Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/38xzFnggY2WqYErPpIPdnil2M-I.roa
File: 38xzFnggY2WqYErPpIPdnil2M-I.roa (raw, json)
Hash identifier: 3L7P4weXGgXURnYb88EC9SZdycP07LPWwVA0kWFKQpE=
Subject key identifier: DF:CC:73:16:78:20:63:65:AA:60:4A:CF:A4:83:DD:9E:29:76:33:E2
Certificate issuer: /CN=5e29c02d261f913ea5bf83c2bc7c33414a42bcca
Certificate serial: 019420D598ACDF3A37CC8978A9C57A28236D
Authority key identifier: 5E:29:C0:2D:26:1F:91:3E:A5:BF:83:C2:BC:7C:33:41:4A:42:BC:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XinALSYfkT6lv4PCvHwzQUpCvMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/38xzFnggY2WqYErPpIPdnil2M-I.roa
Signing time: Wed 01 Jan 2025 07:47:36 +0000
ROA not before: Wed 01 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56571
IP address blocks: 176.10.64.0/20 maxlen: 20
176.10.64.0/24 maxlen: 24
176.10.65.0/24 maxlen: 24
176.10.66.0/24 maxlen: 24
176.10.67.0/24 maxlen: 24
176.10.68.0/24 maxlen: 24
176.10.69.0/24 maxlen: 24
176.10.70.0/24 maxlen: 24
176.10.71.0/24 maxlen: 24
176.10.72.0/24 maxlen: 24
176.10.73.0/24 maxlen: 24
176.10.74.0/24 maxlen: 24
176.10.75.0/24 maxlen: 24
176.10.76.0/24 maxlen: 24
176.10.77.0/24 maxlen: 24
176.10.78.0/24 maxlen: 24
176.10.79.0/24 maxlen: 24
185.32.68.0/24 maxlen: 24
185.191.40.0/22 maxlen: 22
185.191.40.0/24 maxlen: 24
185.191.41.0/24 maxlen: 24
185.191.42.0/24 maxlen: 24
185.191.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/XinALSYfkT6lv4PCvHwzQUpCvMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/XinALSYfkT6lv4PCvHwzQUpCvMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XinALSYfkT6lv4PCvHwzQUpCvMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:98:ac:df:3a:37:cc:89:78:a9:c5:7a:28:23:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e29c02d261f913ea5bf83c2bc7c33414a42bcca
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfcc731678206365aa604acfa483dd9e297633e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:52:6f:66:15:ad:57:02:a2:1a:1d:41:a7:e1:
55:42:a5:f2:d9:2a:af:df:70:00:af:83:a7:8c:d6:
c0:bc:a5:2a:08:e9:67:29:5d:3f:cb:d3:de:15:41:
10:62:b1:20:9b:2b:8f:89:c2:54:19:87:c1:2d:f2:
4c:97:1c:92:6c:6c:1f:14:41:2f:b4:70:4f:a7:78:
cf:45:37:6c:08:d8:f0:6f:90:cd:b9:ba:b2:4f:75:
69:46:14:a0:cd:3d:c1:88:5a:9a:92:2f:a5:83:5c:
55:d0:ca:38:bf:fa:71:ae:5d:ed:f3:22:e8:ac:f9:
ce:48:ab:d1:e7:b6:23:b9:f2:d2:16:e4:99:25:33:
e3:9c:9b:cc:02:d8:cf:c7:d9:f5:cc:f0:48:e7:a1:
97:27:e7:05:e9:ef:3c:da:5f:f0:65:f3:cf:43:96:
dc:3d:56:a8:84:e6:25:7e:1f:17:0c:92:fb:4f:d6:
e4:ff:5a:66:80:ef:91:8a:ba:26:2a:bd:5c:91:89:
1c:c2:b6:31:2f:c5:47:99:eb:36:bd:1f:f8:3c:df:
9d:57:86:7c:bd:10:de:15:e7:ee:02:11:52:c9:6d:
03:63:15:9b:8d:3d:25:a2:a3:8a:43:76:dc:b1:02:
ef:e3:21:4e:6c:9a:d7:da:c2:fc:54:a2:d2:79:b2:
b4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CC:73:16:78:20:63:65:AA:60:4A:CF:A4:83:DD:9E:29:76:33:E2
X509v3 Authority Key Identifier:
