Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/XrIe3RxS0PfS1KQwk38a9UzdLbU.roa
File: XrIe3RxS0PfS1KQwk38a9UzdLbU.roa (raw, json)
Hash identifier: TAdXiNpnMI8M4W6FRb8OCRV5yipTVzRnXpEPH/f9GFs=
Subject key identifier: 5E:B2:1E:DD:1C:52:D0:F7:D2:D4:A4:30:93:7F:1A:F5:4C:DD:2D:B5
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01941F8C8658BB7EE21CB7299928E66684BD
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/XrIe3RxS0PfS1KQwk38a9UzdLbU.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206462
IP address blocks: 195.123.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:58:bb:7e:e2:1c:b7:29:99:28:e6:66:84:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb21edd1c52d0f7d2d4a430937f1af54cdd2db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b5:fa:db:0c:8f:04:0b:ff:6e:03:33:13:c6:
cb:50:bd:3a:62:30:e6:0a:b1:c0:da:b0:ef:60:64:
37:b7:ba:f8:5b:f4:f6:f3:16:2b:93:ff:31:87:fd:
e7:be:22:9b:94:8c:c2:21:dd:ee:5b:7c:78:59:4c:
38:40:14:c4:0a:43:83:33:e3:68:5a:73:40:ef:0e:
60:0f:99:89:11:35:d3:85:8f:cd:b1:57:30:8b:7f:
83:8a:3b:3f:36:48:ce:cb:a9:ec:35:00:ce:51:78:
72:16:fe:5b:4d:c2:c7:39:aa:50:22:61:fa:8d:07:
50:4b:78:4b:1b:be:4c:a1:20:75:cd:42:39:9f:1b:
bf:ff:35:7b:a2:d1:70:fd:b9:1b:a2:6b:d3:35:4f:
54:33:7f:84:6f:48:77:49:bd:78:42:07:dc:ae:1a:
8c:6a:1d:da:37:90:43:42:59:b3:d5:72:63:cc:1c:
38:75:7c:4d:7b:ff:6e:77:ea:94:04:b7:4c:57:d9:
19:6f:e2:20:54:24:4b:73:e5:64:a3:a2:20:81:2d:
0a:88:19:e1:34:96:b9:4d:11:e6:84:aa:aa:ad:48:
d0:9c:9f:7e:fb:bb:80:96:62:d3:7c:39:e0:c2:5c:
d3:6a:88:77:c6:55:7b:fe:28:38:54:54:11:ca:d6:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B2:1E:DD:1C:52:D0:F7:D2:D4:A4:30:93:7F:1A:F5:4C:DD:2D:B5
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/XrIe3RxS0PfS1KQwk38a9UzdLbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.173.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a4:a4:d0:1d:c4:ea:54:58:55:3c:8f:25:6c:4d:d7:8b:c8:
c1:80:1e:60:6a:fc:d1:57:1a:30:26:95:5f:4b:73:e1:98:25:
47:06:2e:60:da:f6:7a:ba:93:40:83:58:f7:0a:20:f9:0b:e9:
44:40:29:d9:90:74:97:e3:8b:c9:cc:57:73:9d:6a:4d:bb:42:
d8:dd:62:a7:99:98:c9:26:d7:0d:8a:71:f9:7b:70:e0:14:68:
5f:07:02:f6:c5:9d:a4:ee:f1:28:76:4c:99:bc:1c:a0:fa:3c:
ef:88:51:82:49:c3:0d:bf:55:04:25:d1:35:55:10:29:47:d4:
4d:2e:92:d6:e7:76:7b:5c:dd:89:38:f6:ca:6a:17:b3:01:e7:
ee:7f:dc:96:65:be:d0:17:e7:0b:dd:d4:ac:68:97:02:e5:79:
c3:16:8a:f4:69:eb:b3:2c:9f:b9:23:ce:c0:90:a5:9a:92:11:
1d:58:cd:7e:77:10:10:47:5c:49:de:c3:68:c0:d0:d2:06:b3:
1e:1c:3b:a5:fc:19:46:67:e0:22:9c:e5:4f:c6:d8:95:49:d5:
01:79:3b:e4:c1:31:80:54:05:a4:3b:67:43:18:b3:c5:20:9e:
f5:1a:80:4f:82:f0:a0:3d:18:2d:63:0a:69:20:0d:c7:e9:8c:
8f:d8:8b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIZYu37iHLcpmSjmZoS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWIyMWVkZDFjNTJkMGY3ZDJkNGE0MzA5MzdmMWFmNTRjZGQyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLX62wyPBAv/bgMzE8bLUL06YjDm
CrHA2rDvYGQ3t7r4W/T28xYrk/8xh/3nviKblIzCId3uW3x4WUw4QBTECkODM+No
WnNA7w5gD5mJETXThY/NsVcwi3+Dijs/NkjOy6nsNQDOUXhyFv5bTcLHOapQImH6
jQdQS3hLG75MoSB1zUI5nxu//zV7otFw/bkbomvTNU9UM3+Eb0h3Sb14QgfcrhqM
ah3aN5BDQlmz1XJjzBw4dXxNe/9ud+qUBLdMV9kZb+IgVCRLc+Vko6IggS0KiBnh
NJa5TRHmhKqqrUjQnJ9++7uAlmLTfDngwlzTaoh3xlV7/ig4VFQRytaoawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6yHt0cUtD30tSkMJN/GvVM3S21MB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvWHJJZTNSeFMwUGZTMUtRd2szOGE5VXpkTGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3utMA0G
CSqGSIb3DQEBCwUAA4IBAQBIpKTQHcTqVFhVPI8lbE3Xi8jBgB5gavzRVxowJpVf
S3PhmCVHBi5g2vZ6upNAg1j3CiD5C+lEQCnZkHSX44vJzFdznWpNu0LY3WKnmZjJ
JtcNinH5e3DgFGhfBwL2xZ2k7vEodkyZvByg+jzviFGCScMNv1UEJdE1VRApR9RN
LpLW53Z7XN2JOPbKahezAefuf9yWZb7QF+cL3dSsaJcC5XnDFor0aeuzLJ+5I87A
kKWakhEdWM1+dxAQR1xJ3sNowNDSBrMeHDul/BlGZ+AinOVPxtiVSdUBeTvkwTGA
VAWkO2dDGLPFIJ71GoBPgvCgPRgtYwppIA3H6YyP2Isi
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:41:44 2025 by rpki-client