2A:23:C3
Certificate issuer: /CN=830555f011be5e241eb0b425de5fd86cc6834a54
Certificate serial: 019424B3C288D00F710D600C4AC1D6219EF1
Authority key identifier: 83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/xYBkOkdRt8PDKOH8dzQ2NTMqI8M.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52130
IP address blocks: 188.92.40.0/21 maxlen: 23
2a02:7d00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c2:88:d0:0f:71:0d:60:0c:4a:c1:d6:21:9e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830555f011be5e241eb0b425de5fd86cc6834a54
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c580643a4751b7c3c328e1fc77343635332a23c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:3f:e1:c9:f6:47:af:64:92:49:81:a8:45:
f3:93:09:b4:ea:66:1c:a3:bf:b9:3b:ce:52:36:21:
7f:00:64:65:c2:ee:bd:8c:c8:18:e7:15:0e:ad:0e:
75:9e:fe:22:51:f7:32:d1:3b:26:22:66:c1:9c:57:
70:83:a3:6a:9b:c8:22:93:ca:24:5c:cf:a6:9f:6e:
d0:5f:c6:6a:6b:ca:d2:d7:37:df:af:ee:f8:09:78:
36:af:22:36:c9:99:db:8d:fd:3f:69:35:2d:1c:26:
3a:7a:40:11:40:92:91:d4:28:e4:2d:9a:a2:9d:13:
e2:ce:11:21:ef:63:4e:68:e1:b9:35:e2:71:d1:55:
7a:d8:ff:33:ee:e5:1d:69:e2:6f:d4:8d:ca:2b:58:
58:22:eb:0f:13:42:d0:01:8f:16:b3:e3:21:0d:c7:
8e:28:7b:81:04:47:9d:05:1c:fe:ff:cd:d8:39:b1:
ff:44:e0:18:aa:19:5b:b1:ee:30:c3:4d:ba:7e:c9:
57:24:ca:6c:e8:2d:cd:35:ab:3c:2b:03:71:7c:a0:
ae:d1:07:f7:7a:b1:24:72:f6:c6:d1:fc:1b:4d:2b:
0f:fd:e6:27:b1:ea:88:d9:3b:82:94:05:56:ff:95:
21:20:7e:8d:0f:70:c8:42:6e:d8:18:6e:9d:f8:db:
a1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:80:64:3A:47:51:B7:C3:C3:28:E1:FC:77:34:36:35:33:2A:23:C3
X509v3 Authority Key Identifier:
keyid:83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/xYBkOkdRt8PDKOH8dzQ2NTMqI8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.40.0/21
IPv6:
2a02:7d00::/32
Signature Algorithm: sha256WithRSAEncryption
88:de:09:2e:c7:9f:be:cb:93:c0:82:e8:4c:cd:91:8e:be:e1:
de:8f:82:30:a7:bf:5d:97:9a:9f:ac:92:39:1c:c5:b2:7e:ab:
f7:e7:84:a5:45:0b:48:f0:7f:c1:b9:ea:af:ff:3a:63:0e:a1:
3a:7d:c2:5c:9a:ac:d5:b1:d8:50:56:8f:f2:09:44:ec:92:70:
24:de:01:54:fb:64:ae:f9:88:b2:7c:ae:f1:30:6d:1d:90:c6:
d9:ce:a2:4f:63:42:be:73:db:21:a9:ec:eb:82:5f:8c:14:c5:
27:a4:aa:e7:ea:d2:64:3b:c1:a8:b7:95:46:62:c1:51:88:6e:
7c:07:28:f5:f2:65:69:74:88:88:7b:d8:d8:80:b0:51:93:fc:
f3:28:c1:69:21:96:08:02:45:50:bf:41:dd:a6:6c:ca:e2:2b:
d2:68:26:82:8d:d4:1e:53:8f:a5:3b:81:9d:80:55:c1:6b:ed:
33:2d:5c:da:e2:9e:d3:ba:84:ee:9d:21:8e:59:c4:8b:21:a6:
e0:e9:bd:4d:56:1b:fc:45:29:60:db:47:5e:cb:f8:5a:d3:89:
79:8a:0c:15:2a:a3:a6:b3:de:b8:0e:42:8d:d3:46:7e:82:a1:
a8:69:e2:8f:9a:2b:b8:47:7b:9a:ab:a3:5f:1c:12:d7:8c:6d:
fc:89:4e:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks8KI0A9xDWAMSsHWIZ7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDU1NWYwMTFiZTVlMjQxZWIwYjQyNWRlNWZkODZjYzY4
MzRhNTQwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTgwNjQzYTQ3NTFiN2MzYzMyOGUxZmM3NzM0MzYzNTMzMmEyM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmA/4cn2R69kkkmBqEXzkwm06mYc
o7+5O85SNiF/AGRlwu69jMgY5xUOrQ51nv4iUfcy0TsmImbBnFdwg6Nqm8gik8ok
XM+mn27QX8Zqa8rS1zffr+74CXg2ryI2yZnbjf0/aTUtHCY6ekARQJKR1CjkLZqi
nRPizhEh72NOaOG5NeJx0VV62P8z7uUdaeJv1I3KK1hYIusPE0LQAY8Ws+MhDceO
KHuBBEedBRz+/83YObH/ROAYqhlbse4ww026fslXJMps6C3NNas8KwNxfKCu0Qf3
erEkcvbG0fwbTSsP/eYnseqI2TuClAVW/5UhIH6ND3DIQm7YGG6d+NuhcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMWAZDpHUbfDwyjh/Hc0NjUzKiPDMB8GA1UdIwQY
MBaAFIMFVfARvl4kHrC0Jd5f2GzGg0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEt
ZDY5OWRkYzlkMDljLzEveFlCa09rZFJ0OFBES09IOGR6UTJOVE1xSThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEtZDY5OWRkYzlkMDlj
LzEvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDvFwoMA0E
AgACMAcDBQAqAn0AMA0GCSqGSIb3DQEBCwUAA4IBAQCI3gkux5++y5PAguhMzZGO
vuHej4Iwp79dl5qfrJI5HMWyfqv354SlRQtI8H/Bueqv/zpjDqE6fcJcmqzVsdhQ
Vo/yCUTsknAk3gFU+2Su+YiyfK7xMG0dkMbZzqJPY0K+c9shqezrgl+MFMUnpKrn
6tJkO8Got5VGYsFRiG58Byj18mVpdIiIe9jYgLBRk/zzKMFpIZYIAkVQv0HdpmzK
4ivSaCaCjdQeU4+lO4GdgFXBa+0zLVza4p7TuoTunSGOWcSLIabg6b1NVhv8RSlg
20dey/ha04l5igwVKqOms964DkKN00Z+gqGoaeKPmiu4R3uaq6NfHBLXjG38iU7R
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:08:42 2025 by rpki-client