keyid:5E:29:C0:2D:26:1F:91:3E:A5:BF:83:C2:BC:7C:33:41:4A:42:BC:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XinALSYfkT6lv4PCvHwzQUpCvMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/38xzFnggY2WqYErPpIPdnil2M-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/XinALSYfkT6lv4PCvHwzQUpCvMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.64.0/20
185.32.68.0/24
185.191.40.0/22
Signature Algorithm: sha256WithRSAEncryption
27:7c:a3:af:ed:c4:5b:46:a1:f0:ad:72:df:a2:5d:fc:a4:55:
f3:65:b9:03:d7:99:16:93:10:a9:e7:4b:62:bd:a5:a7:97:5a:
70:b4:75:09:3d:05:b3:31:99:7c:3d:c6:1f:ef:c9:d2:c3:27:
c8:2f:82:e5:75:7c:1b:eb:43:99:2e:d6:f6:23:c3:11:59:62:
0c:d9:bf:1c:dc:2b:aa:6f:7c:ef:bb:37:f8:c2:03:0d:a8:d6:
1e:e2:13:84:58:18:62:16:a1:2f:82:6c:d8:c8:1c:3b:ba:de:
24:ce:4f:91:7b:e7:b4:93:05:ac:7d:13:58:97:70:ff:3e:7f:
08:a6:c2:dc:52:a0:3b:56:a0:75:34:b4:9e:ea:f2:17:63:fc:
c3:57:5f:b8:c1:ed:b7:b6:ce:54:ec:1e:6d:ae:84:01:6e:d2:
64:c3:ff:bd:77:f6:89:ee:92:20:5a:40:01:44:65:ba:36:2c:
f8:db:83:0d:16:5d:b8:46:9a:88:1a:e8:2a:c7:91:2c:9b:bc:
23:1b:44:98:9a:45:dd:c5:d5:8e:86:e0:91:15:2f:d5:04:d9:
fe:5d:87:18:2f:b2:0e:1f:0f:e8:67:59:25:8c:fc:ec:a8:1b:
80:a5:ed:52:fc:bf:b9:ad:62:f8:d2:aa:8c:30:a8:1d:35:44:
0b:0e:03:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1Zis3zo3zIl4qcV6KCNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjljMDJkMjYxZjkxM2VhNWJmODNjMmJjN2MzMzQxNGE0
MmJjY2EwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNjNzMxNjc4MjA2MzY1YWE2MDRhY2ZhNDgzZGQ5ZTI5NzYzM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lJvZhWtVwKiGh1Bp+FVQqXy2Sqv
33AAr4OnjNbAvKUqCOlnKV0/y9PeFUEQYrEgmyuPicJUGYfBLfJMlxySbGwfFEEv
tHBPp3jPRTdsCNjwb5DNubqyT3VpRhSgzT3BiFqaki+lg1xV0Mo4v/pxrl3t8yLo
rPnOSKvR57YjufLSFuSZJTPjnJvMAtjPx9n1zPBI56GXJ+cF6e882l/wZfPPQ5bc
PVaohOYlfh8XDJL7T9bk/1pmgO+RiromKr1ckYkcwrYxL8VHmes2vR/4PN+dV4Z8
vRDeFefuAhFSyW0DYxWbjT0loqOKQ3bcsQLv4yFObJrX2sL8VKLSebK0SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN/McxZ4IGNlqmBKz6SD3Z4pdjPiMB8GA1UdIwQY
MBaAFF4pwC0mH5E+pb+Dwrx8M0FKQrzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGluQUxTWWZrVDZsdjRQQ3ZId3pRVXBDdk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzEyNTMtMDQ1OS00NmNmLWIxYjkt
OWFjMWE3ZTRjNDA2LzEvMzh4ekZuZ2dZMldxWUVyUHBJUGRuaWwyTS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzEyNTMtMDQ1OS00NmNmLWIxYjktOWFjMWE3ZTRjNDA2
LzEvWGluQUxTWWZrVDZsdjRQQ3ZId3pRVXBDdk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEsApAAwQA
uSBEAwQCub8oMA0GCSqGSIb3DQEBCwUAA4IBAQAnfKOv7cRbRqHwrXLfol38pFXz
ZbkD15kWkxCp50tivaWnl1pwtHUJPQWzMZl8PcYf78nSwyfIL4LldXwb60OZLtb2
I8MRWWIM2b8c3Cuqb3zvuzf4wgMNqNYe4hOEWBhiFqEvgmzYyBw7ut4kzk+Re+e0
kwWsfRNYl3D/Pn8IpsLcUqA7VqB1NLSe6vIXY/zDV1+4we23ts5U7B5troQBbtJk
w/+9d/aJ7pIgWkABRGW6Niz424MNFl24RpqIGugqx5Esm7wjG0SYmkXdxdWOhuCR
FS/VBNn+XYcYL7IOHw/oZ1kljPzsqBuApe1S/L+5rWL40qqMMKgdNUQLDgNJ
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:47 2025 by rpki-client