Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/XmpF35ngj-yNyTGypvCjCYGlpo8.roa
File: XmpF35ngj-yNyTGypvCjCYGlpo8.roa (raw, json)
Hash identifier: 8XBhk5d8sjaCG8b1mNcJkFy1C7vdRPz5bf2EYXdWLuY=
Subject key identifier: 5E:6A:45:DF:99:E0:8F:EC:8D:C9:31:B2:A6:F0:A3:09:81:A5:A6:8F
Certificate issuer: /CN=7a1bb036db40d799d861198a5243b3c03d56c20a
Certificate serial: 0195EAE548FB1026F34897B38A778C7E57A9
Authority key identifier: 7A:1B:B0:36:DB:40:D7:99:D8:61:19:8A:52:43:B3:C0:3D:56:C2:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehuwNttA15nYYRmKUkOzwD1Wwgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/XmpF35ngj-yNyTGypvCjCYGlpo8.roa
Signing time: Mon 31 Mar 2025 06:30:49 +0000
ROA not before: Mon 31 Mar 2025 06:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6461
IP address blocks: 176.57.249.0/24 maxlen: 24
176.57.250.0/24 maxlen: 24
176.57.251.0/24 maxlen: 24
176.57.252.0/24 maxlen: 24
176.57.253.0/24 maxlen: 24
176.57.254.0/24 maxlen: 24
176.57.255.0/24 maxlen: 24
185.181.144.0/24 maxlen: 24
185.181.145.0/24 maxlen: 24
185.181.146.0/24 maxlen: 24
185.181.147.0/24 maxlen: 24
195.60.196.0/24 maxlen: 24
195.60.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/ehuwNttA15nYYRmKUkOzwD1Wwgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/ehuwNttA15nYYRmKUkOzwD1Wwgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ehuwNttA15nYYRmKUkOzwD1Wwgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 00:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:e5:48:fb:10:26:f3:48:97:b3:8a:77:8c:7e:57:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1bb036db40d799d861198a5243b3c03d56c20a
Validity
Not Before: Mar 31 06:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e6a45df99e08fec8dc931b2a6f0a30981a5a68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a7:9e:8d:e9:f6:97:05:c9:f2:82:40:f2:14:
b1:3f:e2:d4:f4:d5:9b:2f:1b:06:38:63:04:6d:df:
d7:23:ae:53:19:11:7a:a0:49:c4:32:ce:fa:ca:ba:
33:5a:8c:b8:9e:02:26:2c:66:49:5f:0b:c9:d5:d2:
5e:52:c1:d1:e8:de:5f:97:94:85:86:7a:ef:ed:91:
3d:be:4c:38:d3:59:fb:90:65:78:3b:aa:b9:59:06:
95:16:b1:e2:16:e5:57:92:72:25:1b:8b:32:0d:6d:
1d:ec:23:8f:ec:d6:8e:85:d3:db:91:17:fa:c8:28:
7f:23:74:de:5c:53:11:8b:3e:7d:f6:55:48:52:75:
14:20:3d:e5:f9:88:b9:cb:84:33:d7:f9:de:ff:41:
d5:4c:57:d4:25:f3:c9:94:f2:fa:f5:ca:d3:c8:e1:
90:b0:75:3b:91:27:8a:fd:0d:38:cb:f7:3b:c3:15:
9f:f5:bc:9b:2c:40:ab:e2:bd:6f:31:42:49:b7:7c:
fc:60:b6:50:0e:ad:78:14:cb:62:58:4a:e7:7d:b6:
7f:84:4c:27:1d:3f:b4:57:52:50:2c:6b:4a:ad:ef:
ff:aa:84:93:95:64:66:48:91:01:a2:af:8d:fb:6b:
0e:d4:b2:ba:b4:1e:92:25:25:ad:97:70:17:e7:5f:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6A:45:DF:99:E0:8F:EC:8D:C9:31:B2:A6:F0:A3:09:81:A5:A6:8F
X509v3 Authority Key Identifier:
