Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/xsLt5XL-OWIaNdR6BZ8HbsppEGM.roa
File: xsLt5XL-OWIaNdR6BZ8HbsppEGM.roa (raw, json)
Hash identifier: fVuO1qpyondG1qElrhxFzaCfBXaBgOTcL+nbs40PcY0=
Subject key identifier: C6:C2:ED:E5:72:FE:39:62:1A:35:D4:7A:05:9F:07:6E:CA:69:10:63
Certificate issuer: /CN=731c1382858b0dc95a9adbea4728b31f9e22c0d8
Certificate serial: 01942746F6CBD94E16A0C208F9CEFE405DF9
Authority key identifier: 73:1C:13:82:85:8B:0D:C9:5A:9A:DB:EA:47:28:B3:1F:9E:22:C0:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/xsLt5XL-OWIaNdR6BZ8HbsppEGM.roa
Signing time: Thu 02 Jan 2025 13:49:09 +0000
ROA not before: Thu 02 Jan 2025 13:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216433
IP address blocks: 89.39.123.0/24 maxlen: 24
2a13:b140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:f6:cb:d9:4e:16:a0:c2:08:f9:ce:fe:40:5d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731c1382858b0dc95a9adbea4728b31f9e22c0d8
Validity
Not Before: Jan 2 13:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6c2ede572fe39621a35d47a059f076eca691063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d2:87:a9:92:b0:e5:ba:3f:49:01:36:60:a9:
8b:89:3f:99:5e:ae:e4:aa:e3:b0:97:5e:70:bd:ae:
6e:34:0f:8b:b6:fd:24:a4:c2:31:15:6c:6a:ee:92:
05:ef:06:f6:31:ab:27:80:5b:c3:6c:39:31:86:18:
c4:05:91:49:d4:b0:62:39:75:08:30:57:02:18:da:
95:49:e4:03:78:d0:e3:c0:3b:de:d0:91:b7:ec:e8:
68:37:e1:a6:eb:37:aa:09:f0:5f:46:c0:89:72:84:
e3:6d:a7:e6:c3:ea:5a:c6:0e:1f:ba:5e:1c:8c:bd:
8b:f3:c0:71:ad:86:4b:64:c9:7d:5f:a0:f7:2d:a3:
af:5b:0e:bf:fd:13:61:8f:d0:f9:13:a2:60:e4:5b:
62:5e:2e:00:b9:51:de:7a:3c:66:86:dd:2d:e2:3f:
61:54:a1:fc:7e:fc:38:60:d2:27:1e:9b:7e:42:57:
88:20:7a:c4:0b:47:62:7e:fe:e6:73:b0:21:39:71:
5a:db:3f:67:9f:13:d9:f9:8d:48:9c:e1:82:2e:e2:
b4:99:9a:0c:37:99:9b:6d:c9:bc:ca:7e:99:ca:2f:
26:aa:8e:18:ea:03:d9:f9:5e:c1:3b:58:1b:82:24:
8c:d2:21:7d:2a:a5:da:29:24:20:dc:27:4c:45:9a:
f7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C2:ED:E5:72:FE:39:62:1A:35:D4:7A:05:9F:07:6E:CA:69:10:63
X509v3 Authority Key Identifier:
keyid:73:1C:13:82:85:8B:0D:C9:5A:9A:DB:EA:47:28:B3:1F:9E:22:C0:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/xsLt5XL-OWIaNdR6BZ8HbsppEGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.123.0/24
IPv6:
2a13:b140::/29
Signature Algorithm: sha256WithRSAEncryption
3d:19:0f:2b:b9:57:ef:65:84:68:b1:cd:a3:13:78:e5:b5:ae:
0a:32:d6:3c:23:f1:2f:d5:c5:7c:3c:aa:c9:18:4b:be:68:c9:
