Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/XzkhM4tHkIA85DIOJH6Mas-Ys2s.roa
File: XzkhM4tHkIA85DIOJH6Mas-Ys2s.roa (raw, json)
Hash identifier: pgsdIi3wdOFYz6s+5BVFRjWsDjSb+kftFl9lENuJtlQ=
Subject key identifier: 5F:39:21:33:8B:47:90:80:3C:E4:32:0E:24:7E:8C:6A:CF:98:B3:6B
Certificate issuer: /CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Certificate serial: 0194228D13EA16C75759E5AFBF80EAE4D339
Authority key identifier: CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/XzkhM4tHkIA85DIOJH6Mas-Ys2s.roa
Signing time: Wed 01 Jan 2025 15:47:38 +0000
ROA not before: Wed 01 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29060
IP address blocks: 37.246.0.0/16 maxlen: 16
81.91.112.0/20 maxlen: 24
81.162.128.0/18 maxlen: 18
217.17.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yvr2-iW40qyxtE3N1VQ3q6Iibp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yvr2-iW40qyxtE3N1VQ3q6Iibp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:13:ea:16:c7:57:59:e5:af:bf:80:ea:e4:d3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f3921338b4790803ce4320e247e8c6acf98b36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fb:2a:ea:9a:01:eb:a7:9a:24:35:ef:ae:46:
08:85:24:0b:2d:48:c0:6d:b5:bc:ca:f4:8e:0f:08:
c7:f5:0a:51:de:2a:14:91:7e:dc:1a:40:b3:78:f7:
47:62:13:e0:ae:73:77:5f:3c:8e:f5:4e:b3:2a:a8:
79:66:a7:8f:71:47:57:13:6f:ef:5f:f6:a2:22:1f:
f6:72:c5:c5:ac:1d:6c:44:08:3c:b2:78:1d:8e:cd:
b8:a5:30:fc:99:91:05:14:b6:a9:ca:1a:66:df:3c:
c6:02:d6:12:82:f1:82:bb:57:6c:54:6b:49:0a:90:
4b:b7:75:30:a8:97:6f:f4:82:c4:6e:b8:cd:73:7f:
25:25:05:ef:84:c1:5c:ab:85:30:72:61:5b:f0:55:
84:ef:3e:98:ab:d3:1c:af:b4:8b:25:7b:51:a4:fe:
41:6f:a3:eb:b5:65:9b:a0:12:e4:91:58:b0:09:0d:
7e:7c:18:9d:69:56:ba:eb:99:44:b8:2a:86:b4:83:
9a:c2:e3:54:41:47:7d:8e:45:62:98:80:c8:cf:34:
bc:40:f4:bf:a7:f9:80:b5:10:68:88:6e:78:2d:2d:
d1:90:d2:c3:56:37:cd:e3:4c:01:54:22:80:ae:1a:
d3:68:b3:81:16:59:5a:5c:5f:0b:5f:57:20:2c:92:
4a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:39:21:33:8B:47:90:80:3C:E4:32:0E:24:7E:8C:6A:CF:98:B3:6B
X509v3 Authority Key Identifier:
keyid:CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/XzkhM4tHkIA85DIOJH6Mas-Ys2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yvr2-iW40qyxtE3N1VQ3q6Iibp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.246.0.0/16
81.91.112.0/20
81.162.128.0/18
217.17.144.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:04:d8:9a:de:72:22:dc:15:13:9d:72:45:27:a6:59:9a:8c:
e2:7f:7f:b0:0b:6d:d2:5e:91:73:79:1a:2f:5d:7b:76:77:e2:
36:a5:73:de:5b:e9:b2:78:4e:ff:99:e6:c1:23:2d:16:ca:6a:
1e:f2:88:42:bb:64:e5:9d:89:df:ea:b8:26:6c:9e:7a:94:d8:
6e:ed:32:2d:cd:b4:d8:43:ee:4f:3a:fb:0c:a3:5c:8b:56:c4:
c1:9c:f5:79:4e:c7:19:df:bb:e8:f4:b4:c6:0e:84:96:a9:91:
4f:b1:0f:c2:b6:87:fd:57:5b:87:3e:e6:0d:1d:06:40:f5:d3:
33:56:a5:b8:e1:ae:9e:ac:1f:44:17:6f:de:d1:f0:2d:d2:e4:
d6:41:e0:65:d4:5e:e4:f2:0a:a9:f3:8a:b7:9f:14:75:b9:c9:
9c:99:a1:c4:f1:10:6c:fa:3e:c6:91:f1:48:13:9b:e9:c8:60:
25:7d:54:dc:e3:38:e3:d8:b9:ea:5b:ee:51:4b:98:51:a6:5e:
17:93:2d:67:ae:19:da:86:3c:de:ff:78:3e:61:34:6f:73:8e:
b3:86:b9:84:83:1f:6c:dc:92:ad:b9:24:a7:a0:4a:a6:d9:14:
8d:c0:79:9f:75:93:58:57:ee:bb:3d:8f:ab:7c:65:41:d3:f2:
ce:75:54:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijRPqFsdXWeWvv4Dq5NM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmFmNmZhMjViOGQyYWNiMWI0NGRjZGQ1NTQzN2FiYTIy
MjZlOWUwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM5MjEzMzhiNDc5MDgwM2NlNDMyMGUyNDdlOGM2YWNmOThiMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvsq6poB66eaJDXvrkYIhSQLLUjA
bbW8yvSODwjH9QpR3ioUkX7cGkCzePdHYhPgrnN3XzyO9U6zKqh5ZqePcUdXE2/v
X/aiIh/2csXFrB1sRAg8sngdjs24pTD8mZEFFLapyhpm3zzGAtYSgvGCu1dsVGtJ
CpBLt3UwqJdv9ILEbrjNc38lJQXvhMFcq4UwcmFb8FWE7z6Yq9Mcr7SLJXtRpP5B
b6PrtWWboBLkkViwCQ1+fBidaVa665lEuCqGtIOawuNUQUd9jkVimIDIzzS8QPS/
p/mAtRBoiG54LS3RkNLDVjfN40wBVCKArhrTaLOBFllaXF8LX1cgLJJKIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF85ITOLR5CAPOQyDiR+jGrPmLNrMB8GA1UdIwQY
MBaAFMr69voluNKssbRNzdVUN6uiIm6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTIt
MGUzNTAwMTc3OGE1LzEvWHpraE00dEhrSUE4NURJT0pINk1hcy1ZczJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTItMGUzNTAwMTc3OGE1
LzEveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwMAJfYDBARR
W3ADBAZRooADBATZEZAwDQYJKoZIhvcNAQELBQADggEBAF0E2JreciLcFROdckUn
plmajOJ/f7ALbdJekXN5Gi9de3Z34jalc95b6bJ4Tv+Z5sEjLRbKah7yiEK7ZOWd
id/quCZsnnqU2G7tMi3NtNhD7k86+wyjXItWxMGc9XlOxxnfu+j0tMYOhJapkU+x
D8K2h/1XW4c+5g0dBkD10zNWpbjhrp6sH0QXb97R8C3S5NZB4GXUXuTyCqnziref
FHW5yZyZocTxEGz6PsaR8UgTm+nIYCV9VNzjOOPYuepb7lFLmFGmXheTLWeuGdqG
PN7/eD5hNG9zjrOGuYSDH2zckq25JKegSqbZFI3AeZ91k1hX7rs9j6t8ZUHT8s51
VHc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:41:24 2025 by rpki-client