Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XRFx-I5iR8sOu4eWb4zxF9j51nY.roa
File: XRFx-I5iR8sOu4eWb4zxF9j51nY.roa (raw, json)
Hash identifier: jWOrWm0uqq8hwtJKnrOJeXRAnKAJtuuvhEDHE+aeWOM=
Subject key identifier: 5D:11:71:F8:8E:62:47:CB:0E:BB:87:96:6F:8C:F1:17:D8:F9:D6:76
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01942143DFBC4E3C3B53CA3122FBEB6B0041
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XRFx-I5iR8sOu4eWb4zxF9j51nY.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3266
IP address blocks: 78.24.73.0/24 maxlen: 24
78.24.74.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1909::/32 maxlen: 32
2a00:1909::/48 maxlen: 48
2a00:190a::/32 maxlen: 32
2a00:190a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:df:bc:4e:3c:3b:53:ca:31:22:fb:eb:6b:00:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d1171f88e6247cb0ebb87966f8cf117d8f9d676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:9f:68:4d:de:5e:27:ac:c5:70:3e:c7:98:
b8:2f:0a:07:1b:6d:ad:4d:f0:b7:b8:24:fb:c6:be:
7a:aa:f5:53:ce:2b:f8:1b:e6:24:c4:07:b5:2e:48:
3d:27:5a:01:d5:39:c7:15:84:ab:c9:82:e3:b2:71:
04:bb:00:95:42:cd:1a:38:6a:65:b4:46:b4:61:a2:
68:57:e4:e3:cc:56:4d:bd:ad:b2:bb:fc:64:51:6f:
30:3b:7e:2a:51:5a:26:82:d4:fa:22:7e:64:f4:78:
50:37:fb:53:32:c0:6d:1a:d0:d3:8d:ed:8b:d3:95:
d9:06:3b:0e:9f:b9:fe:1a:6a:46:c8:12:c2:94:ce:
c8:91:46:ae:e1:37:dd:f1:60:d9:9d:f9:0b:f8:ab:
cc:07:b1:b2:83:55:2a:dc:fb:0d:2d:de:89:74:fd:
fe:36:7e:eb:14:77:07:6f:fa:7b:f4:c1:d9:ea:64:
f1:92:ee:7e:1c:ee:fd:ef:bf:d9:32:cb:b2:87:07:
78:e5:ee:01:ed:24:07:3c:f5:19:0c:cd:69:23:34:
8a:3e:90:0f:02:26:f2:1f:64:e4:a5:c8:ba:d7:a9:
fc:4f:87:ca:47:6d:09:2f:02:98:5e:dc:46:c6:b2:
96:87:38:a9:6e:d0:5e:83:57:72:3c:d8:9c:6b:33:
25:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:11:71:F8:8E:62:47:CB:0E:BB:87:96:6F:8C:F1:17:D8:F9:D6:76
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XRFx-I5iR8sOu4eWb4zxF9j51nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.73.0-78.24.74.255
78.24.79.0/24
IPv6:
2a00:1909::-2a00:190a:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:08:70:1a:2f:18:74:a5:34:d3:1a:32:13:0a:a0:13:10:1b:
66:62:7c:79:f8:40:fa:6a:70:26:af:db:c1:33:77:60:73:62:
ee:e5:31:85:d0:97:8b:ed:82:f7:4d:34:b6:aa:8f:98:3b:15:
86:ad:41:40:d6:94:d8:e7:1f:f7:01:01:63:e8:78:ea:c1:a0:
06:73:f0:73:ba:0e:8e:32:b2:dd:53:c3:10:ec:04:73:46:6b:
82:59:3a:36:8a:44:33:41:10:2e:12:09:81:34:b8:59:8c:99:
c4:24:25:ce:1f:6f:07:3c:dd:06:85:72:95:fc:3b:4c:6c:c9:
c2:94:23:d5:ec:26:58:4d:3a:52:59:5f:63:db:b1:29:2d:a9:
0b:c4:cc:d4:26:2c:88:c4:ba:62:0c:93:81:79:e6:65:9b:02:
83:fc:bc:87:32:22:2b:b9:42:23:95:24:27:06:01:c2:8f:c3:
d3:e7:0e:f4:f9:21:4b:b2:c6:22:43:4b:7b:06:4d:b8:32:39:
40:64:4b:d0:15:32:dd:a0:b0:22:92:e1:c2:99:4b:4a:ce:3d:
e2:14:11:50:cc:8a:11:06:73:0f:c6:5b:c4:9a:a5:38:cf:3f:
ff:b1:82:a6:98:68:a7:e2:41:f1:c9:74:aa:41:5e:2d:28:e7:
d3:a7:80:65
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQhQ9+8Tjw7U8oxIvvrawBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDExNzFmODhlNjI0N2NiMGViYjg3OTY2ZjhjZjExN2Q4ZjlkNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukifaE3eXiesxXA+x5i4LwoHG22t
TfC3uCT7xr56qvVTziv4G+YkxAe1Lkg9J1oB1TnHFYSryYLjsnEEuwCVQs0aOGpl
tEa0YaJoV+TjzFZNva2yu/xkUW8wO34qUVomgtT6In5k9HhQN/tTMsBtGtDTje2L
05XZBjsOn7n+GmpGyBLClM7IkUau4Tfd8WDZnfkL+KvMB7Gyg1Uq3PsNLd6JdP3+
Nn7rFHcHb/p79MHZ6mTxku5+HO7977/ZMsuyhwd45e4B7SQHPPUZDM1pIzSKPpAP
AibyH2Tkpci616n8T4fKR20JLwKYXtxGxrKWhzipbtBeg1dyPNicazMlhwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF0RcfiOYkfLDruHlm+M8RfY+dZ2MB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvWFJGeC1JNWlSOHNPdTRlV2I0enhGOWo1MW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBABOGEkD
BABOGEoDBABOGE8wFgQCAAIwEDAOAwUAKgAZCQMFACoAGQowDQYJKoZIhvcNAQEL
BQADggEBAC8IcBovGHSlNNMaMhMKoBMQG2ZifHn4QPpqcCav28Ezd2BzYu7lMYXQ
l4vtgvdNNLaqj5g7FYatQUDWlNjnH/cBAWPoeOrBoAZz8HO6Do4yst1TwxDsBHNG
a4JZOjaKRDNBEC4SCYE0uFmMmcQkJc4fbwc83QaFcpX8O0xsycKUI9XsJlhNOlJZ
X2PbsSktqQvEzNQmLIjEumIMk4F55mWbAoP8vIcyIiu5QiOVJCcGAcKPw9PnDvT5
IUuyxiJDS3sGTbgyOUBkS9AVMt2gsCKS4cKZS0rOPeIUEVDMihEGcw/GW8SapTjP
P/+xgqaYaKfiQfHJdKpBXi0o59OngGU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:25 2025 by rpki-client