dc:18:e3:ce:99:2f:5c:8f:64:29:4b:d6:fd:dd:78:f4:eb:80:
27:bf:d9:41:11:a6:42:09:c8:19:1c:90:c2:a9:68:a8:a4:38:
77:c7:ee:28:93:f5:f9:71:90:fb:3b:37:b0:b8:18:55:9d:7d:
d5:cc:4e:29:ca:e8:bc:60:ec:e0:15:96:8d:02:b0:b6:e7:8f:
cd:87:20:6b:e6:9a:eb:67:fe:75:f0:e0:13:03:98:34:8a:9e:
83:be:c1:78:d4:f2:dd:16:29:9d:11:87:1f:80:ab:92:30:ed:
ec:fa:6a:53:9b:cc:9f:23:c8:2c:4a:c7:de:5d:5d:ac:6c:4a:
d7:ca:e6:9d:c0:88:d0:86:2c:17:84:d5:2d:72:65:30:0c:36:
b5:39:23:cb:98:a5:b6:b2:d8:05:af:0c:2f:1b:0b:c4:aa:36:
27:d8:a7:9b:dd:7d:5b:ec:7f:5d:9a:f8:42:44:34:b1:87:81:
80:36:14:86:d7:dc:a8:eb:9d:3c:39:31:99:2d:da:b6:04:87:
34:f7:5c:82:4e:ad:6d:ae:7a:10:31:ff:82:d5:5d:50:df:82:
b3:02:9e:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRvbL2U4WoMII+c7+QF35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMWMxMzgyODU4YjBkYzk1YTlhZGJlYTQ3MjhiMzFmOWUy
MmMwZDgwHhcNMjUwMTAyMTM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmMyZWRlNTcyZmUzOTYyMWEzNWQ0N2EwNTlmMDc2ZWNhNjkxMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktKHqZKw5bo/SQE2YKmLiT+ZXq7k
quOwl15wva5uNA+Ltv0kpMIxFWxq7pIF7wb2MasngFvDbDkxhhjEBZFJ1LBiOXUI
MFcCGNqVSeQDeNDjwDve0JG37OhoN+Gm6zeqCfBfRsCJcoTjbafmw+paxg4ful4c
jL2L88BxrYZLZMl9X6D3LaOvWw6//RNhj9D5E6Jg5FtiXi4AuVHeejxmht0t4j9h
VKH8fvw4YNInHpt+QleIIHrEC0difv7mc7AhOXFa2z9nnxPZ+Y1InOGCLuK0mZoM
N5mbbcm8yn6Zyi8mqo4Y6gPZ+V7BO1gbgiSM0iF9KqXaKSQg3CdMRZr3UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMbC7eVy/jliGjXUegWfB27KaRBjMB8GA1UdIwQY
MBaAFHMcE4KFiw3JWprb6kcosx+eIsDYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3h3VGdvV0xEY2xhbXR2cVJ5aXpINTRpd05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xNzJlMGItOGNiYi00MDJlLThmMmMt
ODU5NWI0NTAwODg0LzEveHNMdDVYTC1PV0lhTmRSNkJaOEhic3BwRUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xNzJlMGItOGNiYi00MDJlLThmMmMtODU5NWI0NTAwODg0
LzEvY3h3VGdvV0xEY2xhbXR2cVJ5aXpINTRpd05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWSd7MA0E
AgACMAcDBQMqE7FAMA0GCSqGSIb3DQEBCwUAA4IBAQA9GQ8ruVfvZYRosc2jE3jl
ta4KMtY8I/Ev1cV8PKrJGEu+aMncGOPOmS9cj2QpS9b93Xj064Anv9lBEaZCCcgZ
HJDCqWiopDh3x+4ok/X5cZD7OzewuBhVnX3VzE4pyui8YOzgFZaNArC254/NhyBr
5prrZ/518OATA5g0ip6DvsF41PLdFimdEYcfgKuSMO3s+mpTm8yfI8gsSsfeXV2s
bErXyuadwIjQhiwXhNUtcmUwDDa1OSPLmKW2stgFrwwvGwvEqjYn2Keb3X1b7H9d
mvhCRDSxh4GANhSG19yo6508OTGZLdq2BIc091yCTq1trnoQMf+C1V1Q34KzAp7b
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:37 2025 by rpki-client