keyid:7A:1B:B0:36:DB:40:D7:99:D8:61:19:8A:52:43:B3:C0:3D:56:C2:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehuwNttA15nYYRmKUkOzwD1Wwgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/XmpF35ngj-yNyTGypvCjCYGlpo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/ehuwNttA15nYYRmKUkOzwD1Wwgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.249.0-176.57.255.255
185.181.144.0/22
195.60.196.0/23
Signature Algorithm: sha256WithRSAEncryption
04:29:bc:c8:99:ed:98:d4:5c:4f:e8:af:8d:22:85:97:c9:cd:
9a:d1:67:aa:ca:4a:4c:4a:73:fd:17:7d:8a:7e:7b:20:f9:3c:
3c:50:e0:28:94:a9:ba:7d:f7:2d:ed:80:24:d3:a2:51:32:27:
fd:ec:2e:7e:2c:40:76:65:ae:33:78:68:88:4e:12:35:1b:73:
f2:e4:71:bc:50:dd:2c:19:a8:bf:d5:90:8d:70:74:70:a8:bf:
14:49:66:73:fe:7e:2b:f8:30:d8:41:b3:9e:c5:df:97:cd:82:
2d:45:47:5b:32:37:38:3e:fe:21:4c:eb:0e:81:c2:d3:6a:65:
8e:08:7b:b0:57:62:04:bc:12:38:61:93:fa:2a:f9:e2:f4:80:
99:84:3b:01:08:c0:ab:19:61:81:18:b7:41:ee:26:f0:74:b5:
63:7d:5b:46:e8:77:95:f1:b5:2a:5e:18:5b:2e:0e:a9:eb:ff:
3f:87:3e:32:59:c9:87:7d:2a:87:69:00:d3:91:b6:e9:d9:48:
71:41:39:7b:fc:ed:d6:17:9f:58:57:2a:51:70:38:e1:b0:5b:
ee:e9:4c:c2:00:2b:1e:0a:af:b7:f9:25:e7:b0:0a:93:84:6a:
d1:31:53:f6:a1:3f:5e:a7:bc:f4:a0:be:04:22:06:3c:f5:ea:
d6:cf:fc:82
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZXq5Uj7ECbzSJezineMflepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMWJiMDM2ZGI0MGQ3OTlkODYxMTk4YTUyNDNiM2MwM2Q1
NmMyMGEwHhcNMjUwMzMxMDYzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZhNDVkZjk5ZTA4ZmVjOGRjOTMxYjJhNmYwYTMwOTgxYTVhNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qeejen2lwXJ8oJA8hSxP+LU9NWb
LxsGOGMEbd/XI65TGRF6oEnEMs76yrozWoy4ngImLGZJXwvJ1dJeUsHR6N5fl5SF
hnrv7ZE9vkw401n7kGV4O6q5WQaVFrHiFuVXknIlG4syDW0d7COP7NaOhdPbkRf6
yCh/I3TeXFMRiz599lVIUnUUID3l+Yi5y4Qz1/ne/0HVTFfUJfPJlPL69crTyOGQ
sHU7kSeK/Q04y/c7wxWf9bybLECr4r1vMUJJt3z8YLZQDq14FMtiWErnfbZ/hEwn
HT+0V1JQLGtKre//qoSTlWRmSJEBoq+N+2sO1LK6tB6SJSWtl3AX518QbQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFF5qRd+Z4I/sjckxsqbwowmBpaaPMB8GA1UdIwQY
MBaAFHobsDbbQNeZ2GEZilJDs8A9VsIKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWh1d050dEExNW5ZWVJtS1VrT3p3RDFXd2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ZGE1YjMtMjRjNy00ZWU1LTk1ZGMt
YjA4ZGIzYzM2ZmJiLzEvWG1wRjM1bmdqLXlOeVRHeXB2Q2pDWUdscG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ZGE1YjMtMjRjNy00ZWU1LTk1ZGMtYjA4ZGIzYzM2ZmJi
LzEvZWh1d050dEExNW5ZWVJtS1VrT3p3RDFXd2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDBACwOfkD
AwGwOAMEArm1kAMEAcM8xDANBgkqhkiG9w0BAQsFAAOCAQEABCm8yJntmNRcT+iv
jSKFl8nNmtFnqspKTEpz/Rd9in57IPk8PFDgKJSpun33Le2AJNOiUTIn/ewufixA
dmWuM3hoiE4SNRtz8uRxvFDdLBmov9WQjXB0cKi/FElmc/5+K/gw2EGznsXfl82C
LUVHWzI3OD7+IUzrDoHC02pljgh7sFdiBLwSOGGT+ir54vSAmYQ7AQjAqxlhgRi3
Qe4m8HS1Y31bRuh3lfG1Kl4YWy4Oqev/P4c+MlnJh30qh2kA05G26dlIcUE5e/zt
1hefWFcqUXA44bBb7ulMwgArHgqvt/kl57AKk4Rq0TFT9qE/Xqe89KC+BCIGPPXq
1s/8gg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:52:37 2025 by rpki-client