Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/XVHP5qtngkOzkHHcBMfCOoE6FyE.roa
File: XVHP5qtngkOzkHHcBMfCOoE6FyE.roa (raw, json)
Hash identifier: U8lDjEDePEbA90E5ZD4uXWmkg3O6630794CxqDFoPBY=
Subject key identifier: 5D:51:CF:E6:AB:67:82:43:B3:90:71:DC:04:C7:C2:3A:81:3A:17:21
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 0194228DD3D1443793665AC0D4B1E66F27AA
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/XVHP5qtngkOzkHHcBMfCOoE6FyE.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.45.66.0/24 maxlen: 24
188.212.5.0/24 maxlen: 24
188.213.1.0/24 maxlen: 24
188.214.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d3:d1:44:37:93:66:5a:c0:d4:b1:e6:6f:27:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d51cfe6ab678243b39071dc04c7c23a813a1721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:18:0c:36:74:7e:74:fd:8c:9c:17:e7:9c:fc:
ac:10:e1:1a:4a:e9:02:ce:fc:78:49:06:a6:2a:86:
3c:d0:d0:d9:3e:4a:cb:88:64:1c:b1:34:43:fb:73:
bc:3e:92:c4:95:ac:9b:50:90:b4:0f:9f:24:70:09:
b1:ec:cf:f4:67:0c:ef:df:55:13:75:0d:fc:ea:ad:
42:d8:99:a1:da:bd:30:c5:35:04:aa:14:af:c6:17:
d2:19:0c:0e:c2:5c:b6:cd:ed:01:ce:da:ab:69:bc:
81:6e:f9:f5:d0:fd:53:50:b8:1b:3c:f9:bf:a0:3f:
63:75:e8:47:44:cc:18:7d:94:e8:b0:66:3d:7c:9c:
23:89:90:51:10:b4:98:01:a9:5e:1d:8e:12:06:90:
2d:0a:6c:0d:2f:2d:24:7c:14:45:39:46:33:d2:36:
84:d8:7f:56:05:e0:56:f3:85:1c:b7:fc:80:b0:22:
43:97:8f:2b:d3:d5:96:21:e2:2f:74:e0:51:f9:fa:
87:06:35:cf:6b:af:31:a4:7f:5f:33:51:9a:ed:d7:
30:f0:c8:79:a7:f0:4f:4a:c9:68:53:b5:94:71:6b:
55:68:7e:3a:81:32:f9:5c:e9:14:01:01:1f:95:c8:
81:53:37:7d:9b:bb:b8:1e:a2:78:24:c4:3b:79:26:
f4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:51:CF:E6:AB:67:82:43:B3:90:71:DC:04:C7:C2:3A:81:3A:17:21
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/XVHP5qtngkOzkHHcBMfCOoE6FyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.66.0/24
188.212.5.0/24
188.213.1.0/24
188.214.227.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:3b:23:b1:60:2a:be:65:e8:ba:22:2a:2d:b2:d5:23:9a:09:
4c:e9:15:95:69:0d:a6:ba:71:ee:5f:fa:16:78:ed:23:93:fe:
d0:2d:04:8c:14:15:b1:16:80:f7:5a:83:c1:3a:2f:07:b6:f6:
52:a7:3f:90:64:8e:8c:92:8c:dd:39:47:b6:89:84:e3:e8:da:
55:15:f6:12:1d:8f:2d:f3:a4:49:90:e8:ab:63:53:cd:45:dc:
58:bd:38:04:d4:26:42:e6:b1:32:5c:8c:06:09:c2:b6:db:43:
e9:cc:23:1f:f5:42:da:24:c1:e6:5c:b0:81:cd:ba:70:d0:2a:
b4:b5:f5:04:82:3a:1a:0c:eb:58:9b:0d:00:33:55:cf:35:c6:
3d:9f:c6:06:77:88:20:3f:32:98:4d:32:8d:e4:71:e5:c1:3a:
4a:f8:6c:b8:fe:1e:e5:45:3c:b8:24:77:47:1b:00:4f:99:5e:
c7:07:7e:67:43:9b:1c:0e:bc:ae:69:9f:81:ce:f2:7e:2a:d9:
50:ef:6b:93:63:2d:d7:ec:f8:b9:9c:a4:62:57:e0:fc:0c:91:
b1:3b:81:93:6e:dd:b8:6c:06:ca:70:95:c3:98:d5:e1:ae:39:
db:74:48:20:3d:0d:18:e5:34:4b:cb:62:03:73:2b:63:45:d2:
dd:fc:2b:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijdPRRDeTZlrA1LHmbyeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUxY2ZlNmFiNjc4MjQzYjM5MDcxZGMwNGM3YzIzYTgxM2ExNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhgMNnR+dP2MnBfnnPysEOEaSukC
zvx4SQamKoY80NDZPkrLiGQcsTRD+3O8PpLElaybUJC0D58kcAmx7M/0Zwzv31UT
dQ386q1C2Jmh2r0wxTUEqhSvxhfSGQwOwly2ze0BztqrabyBbvn10P1TULgbPPm/
oD9jdehHRMwYfZTosGY9fJwjiZBRELSYAaleHY4SBpAtCmwNLy0kfBRFOUYz0jaE
2H9WBeBW84Uct/yAsCJDl48r09WWIeIvdOBR+fqHBjXPa68xpH9fM1Ga7dcw8Mh5
p/BPSsloU7WUcWtVaH46gTL5XOkUAQEflciBUzd9m7u4HqJ4JMQ7eSb0PwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF1Rz+arZ4JDs5Bx3ATHwjqBOhchMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvWFZIUDVxdG5na096a0hIY0JNZkNPb0U2RnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWS1CAwQA
vNQFAwQAvNUBAwQAvNbjMA0GCSqGSIb3DQEBCwUAA4IBAQCsOyOxYCq+Zei6Iiot
stUjmglM6RWVaQ2munHuX/oWeO0jk/7QLQSMFBWxFoD3WoPBOi8HtvZSpz+QZI6M
kozdOUe2iYTj6NpVFfYSHY8t86RJkOirY1PNRdxYvTgE1CZC5rEyXIwGCcK220Pp
zCMf9ULaJMHmXLCBzbpw0Cq0tfUEgjoaDOtYmw0AM1XPNcY9n8YGd4ggPzKYTTKN
5HHlwTpK+Gy4/h7lRTy4JHdHGwBPmV7HB35nQ5scDryuaZ+BzvJ+KtlQ72uTYy3X
7Pi5nKRiV+D8DJGxO4GTbt24bAbKcJXDmNXhrjnbdEggPQ0Y5TRLy2IDcytjRdLd
/CtY
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:38:37 2025 by rpki-client