Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/XNBwXrAiwZu96uMUjODQvvz_Bzw.roa
File: XNBwXrAiwZu96uMUjODQvvz_Bzw.roa (raw, json)
Hash identifier: mCW8/M59wIOxOS0wM2q/LR+3KGIdWjCxHtDVDd4aiCU=
Subject key identifier: 5C:D0:70:5E:B0:22:C1:9B:BD:EA:E3:14:8C:E0:D0:BE:FC:FF:07:3C
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 0194221F8612A67CDCBAC68B66FA100F7BF0
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/XNBwXrAiwZu96uMUjODQvvz_Bzw.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198769
IP address blocks: 109.107.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:12:a6:7c:dc:ba:c6:8b:66:fa:10:0f:7b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cd0705eb022c19bbdeae3148ce0d0befcff073c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:54:d6:c9:8f:86:90:74:57:02:29:3a:8d:
41:5a:92:15:07:e6:f1:e7:49:f6:18:f7:fa:5c:78:
90:b8:f1:ce:89:ce:91:5b:b4:55:88:dc:cf:d0:32:
b7:a0:e6:24:12:fe:28:97:f4:b5:4d:11:4e:38:4e:
a1:be:b7:90:d8:89:ef:31:3d:36:fe:3e:63:f1:d8:
83:81:fb:7d:6e:65:3b:23:4c:53:08:9a:e2:8a:5e:
8e:d9:83:77:9a:6d:c2:94:09:f5:e8:e3:ca:7d:ee:
c7:5a:9f:82:7c:ce:ef:70:62:7d:57:d8:d8:5a:f8:
cf:be:c9:7c:04:19:f7:58:c9:94:93:f0:77:bd:b5:
92:7d:9a:17:1e:27:db:33:09:89:5d:e4:50:53:58:
54:6a:85:09:e0:6d:54:8d:c2:43:a1:b4:e7:cb:77:
8d:09:7f:21:29:4c:0d:2e:e2:c8:66:53:93:9f:27:
24:79:69:97:b2:88:fd:e3:a2:57:49:7f:b7:38:60:
35:07:25:30:81:42:40:bf:64:fe:47:35:74:b4:2d:
04:9d:11:aa:c8:4f:40:82:ee:4d:3e:ec:79:17:cb:
18:15:47:65:5d:e9:a8:9f:b4:e8:66:09:af:84:58:
ec:fa:c8:51:5f:50:52:b9:c0:7a:a8:0e:f1:e0:eb:
a4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D0:70:5E:B0:22:C1:9B:BD:EA:E3:14:8C:E0:D0:BE:FC:FF:07:3C
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/XNBwXrAiwZu96uMUjODQvvz_Bzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ec:9e:82:74:c5:19:de:ac:fd:43:0f:43:d8:5f:46:e3:8a:
5d:98:65:84:bf:9f:29:63:71:ff:a3:14:60:9d:35:43:fd:c9:
37:96:a6:c3:31:e0:a9:1d:f6:d8:0a:d3:09:03:ed:0b:bc:6f:
7e:1f:ce:1e:af:55:5d:6c:3b:a6:db:88:88:85:af:28:72:00:
50:36:5f:1c:0b:2e:ad:bb:3a:5c:fb:fb:3a:18:bc:2a:61:01:
e3:07:1e:77:ba:22:26:bd:f5:5c:ee:bb:61:17:e7:28:30:03:
97:2d:7e:af:ae:82:7d:0d:41:c8:c5:bf:a3:2d:85:aa:27:84:
be:68:19:07:13:96:13:15:64:91:96:6f:40:eb:57:8e:a7:b1:
7b:3d:0e:07:bd:d3:92:ed:54:d3:88:b8:17:4f:7a:6a:3b:7b:
1c:66:e1:98:38:7d:a8:c7:fd:97:98:be:4c:f8:d8:ec:58:86:
92:e8:0c:00:ae:61:0a:01:2e:9d:dd:09:fd:51:83:f6:c1:d8:
22:16:d0:52:9c:8b:10:82:54:f3:23:a0:a6:e8:80:98:50:43:
b5:63:99:da:0e:0b:70:8f:95:3f:56:3f:cf:cc:bc:bc:20:a0:
ad:09:b3:05:0b:46:9e:55:12:de:08:de:ef:b0:da:d6:ea:db:
e9:fb:95:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4YSpnzcusaLZvoQD3vwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QwNzA1ZWIwMjJjMTliYmRlYWUzMTQ4Y2UwZDBiZWZjZmYwNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7hU1smPhpB0VwIpOo1BWpIVB+bx
50n2GPf6XHiQuPHOic6RW7RViNzP0DK3oOYkEv4ol/S1TRFOOE6hvreQ2InvMT02
/j5j8diDgft9bmU7I0xTCJriil6O2YN3mm3ClAn16OPKfe7HWp+CfM7vcGJ9V9jY
WvjPvsl8BBn3WMmUk/B3vbWSfZoXHifbMwmJXeRQU1hUaoUJ4G1UjcJDobTny3eN
CX8hKUwNLuLIZlOTnyckeWmXsoj946JXSX+3OGA1ByUwgUJAv2T+RzV0tC0EnRGq
yE9Agu5NPux5F8sYFUdlXemon7ToZgmvhFjs+shRX1BSucB6qA7x4OukhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzQcF6wIsGbverjFIzg0L78/wc8MB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvWE5Cd1hyQWl3WnU5NnVNVWpPRFF2dnpfQnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWupMA0G
CSqGSIb3DQEBCwUAA4IBAQCh7J6CdMUZ3qz9Qw9D2F9G44pdmGWEv58pY3H/oxRg
nTVD/ck3lqbDMeCpHfbYCtMJA+0LvG9+H84er1VdbDum24iIha8ocgBQNl8cCy6t
uzpc+/s6GLwqYQHjBx53uiImvfVc7rthF+coMAOXLX6vroJ9DUHIxb+jLYWqJ4S+
aBkHE5YTFWSRlm9A61eOp7F7PQ4HvdOS7VTTiLgXT3pqO3scZuGYOH2ox/2XmL5M
+NjsWIaS6AwArmEKAS6d3Qn9UYP2wdgiFtBSnIsQglTzI6Cm6ICYUEO1Y5naDgtw
j5U/Vj/PzLy8IKCtCbMFC0aeVRLeCN7vsNrW6tvp+5V0
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:33:19 2025 by rpki-client