Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/xkbe7-bpi_soiL6y9FjVY-pZjq4.roa
File: xkbe7-bpi_soiL6y9FjVY-pZjq4.roa (raw, json)
Hash identifier: DD/O2GJZO7TOSqwXXJo222/YwW4YcV/75ci14nBdOpc=
Subject key identifier: C6:46:DE:EF:E6:E9:8B:FB:28:88:BE:B2:F4:58:D5:63:EA:59:8E:AE
Certificate issuer: /CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Certificate serial: 019423D75A32E3C26488860C94919A74D09F
Authority key identifier: 40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/xkbe7-bpi_soiL6y9FjVY-pZjq4.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204814
IP address blocks: 45.128.248.0/22 maxlen: 24
45.158.24.0/22 maxlen: 24
84.252.96.0/22 maxlen: 24
185.239.28.0/22 maxlen: 24
2a0c:4780::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5a:32:e3:c2:64:88:86:0c:94:91:9a:74:d0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c646deefe6e98bfb2888beb2f458d563ea598eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d2:e5:85:d3:9b:b0:a0:9a:43:8f:39:76:a2:
ea:a1:b4:0c:2d:2c:e1:a5:37:6b:75:cc:84:af:ca:
3b:16:28:71:c4:76:5e:da:36:37:7f:df:55:db:16:
bd:b9:60:73:62:a7:e1:fd:f4:28:67:42:b1:bc:9f:
16:fd:dc:08:44:1c:3a:c0:2d:cf:ac:7c:dc:f4:92:
b7:fa:9d:f6:3c:0c:7e:41:da:52:29:78:e9:c8:e8:
35:07:2e:1a:a9:ef:7b:cd:00:33:d2:40:b9:59:ca:
a7:7f:6e:dd:0f:39:07:65:7e:bf:6f:20:b1:f7:7a:
e5:29:9d:76:41:4b:bd:44:ce:31:ff:aa:f7:a8:e1:
ce:60:03:42:56:b1:4a:bb:67:6d:7f:fa:ed:5f:ed:
07:26:61:20:e9:35:2a:09:56:d4:61:d9:c3:bf:1c:
ed:53:ae:69:bc:38:e8:68:f8:77:9b:dc:84:db:58:
45:da:35:48:bb:89:53:98:99:46:6c:c6:29:7d:ad:
40:ea:5b:9f:da:c5:88:15:f9:04:ed:9c:bc:33:f1:
a1:98:27:a0:de:a6:c6:be:f8:46:28:37:a5:0e:65:
7c:f7:c8:21:27:50:4a:e7:cf:f4:27:fb:58:d2:ce:
15:5c:b3:7d:b5:9e:e1:52:5e:e7:3a:11:92:56:30:
c3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:46:DE:EF:E6:E9:8B:FB:28:88:BE:B2:F4:58:D5:63:EA:59:8E:AE
X509v3 Authority Key Identifier:
keyid:40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/xkbe7-bpi_soiL6y9FjVY-pZjq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.248.0/22
45.158.24.0/22
84.252.96.0/22
185.239.28.0/22
IPv6:
2a0c:4780::/29
Signature Algorithm: sha256WithRSAEncryption
65:d1:23:9e:02:99:3d:06:1c:36:81:12:2b:09:20:40:e1:dd:
ba:c9:53:1e:94:0e:73:40:72:90:fb:bf:34:aa:32:38:30:14:
ed:1f:6e:19:d9:4e:62:d8:4e:4a:32:45:b2:b4:d8:25:c6:f8:
f2:6c:3a:90:8c:84:1c:ea:3c:45:14:8b:bd:79:97:87:a2:71:
1a:9f:4c:91:72:66:2d:b9:74:ea:a8:29:f9:8c:2e:86:1f:bb:
3b:75:b8:66:57:3a:52:99:db:39:13:85:7f:97:c1:dd:ab:b0:
e2:ce:62:fd:54:8a:c5:82:ee:ed:a6:08:43:86:1d:a6:1a:98:
9b:f4:9e:ed:00:37:c3:a3:77:db:51:68:00:d6:eb:28:fb:9d:
a4:76:dc:9a:31:b5:98:5a:63:28:5d:a3:2e:8c:5f:ba:77:e8:
7b:d0:55:3c:3d:e2:f8:ed:6a:25:41:38:e9:26:7f:7f:fe:d6:
f6:91:fb:03:d2:64:c2:7e:cb:b5:7d:81:bc:33:d9:cc:3d:b7:
d7:4d:35:95:09:3d:3f:d2:9f:b7:cc:ba:08:3f:b0:33:d7:7c:
bf:4d:55:b4:9a:19:73:98:8b:a3:1c:a4:24:e2:1b:f7:ec:54:
d1:0f:12:8b:53:0c:c6:a9:7c:f8:51:32:bc:3b:dd:97:71:43:
18:5f:74:f9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj11oy48JkiIYMlJGadNCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmE5MjI1MGMyODU4MGYyYWQ0Y2MxYzM1N2IwMmEyNWE3
OTBjZjcwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ2ZGVlZmU2ZTk4YmZiMjg4OGJlYjJmNDU4ZDU2M2VhNTk4ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdLlhdObsKCaQ485dqLqobQMLSzh
pTdrdcyEr8o7FihxxHZe2jY3f99V2xa9uWBzYqfh/fQoZ0KxvJ8W/dwIRBw6wC3P
rHzc9JK3+p32PAx+QdpSKXjpyOg1By4aqe97zQAz0kC5Wcqnf27dDzkHZX6/byCx
93rlKZ12QUu9RM4x/6r3qOHOYANCVrFKu2dtf/rtX+0HJmEg6TUqCVbUYdnDvxzt
U65pvDjoaPh3m9yE21hF2jVIu4lTmJlGbMYpfa1A6luf2sWIFfkE7Zy8M/GhmCeg
3qbGvvhGKDelDmV898ghJ1BK58/0J/tY0s4VXLN9tZ7hUl7nOhGSVjDDFQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMZG3u/m6Yv7KIi+svRY1WPqWY6uMB8GA1UdIwQY
MBaAFEBqkiUMKFgPKtTMHDV7AqJaeQz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMt
N2YyMGVmMDJmMjY0LzEveGtiZTctYnBpX3NvaUw2eTlGalZZLXBaanE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMtN2YyMGVmMDJmMjY0
LzEvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYD4AwQC
LZ4YAwQCVPxgAwQCue8cMA0EAgACMAcDBQMqDEeAMA0GCSqGSIb3DQEBCwUAA4IB
AQBl0SOeApk9Bhw2gRIrCSBA4d26yVMelA5zQHKQ+780qjI4MBTtH24Z2U5i2E5K
MkWytNglxvjybDqQjIQc6jxFFIu9eZeHonEan0yRcmYtuXTqqCn5jC6GH7s7dbhm
VzpSmds5E4V/l8Hdq7DizmL9VIrFgu7tpghDhh2mGpib9J7tADfDo3fbUWgA1uso
+52kdtyaMbWYWmMoXaMujF+6d+h70FU8PeL47WolQTjpJn9//tb2kfsD0mTCfsu1
fYG8M9nMPbfXTTWVCT0/0p+3zLoIP7Az13y/TVW0mhlzmIujHKQk4hv37FTRDxKL
UwzGqXz4UTK8O92XcUMYX3T5
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:39:06 2025 by rpki-client