Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/XufZiysYk33Xck5lo3CwfpdliJQ.roa
File: XufZiysYk33Xck5lo3CwfpdliJQ.roa (raw, json)
Hash identifier: 4ytM8O/KmX8CZCFr30YeKBOK7MtkaAq/PPvvT8k7frg=
Subject key identifier: 5E:E7:D9:8B:2B:18:93:7D:D7:72:4E:65:A3:70:B0:7E:97:65:88:94
Certificate issuer: /CN=c6c58ed1af964a7668e44397619ee1985a2491c5
Certificate serial: 0194228D72817706761696949EFFB960933E
Authority key identifier: C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/XufZiysYk33Xck5lo3CwfpdliJQ.roa
Signing time: Wed 01 Jan 2025 15:48:02 +0000
ROA not before: Wed 01 Jan 2025 15:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24991
IP address blocks: 81.93.192.0/21 maxlen: 21
81.93.200.0/24 maxlen: 24
81.93.201.0/24 maxlen: 24
81.93.202.0/23 maxlen: 23
81.93.204.0/22 maxlen: 22
2a03:da00::/36 maxlen: 36
2a03:da00:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:72:81:77:06:76:16:96:94:9e:ff:b9:60:93:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c58ed1af964a7668e44397619ee1985a2491c5
Validity
Not Before: Jan 1 15:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee7d98b2b18937dd7724e65a370b07e97658894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1c:fc:6f:f0:af:a5:3d:88:3d:7a:da:33:35:
eb:47:ee:6f:f3:07:c1:4e:67:ee:32:a4:6b:e9:e6:
5b:f3:65:1d:2c:95:fa:e8:98:13:c5:e2:4d:c2:8b:
2e:ba:e0:c8:50:f9:ed:4d:aa:78:88:47:c1:2e:a7:
c4:21:85:0f:9e:43:20:e1:15:5a:aa:d8:18:93:30:
90:c4:50:18:78:47:91:ce:17:c3:87:5a:49:29:ff:
f2:0f:e6:25:1c:76:38:85:df:a5:76:a9:1c:98:96:
6f:d6:d7:5d:ec:52:7e:82:68:62:18:ca:26:11:a1:
80:e6:de:54:81:24:0a:0e:18:d9:74:20:20:d3:ad:
d7:46:c1:f2:94:ce:5e:a3:c7:89:8e:a3:ce:22:a0:
f7:25:fe:42:67:a6:91:80:e8:18:31:a0:3f:92:9b:
32:84:fc:b1:68:1a:7a:cd:f4:b6:ba:3a:b7:6b:d1:
de:38:20:23:7e:8f:80:f8:dd:dc:19:fd:77:c9:32:
ba:24:3d:dd:c2:80:26:e5:21:c2:c2:40:7d:6c:3c:
db:1e:24:ac:41:65:b3:0e:18:4d:4d:9d:32:da:5d:
30:bf:c5:d4:c3:a2:26:08:94:96:c2:bd:22:09:e3:
6d:d9:ef:c5:87:c6:65:a4:cd:95:ec:f9:64:10:53:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E7:D9:8B:2B:18:93:7D:D7:72:4E:65:A3:70:B0:7E:97:65:88:94
X509v3 Authority Key Identifier:
keyid:C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/XufZiysYk33Xck5lo3CwfpdliJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.93.192.0/20
IPv6:
2a03:da00::/35
Signature Algorithm: sha256WithRSAEncryption
b8:9a:cd:d1:8b:61:de:df:00:94:ba:14:c9:8e:29:86:a7:97:
75:96:49:f7:eb:89:78:e9:22:99:62:ac:27:4e:74:12:bb:d9:
73:4c:ba:e4:74:13:41:2d:87:45:c7:fe:0d:aa:5e:e3:28:0e:
88:3c:a0:ff:14:67:cd:70:6d:1b:4c:06:da:de:47:05:85:41:
db:21:22:9b:bc:c1:9b:f0:4c:2f:9a:96:40:48:5e:eb:e2:74:
56:06:6f:8c:a9:76:c9:c0:3c:f5:7a:2b:6e:cd:a3:2f:40:c7:
f2:ed:ac:9e:8e:97:b6:68:47:7c:1d:57:28:bb:fd:0d:43:9f:
15:15:5b:77:c0:18:1d:37:03:8e:fe:42:29:ce:6f:71:ab:e7:
c0:0e:23:e6:80:b9:c6:1d:55:11:77:7d:9e:67:8f:c1:92:8e:
d2:67:24:43:a7:16:da:ec:7b:91:bf:0d:dd:c6:33:5d:57:66:
8a:95:0b:24:64:47:c3:bc:34:64:f4:86:ab:4f:97:01:d2:95:
6a:47:da:0c:ad:c4:cd:f2:18:9f:3f:ea:7f:1c:35:89:21:ba:
5c:c6:24:43:41:c1:61:e2:f4:f3:88:e8:2b:29:01:fd:b5:64:
59:bc:f2:52:af:97:ae:eb:8a:fc:a1:b4:35:6b:24:85:48:de:
71:e2:2a:54
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQijXKBdwZ2FpaUnv+5YJM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzU4ZWQxYWY5NjRhNzY2OGU0NDM5NzYxOWVlMTk4NWEy
NDkxYzUwHhcNMjUwMTAxMTU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU3ZDk4YjJiMTg5MzdkZDc3MjRlNjVhMzcwYjA3ZTk3NjU4ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhz8b/CvpT2IPXraMzXrR+5v8wfB
TmfuMqRr6eZb82UdLJX66JgTxeJNwosuuuDIUPntTap4iEfBLqfEIYUPnkMg4RVa
qtgYkzCQxFAYeEeRzhfDh1pJKf/yD+YlHHY4hd+ldqkcmJZv1tdd7FJ+gmhiGMom
EaGA5t5UgSQKDhjZdCAg063XRsHylM5eo8eJjqPOIqD3Jf5CZ6aRgOgYMaA/kpsy
hPyxaBp6zfS2ujq3a9HeOCAjfo+A+N3cGf13yTK6JD3dwoAm5SHCwkB9bDzbHiSs
QWWzDhhNTZ0y2l0wv8XUw6ImCJSWwr0iCeNt2e/Fh8ZlpM2V7PlkEFMbFQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF7n2YsrGJN913JOZaNwsH6XZYiUMB8GA1UdIwQY
MBaAFMbFjtGvlkp2aORDl2Ge4ZhaJJHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2Mt
MWM4YWZkMTlmZGJiLzEvWHVmWml5c1lrMzNYY2s1bG8zQ3dmcGRsaUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2MtMWM4YWZkMTlmZGJi
LzEveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEUV3AMA4E
AgACMAgDBgUqA9oAADANBgkqhkiG9w0BAQsFAAOCAQEAuJrN0Yth3t8AlLoUyY4p
hqeXdZZJ9+uJeOkimWKsJ050ErvZc0y65HQTQS2HRcf+Dape4ygOiDyg/xRnzXBt
G0wG2t5HBYVB2yEim7zBm/BML5qWQEhe6+J0VgZvjKl2ycA89Xorbs2jL0DH8u2s
no6XtmhHfB1XKLv9DUOfFRVbd8AYHTcDjv5CKc5vcavnwA4j5oC5xh1VEXd9nmeP
wZKO0mckQ6cW2ux7kb8N3cYzXVdmipULJGRHw7w0ZPSGq0+XAdKVakfaDK3EzfIY
nz/qfxw1iSG6XMYkQ0HBYeL084joKykB/bVkWbzyUq+XruuK/KG0NWskhUjeceIq
VA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:22 2025 by rpki-client