Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/X3STT9uNWvgpUT8B2LTGrxoI9k0.roa
File: X3STT9uNWvgpUT8B2LTGrxoI9k0.roa (raw, json)
Hash identifier: LPxXWYECEhYhqhJFZtgmdAjXs7SoH+TOKVHj7gJZDp0=
Subject key identifier: 5F:74:93:4F:DB:8D:5A:F8:29:51:3F:01:D8:B4:C6:AF:1A:08:F6:4D
Certificate issuer: /CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Certificate serial: 0194228D5EDF9BCF1882A30B4139AACE0C88
Authority key identifier: 5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/X3STT9uNWvgpUT8B2LTGrxoI9k0.roa
Signing time: Wed 01 Jan 2025 15:47:57 +0000
ROA not before: Wed 01 Jan 2025 15:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52148
IP address blocks: 91.209.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5e:df:9b:cf:18:82:a3:0b:41:39:aa:ce:0c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Validity
Not Before: Jan 1 15:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f74934fdb8d5af829513f01d8b4c6af1a08f64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:d7:4f:a1:ab:b9:ee:52:7a:11:52:a1:28:
31:2f:f9:ae:20:bf:32:dd:c6:5d:2b:05:b8:39:68:
cc:80:ea:03:cd:5f:88:75:ff:76:05:d8:2d:6c:af:
a4:ee:bd:53:b2:f4:96:64:9f:48:af:6f:ea:c5:de:
a7:1c:67:c8:f4:8b:c6:14:f7:d7:e0:f8:40:dd:af:
39:37:64:51:64:cd:1f:73:63:70:a9:a0:11:9a:8e:
6c:e3:60:27:db:5a:10:1e:e3:56:32:ea:6f:42:6f:
8a:d6:0e:d4:26:fd:7b:17:f5:03:b6:89:8e:2e:de:
13:89:e2:24:f0:76:d6:a7:6f:12:7b:43:83:d6:bf:
6c:56:47:d5:f1:fb:c5:09:11:e6:1b:88:32:80:44:
1c:08:77:b1:43:25:71:14:5a:61:40:13:77:71:6d:
e3:6c:9e:25:25:25:31:e2:e5:54:e6:5f:0a:8c:c9:
99:09:1e:69:62:b0:4b:cd:f4:40:b9:67:eb:ab:d0:
79:ac:e5:e2:14:47:99:d8:e5:b1:f9:34:aa:44:11:
33:fd:fd:14:a3:f9:ff:7d:61:7a:fd:ad:b4:9f:f9:
3e:6b:00:cf:09:6c:a1:69:f4:d4:f6:62:47:ef:66:
a5:d9:1e:bf:5c:28:9f:b0:9a:f2:93:0b:56:ac:69:
9a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:74:93:4F:DB:8D:5A:F8:29:51:3F:01:D8:B4:C6:AF:1A:08:F6:4D
X509v3 Authority Key Identifier:
keyid:5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/X3STT9uNWvgpUT8B2LTGrxoI9k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.37.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:2e:26:d7:81:fa:04:d7:67:04:3a:70:11:04:e8:51:6a:05:
67:26:b9:72:e9:ad:1d:87:88:d5:24:97:46:47:7f:85:28:f0:
b1:0e:f7:e9:29:ad:fe:d8:0b:1b:4d:f8:2f:64:6f:6a:ab:d0:
df:7b:db:a2:e9:8e:60:f1:e1:2e:79:f2:5e:df:54:24:dc:93:
fa:64:9f:28:d8:85:a8:a3:bd:1f:ee:81:ce:49:b9:24:b1:73:
cc:a0:67:e1:cf:76:b6:70:0e:9f:aa:bc:4c:19:34:16:8e:ab:
b0:d6:ef:22:f3:8a:e9:7b:cd:4a:ca:98:b5:e1:b3:b2:2d:d5:
14:59:ae:57:c1:42:fc:f7:65:9e:6b:66:7a:f4:40:38:5a:08:
d6:c3:50:45:9a:90:a2:e2:4a:35:8c:9d:fe:fc:46:e1:46:0c:
78:bd:a3:47:54:ab:fe:bf:49:3c:96:21:d4:31:29:f8:90:ac:
a4:49:c4:a5:ad:47:f1:66:4a:e0:b0:6c:96:05:82:2b:b9:67:
7d:e0:04:ba:a6:49:eb:e4:92:74:83:3f:34:8d:b0:9f:09:05:
5f:ad:10:5e:25:88:65:a1:53:54:06:df:bc:41:2a:70:85:8f:
85:3a:7f:f1:3e:1d:43:72:c4:cd:52:5d:e5:18:50:e1:91:fd:
23:c9:7f:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijV7fm88YgqMLQTmqzgyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTgxMDU1N2NiMDY3MGJjOWMwOTMzZTAyN2U5YmQ4MmFi
MTU2ZGYwHhcNMjUwMTAxMTU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc0OTM0ZmRiOGQ1YWY4Mjk1MTNmMDFkOGI0YzZhZjFhMDhmNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLzXT6Grue5SehFSoSgxL/muIL8y
3cZdKwW4OWjMgOoDzV+Idf92BdgtbK+k7r1TsvSWZJ9Ir2/qxd6nHGfI9IvGFPfX
4PhA3a85N2RRZM0fc2NwqaARmo5s42An21oQHuNWMupvQm+K1g7UJv17F/UDtomO
Lt4TieIk8HbWp28Se0OD1r9sVkfV8fvFCRHmG4gygEQcCHexQyVxFFphQBN3cW3j
bJ4lJSUx4uVU5l8KjMmZCR5pYrBLzfRAuWfrq9B5rOXiFEeZ2OWx+TSqRBEz/f0U
o/n/fWF6/a20n/k+awDPCWyhafTU9mJH72al2R6/XCifsJrykwtWrGmalwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF90k0/bjVr4KVE/Adi0xq8aCPZNMB8GA1UdIwQY
MBaAFF5YEFV8sGcLycCTPgJ+m9gqsVbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxnUVZYeXdad3ZKd0pNLUFuNmIyQ3F4VnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85N2M0MTQtM2FmYS00OWVlLWFiNzAt
YTQ0MDdhNWQzMjFhLzEvWDNTVFQ5dU5XdmdwVVQ4QjJMVEdyeG9JOWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85N2M0MTQtM2FmYS00OWVlLWFiNzAtYTQ0MDdhNWQzMjFh
LzEvWGxnUVZYeXdad3ZKd0pNLUFuNmIyQ3F4VnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ElMA0G
CSqGSIb3DQEBCwUAA4IBAQC9LibXgfoE12cEOnARBOhRagVnJrly6a0dh4jVJJdG
R3+FKPCxDvfpKa3+2AsbTfgvZG9qq9Dfe9ui6Y5g8eEuefJe31Qk3JP6ZJ8o2IWo
o70f7oHOSbkksXPMoGfhz3a2cA6fqrxMGTQWjquw1u8i84rpe81Kypi14bOyLdUU
Wa5XwUL892Wea2Z69EA4WgjWw1BFmpCi4ko1jJ3+/EbhRgx4vaNHVKv+v0k8liHU
MSn4kKykScSlrUfxZkrgsGyWBYIruWd94AS6pknr5JJ0gz80jbCfCQVfrRBeJYhl
oVNUBt+8QSpwhY+FOn/xPh1DcsTNUl3lGFDhkf0jyX+p
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:50:01 2025 by rpki-client