Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/XgXkp11cRMPikiELy28wgBh7bjo.roa
File: XgXkp11cRMPikiELy28wgBh7bjo.roa (raw, json)
Hash identifier: K9+zOM3zKyujKKacBUjNNpumR6mZs+O94YQXor7bwLg=
Subject key identifier: 5E:05:E4:A7:5D:5C:44:C3:E2:92:21:0B:CB:6F:30:80:18:7B:6E:3A
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0195E860C19F3D456062B2D99398A6FE0DF1
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/XgXkp11cRMPikiELy28wgBh7bjo.roa
Signing time: Sun 30 Mar 2025 18:46:49 +0000
ROA not before: Sun 30 Mar 2025 18:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213355
IP address blocks: 80.64.16.0/24 maxlen: 24
185.39.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 13:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:60:c1:9f:3d:45:60:62:b2:d9:93:98:a6:fe:0d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Mar 30 18:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e05e4a75d5c44c3e292210bcb6f3080187b6e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3c:e4:70:20:de:d9:9c:ed:f5:b8:92:be:d8:
bc:d4:a0:9a:5d:5c:e6:92:be:f5:9a:6e:46:75:6c:
b5:83:cb:9e:55:24:23:da:7d:98:be:1c:d0:f4:d8:
d8:17:0d:ed:f9:81:8e:cf:20:ba:ae:e4:44:25:54:
49:f7:08:bc:a4:b5:93:a9:4a:1e:a6:9b:ad:83:89:
fc:72:7c:0a:90:20:20:fb:e8:26:82:ad:e8:b5:75:
24:06:a7:5f:df:f6:c7:6a:93:86:53:c5:84:58:f1:
83:d8:e8:5b:0d:72:a9:5b:69:6e:38:5d:2f:5f:21:
8f:5b:0d:b1:35:78:2d:88:4d:b3:c0:0e:0e:4d:4d:
1e:0a:c1:81:c7:ac:eb:69:2a:be:fb:1d:79:2b:53:
17:5c:11:0f:e0:84:cf:e1:d7:2b:9a:45:20:98:54:
f8:c7:53:c5:76:50:ad:58:d6:59:88:45:ca:3c:1f:
7e:84:bd:d1:f1:35:2c:06:92:27:e7:85:1a:17:04:
5c:b2:0b:fc:30:39:0d:ab:2d:c6:61:65:1f:9e:fd:
5f:0c:5d:b7:04:a9:56:a4:64:60:cc:4e:5d:db:7e:
b5:19:ad:d4:c6:93:c4:9d:dc:45:8f:30:df:a8:01:
67:53:87:13:ab:bc:56:b5:ce:cf:dd:73:29:9f:2e:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:05:E4:A7:5D:5C:44:C3:E2:92:21:0B:CB:6F:30:80:18:7B:6E:3A
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/XgXkp11cRMPikiELy28wgBh7bjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.16.0/24
185.39.17.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c7:3f:2d:59:97:33:11:4f:b8:7d:7d:d6:ab:2f:22:47:93:
f1:47:6e:4f:3d:cf:4e:92:6c:a0:b0:bd:d2:ee:dc:c1:ed:26:
c1:40:e0:b9:5d:14:63:23:ac:2d:77:49:f5:ee:7c:38:92:cc:
b4:fb:da:ab:ad:c4:0c:7e:4c:74:5c:3b:9a:0f:ea:2f:23:cc:
2f:0d:68:55:f7:b8:2c:63:5e:5d:9c:9e:9a:f1:fa:ec:90:66:
b2:4b:c1:df:6f:8b:cd:10:45:43:a0:ae:10:e9:42:cf:1e:d2:
fd:6b:4c:cd:fd:dc:8a:b0:0a:fd:03:a6:07:4f:e3:88:c3:b9:
c7:0b:de:5a:e3:af:76:45:c5:f0:cc:65:43:62:4f:cf:eb:a3:
6e:b2:9a:15:e1:cc:18:f4:41:b0:ad:cb:f9:6f:18:59:b5:b2:
2e:01:dd:59:4c:06:81:ee:16:16:8e:49:a8:25:4a:f4:3b:69:
0e:7a:f0:22:91:9c:bc:93:12:61:9e:ee:fe:c8:e2:86:b3:53:
b2:c3:47:e3:6d:b3:e3:e6:bb:a9:4c:cc:4e:89:2d:6a:65:fb:
6e:4e:0d:5f:29:00:f5:39:ab:cd:df:ea:57:35:8f:99:22:42:
91:6b:b8:cf:16:87:6c:1c:9b:73:ec:8e:50:e4:5e:1d:68:45:
bc:b5:aa:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXoYMGfPUVgYrLZk5im/g3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMzMwMTg0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA1ZTRhNzVkNWM0NGMzZTI5MjIxMGJjYjZmMzA4MDE4N2I2ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzzkcCDe2Zzt9biSvti81KCaXVzm
kr71mm5GdWy1g8ueVSQj2n2YvhzQ9NjYFw3t+YGOzyC6ruREJVRJ9wi8pLWTqUoe
pputg4n8cnwKkCAg++gmgq3otXUkBqdf3/bHapOGU8WEWPGD2OhbDXKpW2luOF0v
XyGPWw2xNXgtiE2zwA4OTU0eCsGBx6zraSq++x15K1MXXBEP4ITP4dcrmkUgmFT4
x1PFdlCtWNZZiEXKPB9+hL3R8TUsBpIn54UaFwRcsgv8MDkNqy3GYWUfnv1fDF23
BKlWpGRgzE5d2361Ga3UxpPEndxFjzDfqAFnU4cTq7xWtc7P3XMpny7pQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF4F5KddXETD4pIhC8tvMIAYe246MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvWGdYa3AxMWNSTVBpa2lFTHkyOHdnQmg3YmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEAQAwQA
uScRMA0GCSqGSIb3DQEBCwUAA4IBAQAixz8tWZczEU+4fX3Wqy8iR5PxR25PPc9O
kmygsL3S7tzB7SbBQOC5XRRjI6wtd0n17nw4ksy0+9qrrcQMfkx0XDuaD+ovI8wv
DWhV97gsY15dnJ6a8frskGayS8Hfb4vNEEVDoK4Q6ULPHtL9a0zN/dyKsAr9A6YH
T+OIw7nHC95a4692RcXwzGVDYk/P66NuspoV4cwY9EGwrcv5bxhZtbIuAd1ZTAaB
7hYWjkmoJUr0O2kOevAikZy8kxJhnu7+yOKGs1Oyw0fjbbPj5rupTMxOiS1qZftu
Tg1fKQD1OavN3+pXNY+ZIkKRa7jPFodsHJtz7I5Q5F4daEW8tarl
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:46:14 2025 by rpki-client