Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/X_-XGWHxiyT31XcsVcXztO1CAUo.roa
File: X_-XGWHxiyT31XcsVcXztO1CAUo.roa (raw, json)
Hash identifier: h9fzXHeF6FN+NnLG9OWfg3VoICXbfHZUao+YO2BeTVI=
Subject key identifier: 5F:FF:97:19:61:F1:8B:24:F7:D5:77:2C:55:C5:F3:B4:ED:42:01:4A
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0195A310EC84DEF94DC67E90C26679B6651F
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/X_-XGWHxiyT31XcsVcXztO1CAUo.roa
Signing time: Mon 17 Mar 2025 07:45:49 +0000
ROA not before: Mon 17 Mar 2025 07:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 2.56.0.0/22 maxlen: 22
188.95.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:10:ec:84:de:f9:4d:c6:7e:90:c2:66:79:b6:65:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 17 07:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fff971961f18b24f7d5772c55c5f3b4ed42014a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:0f:83:50:0f:eb:0c:16:44:2c:d9:01:bf:
fa:2b:25:73:43:b2:25:90:9c:18:75:92:9c:1b:d7:
91:70:81:4f:bc:e4:d0:9a:23:e2:69:77:97:11:fd:
4e:a4:21:a7:a3:06:40:d0:4f:e3:f4:13:29:3d:52:
3e:8b:0e:6d:33:9e:2a:87:87:15:03:6c:62:da:13:
3c:2f:ad:51:eb:0b:ef:97:ba:4d:6a:ed:df:19:d5:
ba:14:10:54:32:2a:a2:b9:fe:d9:b8:17:d7:f4:47:
f1:9b:a5:ca:1e:94:ff:83:b2:b4:22:d8:27:8f:94:
29:0a:49:e7:16:a7:a3:6d:29:08:d8:21:e9:47:1f:
ef:be:fa:55:f0:08:d1:7c:26:ae:5d:1b:ec:8c:05:
1c:54:61:6d:42:18:b9:3d:9f:be:fd:bb:cd:a3:da:
be:b0:8b:5e:de:bb:af:6c:00:9f:3e:e9:c7:c8:05:
14:57:8f:b1:3d:90:b9:f6:ec:17:de:6f:64:5a:d5:
6e:9a:d6:96:75:83:70:6a:de:ad:6f:0a:06:65:f1:
61:68:ff:1e:42:41:1d:2b:e7:55:ce:3d:11:ce:ee:
da:0d:66:65:c1:cc:2f:aa:b7:78:d4:f0:2d:c7:0e:
3d:d7:e6:6b:60:fd:8e:44:73:24:4a:53:42:07:79:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FF:97:19:61:F1:8B:24:F7:D5:77:2C:55:C5:F3:B4:ED:42:01:4A
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/X_-XGWHxiyT31XcsVcXztO1CAUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
188.95.67.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f2:f9:05:71:ff:34:fa:43:cb:62:9c:a5:d2:be:4a:88:e3:
fd:f0:db:26:f8:d3:28:fa:ee:d9:f0:de:18:ab:d2:7e:79:1e:
1f:9e:1c:dd:4d:df:f2:e9:67:ef:58:ea:b5:eb:c0:4d:5a:4e:
34:de:47:e0:42:18:9c:dd:51:07:83:15:6d:35:f1:8a:d5:e7:
b7:15:d8:66:be:52:de:a1:74:76:d9:ce:60:e8:ef:77:59:4e:
99:ae:b5:ea:40:ee:6e:56:f7:71:bf:70:d5:8a:49:fb:ab:fa:
de:18:ec:3d:29:8b:19:bf:7e:a4:2d:6d:b9:a4:bf:44:fc:3f:
89:f0:7c:e1:a2:2c:b8:94:ce:db:2b:84:1f:b2:87:87:88:08:
0a:c3:29:43:80:c2:5d:38:57:b9:36:c1:52:ec:fe:2b:17:7b:
d0:65:18:04:73:77:91:68:47:99:3e:3e:db:10:60:7e:88:57:
dd:83:a1:0c:74:da:b9:de:be:00:bc:9d:23:cb:29:f5:c9:88:
d7:00:e2:fb:aa:69:fb:79:90:4e:0b:f8:2f:78:81:9d:87:dc:
c7:a0:dd:83:3d:83:00:5a:78:05:40:43:3b:1b:e2:42:0e:bc:
10:3c:c7:2b:f5:4d:6d:75:8c:ef:3c:00:4f:49:8a:9a:a4:88:
7f:69:d2:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWjEOyE3vlNxn6QwmZ5tmUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMzE3MDc0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmZmOTcxOTYxZjE4YjI0ZjdkNTc3MmM1NWM1ZjNiNGVkNDIwMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuukPg1AP6wwWRCzZAb/6KyVzQ7Il
kJwYdZKcG9eRcIFPvOTQmiPiaXeXEf1OpCGnowZA0E/j9BMpPVI+iw5tM54qh4cV
A2xi2hM8L61R6wvvl7pNau3fGdW6FBBUMiqiuf7ZuBfX9Efxm6XKHpT/g7K0Itgn
j5QpCknnFqejbSkI2CHpRx/vvvpV8AjRfCauXRvsjAUcVGFtQhi5PZ++/bvNo9q+
sIte3ruvbACfPunHyAUUV4+xPZC59uwX3m9kWtVumtaWdYNwat6tbwoGZfFhaP8e
QkEdK+dVzj0Rzu7aDWZlwcwvqrd41PAtxw491+ZrYP2ORHMkSlNCB3lmuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF//lxlh8Ysk99V3LFXF87TtQgFKMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvWF8tWEdXSHhpeVQzMVhjc1ZjWHp0TzFDQVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjgAAwQA
vF9DMA0GCSqGSIb3DQEBCwUAA4IBAQA88vkFcf80+kPLYpyl0r5KiOP98Nsm+NMo
+u7Z8N4Yq9J+eR4fnhzdTd/y6WfvWOq168BNWk403kfgQhic3VEHgxVtNfGK1ee3
FdhmvlLeoXR22c5g6O93WU6ZrrXqQO5uVvdxv3DVikn7q/reGOw9KYsZv36kLW25
pL9E/D+J8Hzhoiy4lM7bK4QfsoeHiAgKwylDgMJdOFe5NsFS7P4rF3vQZRgEc3eR
aEeZPj7bEGB+iFfdg6EMdNq53r4AvJ0jyyn1yYjXAOL7qmn7eZBOC/gveIGdh9zH
oN2DPYMAWngFQEM7G+JCDrwQPMcr9U1tdYzvPABPSYqapIh/adIu
-----END CERTIFICATE-----
Generated at Thu Apr 10 06:30:51 2025 by rpki-client