Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XdV-ys71t1gQO8NcFxxkG9Nl7cA.roa
File: XdV-ys71t1gQO8NcFxxkG9Nl7cA.roa (raw, json)
Hash identifier: kvUsQzMSuuWTJbsZpOYtQlNbKvBW+GuG76RGitmvMhs=
Subject key identifier: 5D:D5:7E:CA:CE:F5:B7:58:10:3B:C3:5C:17:1C:64:1B:D3:65:ED:C0
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195D4294974070791BC7BEF2139D6880FA5
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XdV-ys71t1gQO8NcFxxkG9Nl7cA.roa
Signing time: Wed 26 Mar 2025 20:33:50 +0000
ROA not before: Wed 26 Mar 2025 20:33:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59841
IP address blocks: 2a13:be44::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:29:49:74:07:07:91:bc:7b:ef:21:39:d6:88:0f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 26 20:33:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dd57ecacef5b758103bc35c171c641bd365edc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8c:b8:25:28:3c:1d:75:f2:56:00:77:fa:8c:
7d:08:c8:3c:b7:45:07:5a:e2:23:13:60:2f:a2:a7:
4a:f2:47:e9:60:d2:83:2f:20:e3:5e:4b:25:bf:c4:
e5:0f:44:c0:4d:2f:60:04:f3:a7:13:f3:8c:3f:ac:
b7:ad:71:70:3a:03:b8:ba:37:24:f8:fc:23:ae:ce:
08:45:3e:b1:de:fd:e6:9d:c9:7c:13:7d:99:aa:d4:
28:5d:78:8f:c7:eb:79:42:42:68:8b:f3:ca:ee:97:
80:12:62:5d:8b:5c:91:90:44:15:4e:95:df:96:02:
7c:5e:c5:64:7c:f4:f1:d8:f2:a0:57:44:45:09:41:
56:f7:04:36:a3:33:c2:60:99:98:89:38:66:71:94:
a9:3a:77:f1:c9:d3:44:08:59:59:b7:d0:bc:26:4d:
c9:1a:9c:43:a8:e2:3e:e1:4d:8c:21:a1:b2:da:13:
a0:3e:aa:61:65:df:e1:25:db:92:71:1e:4b:d4:e2:
99:12:43:02:42:a9:37:1b:d3:cf:a1:38:5f:89:d6:
96:8c:c2:d7:fd:44:12:7d:8a:49:4d:33:6e:8b:88:
54:49:34:9c:89:64:15:57:70:f7:45:e8:d3:b5:fd:
d8:5e:e3:1f:4f:1b:7f:40:40:08:9a:6c:5d:c1:3a:
05:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D5:7E:CA:CE:F5:B7:58:10:3B:C3:5C:17:1C:64:1B:D3:65:ED:C0
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XdV-ys71t1gQO8NcFxxkG9Nl7cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:be44::/32
Signature Algorithm: sha256WithRSAEncryption
b6:06:72:cc:3f:6a:72:5d:3b:0e:0d:54:3e:11:30:a7:f5:93:
6f:7b:c0:04:7c:8c:20:a8:1d:97:2d:e1:3f:88:43:14:4b:ff:
4f:81:cf:78:22:45:f8:92:34:7f:3b:37:9c:b3:b6:da:83:48:
58:69:17:39:f5:5c:69:54:df:7f:4e:f9:eb:81:38:6b:ba:a3:
5d:b6:ac:6e:5b:94:f4:0a:b3:9b:1c:47:38:af:e2:ff:23:c4:
41:d1:3c:8f:51:18:7a:b3:72:df:50:7f:bd:fe:a9:8e:01:75:
2b:f9:34:77:08:a5:65:70:39:44:9b:12:72:c2:88:2c:52:ff:
c8:9a:5c:3c:12:e3:34:ca:e4:eb:c0:7e:07:76:f8:e0:48:46:
1b:42:bb:f0:4d:f6:61:1e:24:a8:d1:35:ed:98:d1:32:bf:b5:
c9:b4:bb:57:5a:57:84:d0:b9:ed:0b:fa:99:21:07:f6:b7:d5:
f8:f6:e5:27:dd:8c:20:06:4d:25:55:01:11:8e:b0:99:87:25:
3e:db:59:73:a0:b6:6c:51:a2:24:7d:4c:d5:03:0e:00:92:85:
0e:33:1d:6a:6e:2b:b3:eb:f4:19:99:6f:6d:1b:2f:02:53:ec:
8f:8b:4f:38:b8:3d:db:c6:3e:9f:7b:a9:af:b1:4b:12:d8:39:
f4:27:7f:ca
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXUKUl0BweRvHvvITnWiA+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzI2MjAzMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ1N2VjYWNlZjViNzU4MTAzYmMzNWMxNzFjNjQxYmQzNjVlZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYy4JSg8HXXyVgB3+ox9CMg8t0UH
WuIjE2AvoqdK8kfpYNKDLyDjXkslv8TlD0TATS9gBPOnE/OMP6y3rXFwOgO4ujck
+Pwjrs4IRT6x3v3mncl8E32ZqtQoXXiPx+t5QkJoi/PK7peAEmJdi1yRkEQVTpXf
lgJ8XsVkfPTx2PKgV0RFCUFW9wQ2ozPCYJmYiThmcZSpOnfxydNECFlZt9C8Jk3J
GpxDqOI+4U2MIaGy2hOgPqphZd/hJduScR5L1OKZEkMCQqk3G9PPoThfidaWjMLX
/UQSfYpJTTNui4hUSTSciWQVV3D3RejTtf3YXuMfTxt/QEAImmxdwToFVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF3VfsrO9bdYEDvDXBccZBvTZe3AMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvWGRWLXlzNzF0MWdRTzhOY0Z4eGtHOU5sN2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhO+RDAN
BgkqhkiG9w0BAQsFAAOCAQEAtgZyzD9qcl07Dg1UPhEwp/WTb3vABHyMIKgdly3h
P4hDFEv/T4HPeCJF+JI0fzs3nLO22oNIWGkXOfVcaVTff07564E4a7qjXbasbluU
9AqzmxxHOK/i/yPEQdE8j1EYerNy31B/vf6pjgF1K/k0dwilZXA5RJsScsKILFL/
yJpcPBLjNMrk68B+B3b44EhGG0K78E32YR4kqNE17ZjRMr+1ybS7V1pXhNC57Qv6
mSEH9rfV+PblJ92MIAZNJVUBEY6wmYclPttZc6C2bFGiJH1M1QMOAJKFDjMdam4r
s+v0GZlvbRsvAlPsj4tPOLg928Y+n3upr7FLEtg59Cd/yg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:45:08 2025 by rpki-client