Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa
File: XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa (raw, json)
Hash identifier: Dwx9RqPqD8/O5XTxZSeNq9SNO+JNCNDt1UlVOS13grg=
Subject key identifier: 5C:00:B7:31:32:03:CB:65:AD:E7:41:E7:D4:B3:D5:08:F6:63:E9:ED
Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Certificate serial: 01955B2D72D87632920DD44C250C59F23393
Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa
Signing time: Mon 03 Mar 2025 08:44:19 +0000
ROA not before: Mon 03 Mar 2025 08:44:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 178.216.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:2d:72:d8:76:32:92:0d:d4:4c:25:0c:59:f2:33:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Validity
Not Before: Mar 3 08:44:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c00b7313203cb65ade741e7d4b3d508f663e9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ed:2f:25:2f:06:e2:4f:6a:67:58:12:ad:54:
68:a0:9e:06:ea:2b:6d:5f:77:8e:34:a6:2e:40:21:
ab:c4:c6:66:fc:15:6c:a0:64:54:97:fc:e9:1c:5a:
05:ef:92:ae:78:65:fb:12:a2:f7:04:55:b8:e0:3a:
9a:68:bf:7c:da:d0:63:ea:44:21:5a:fd:96:d1:08:
3e:2f:d0:70:dd:54:7b:e6:01:34:7d:8f:89:b7:a6:
df:fe:b6:27:1d:08:0d:15:e9:34:88:ab:76:d5:8e:
18:b7:4d:88:c6:14:ae:77:c5:5b:64:3f:b0:23:b8:
7c:da:ad:b0:8a:42:5f:17:7a:d7:4d:dc:2c:42:b0:
eb:7c:02:1b:0d:53:4c:6a:19:22:65:d1:3b:1a:2a:
f3:9c:d6:25:9f:e1:66:aa:65:36:46:ee:59:3b:1a:
25:44:07:88:c5:81:9a:6b:c1:b4:4b:fc:a9:1b:c4:
1a:1d:6c:ea:35:5d:5e:73:9a:21:e9:c8:0b:b4:10:
9c:bd:ce:4c:8c:00:65:6a:db:ef:26:60:b9:86:4d:
e3:e8:3b:5b:32:16:9d:20:69:dd:d9:fe:6c:56:b7:
91:c1:87:6f:40:3b:7e:48:4b:16:e9:4a:19:b8:c0:
58:fc:1f:0c:11:10:c7:8d:7d:76:fd:94:4f:6d:3e:
70:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:00:B7:31:32:03:CB:65:AD:E7:41:E7:D4:B3:D5:08:F6:63:E9:ED
X509v3 Authority Key Identifier:
keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.175.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:11:9f:bb:6d:90:ce:6f:14:01:78:6f:27:1e:a4:dd:34:2d:
e0:d9:85:7e:ed:ef:a6:9b:0f:4a:ad:0d:e7:2c:84:d8:c1:42:
d6:46:08:de:c4:d6:9c:10:2a:49:a4:9a:50:2c:09:87:17:0a:
01:11:59:07:36:c0:e5:ef:32:48:c7:a3:0f:e7:da:23:44:eb:
36:cc:41:e6:ab:77:26:a7:6f:21:7c:2b:c4:1b:02:4a:fe:c5:
33:c0:60:5f:93:48:24:47:b3:ec:60:d6:c2:f9:d7:b2:94:62:
7e:bb:d9:8a:e9:25:d5:c6:0f:fe:14:e3:d0:97:d8:e7:54:1b:
18:2a:c0:20:f8:78:93:84:ae:f4:e3:0c:8e:02:db:5a:5c:c7:
85:05:8b:d6:0a:17:03:ae:af:55:67:2c:d8:d3:31:5f:01:b3:
a4:ce:e1:54:95:4d:4d:8a:0f:4a:4f:d9:a6:0a:29:58:51:cb:
91:97:b8:9b:82:f4:59:29:d8:6a:f8:79:c7:8a:6b:ce:31:fc:
3d:81:fe:60:4a:07:37:ea:44:86:4f:57:82:68:7f:9b:3b:d4:
bd:a6:5c:d2:be:98:d1:f5:2b:28:c6:ab:0c:a9:d7:96:84:bf:
66:ce:40:e4:44:f8:cc:86:85:31:b2:fb:ce:b0:66:e0:b9:95:
a7:b5:d9:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVbLXLYdjKSDdRMJQxZ8jOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh
Y2VmZjkwHhcNMjUwMzAzMDg0NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAwYjczMTMyMDNjYjY1YWRlNzQxZTdkNGIzZDUwOGY2NjNlOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO0vJS8G4k9qZ1gSrVRooJ4G6itt
X3eONKYuQCGrxMZm/BVsoGRUl/zpHFoF75KueGX7EqL3BFW44DqaaL982tBj6kQh
Wv2W0Qg+L9Bw3VR75gE0fY+Jt6bf/rYnHQgNFek0iKt21Y4Yt02IxhSud8VbZD+w
I7h82q2wikJfF3rXTdwsQrDrfAIbDVNMahkiZdE7GirznNYln+FmqmU2Ru5ZOxol
RAeIxYGaa8G0S/ypG8QaHWzqNV1ec5oh6cgLtBCcvc5MjABlatvvJmC5hk3j6Dtb
MhadIGnd2f5sVreRwYdvQDt+SEsW6UoZuMBY/B8MERDHjX12/ZRPbT5wyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwAtzEyA8tlredB59Sz1Qj2Y+ntMB8GA1UdIwQY
MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt
Zjk1ZjY2ZDYwNTVjLzEvWEFDM01USUR5Mld0NTBIbjFMUFZDUFpqNmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj
LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstivMA0G
CSqGSIb3DQEBCwUAA4IBAQB8EZ+7bZDObxQBeG8nHqTdNC3g2YV+7e+mmw9KrQ3n
LITYwULWRgjexNacECpJpJpQLAmHFwoBEVkHNsDl7zJIx6MP59ojROs2zEHmq3cm
p28hfCvEGwJK/sUzwGBfk0gkR7PsYNbC+deylGJ+u9mK6SXVxg/+FOPQl9jnVBsY
KsAg+HiThK704wyOAttaXMeFBYvWChcDrq9VZyzY0zFfAbOkzuFUlU1Nig9KT9mm
CilYUcuRl7ibgvRZKdhq+HnHimvOMfw9gf5gSgc36kSGT1eCaH+bO9S9plzSvpjR
9SsoxqsMqdeWhL9mzkDkRPjMhoUxsvvOsGbguZWntdmG
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:56:20 2025 by rpki-client