Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XDcWQfbkwvZ4pO52-Rl-lOrB_iw.roa
File: XDcWQfbkwvZ4pO52-Rl-lOrB_iw.roa (raw, json)
Hash identifier: ht+KVJK83F1lQo8Wp6/sNr0N7S9QYHVd5SEP7bnL0Q4=
Subject key identifier: 5C:37:16:41:F6:E4:C2:F6:78:A4:EE:76:F9:19:7E:94:EA:C1:FE:2C
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01942747684474D6C23EE24F355AF0A2EE75
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XDcWQfbkwvZ4pO52-Rl-lOrB_iw.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20915
IP address blocks: 87.254.0.0/19 maxlen: 19
87.254.25.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
2a00:eac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:68:44:74:d6:c2:3e:e2:4f:35:5a:f0:a2:ee:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c371641f6e4c2f678a4ee76f9197e94eac1fe2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a1:cc:6d:1a:39:6d:f7:fa:47:ec:c7:38:e2:
66:ee:79:68:55:75:b6:7d:f4:1a:38:e4:08:13:09:
b1:f6:20:73:49:aa:f8:40:6c:f3:58:95:74:63:52:
90:c0:10:8b:ef:ab:3e:f2:68:ac:2c:0c:87:0f:1b:
8f:32:58:cb:ec:3e:ee:f3:a4:8d:fd:34:47:93:fd:
1f:51:dd:33:95:25:5d:42:27:79:3f:7a:67:c6:c9:
ca:02:e5:7b:0d:e3:ad:99:da:fb:52:4c:1b:1b:3a:
4c:69:e1:cc:b7:8a:27:b5:d1:0a:6a:d5:c5:fd:15:
25:19:f0:72:33:c2:16:37:fe:7c:89:84:a3:60:45:
af:0f:42:56:1b:79:94:59:07:23:86:5d:c0:76:d0:
eb:1d:ec:de:8a:54:d1:22:a2:11:1e:17:8d:bb:f2:
8e:2a:f9:db:39:6d:62:0c:15:7a:51:51:41:4e:fe:
ca:43:17:3a:7a:84:34:aa:9f:9c:c0:87:32:e4:39:
ed:b3:81:5c:9c:ab:4f:54:1d:2b:df:3c:9b:f9:e1:
6c:03:05:ca:95:fd:c7:4d:e7:08:c3:ac:8e:bc:31:
34:1f:6e:92:95:58:55:2d:40:2a:b0:6a:f3:df:98:
85:1b:a2:c2:66:a0:60:f5:f8:fa:02:d9:67:78:aa:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:37:16:41:F6:E4:C2:F6:78:A4:EE:76:F9:19:7E:94:EA:C1:FE:2C
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XDcWQfbkwvZ4pO52-Rl-lOrB_iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:f0:7e:c4:56:7c:be:9b:2d:b5:68:bc:85:96:32:92:66:f0:
5c:b3:69:60:03:99:83:cd:1a:76:51:e9:1e:0d:17:b5:24:82:
90:62:8f:f5:ec:65:fc:6d:ff:c9:b1:96:07:a3:6a:3a:23:c4:
f0:46:a3:0b:33:28:b1:66:3b:e3:d8:33:48:38:55:e6:71:f7:
a6:26:59:4f:14:90:c7:7f:e9:e7:7d:72:ba:bb:61:ca:cd:40:
79:ce:bf:33:2f:b4:db:e0:f8:ec:1c:a7:c5:f1:b8:3a:e5:c3:
dd:4b:05:76:bf:04:e4:1c:4f:d7:d7:7f:56:cf:a1:4a:c4:e7:
ff:e9:be:71:f7:a9:a6:7d:f1:fa:5c:f2:f6:59:ff:e4:75:4c:
66:bd:6d:6b:ec:9c:5b:2a:01:c1:99:fc:35:c0:a9:4f:94:26:
ff:4c:a7:1a:4d:34:b5:b2:1b:3f:b7:39:55:6f:c0:a1:98:40:
d2:c9:64:a7:8f:1e:92:44:61:26:44:fb:e3:46:f2:32:73:2c:
a5:2f:6f:66:b1:b0:2c:8d:57:5e:4c:77:ca:1f:b0:52:ed:f2:
72:2d:aa:16:67:1e:0f:ba:d7:48:e8:91:ae:33:05:69:20:ed:
07:6c:4f:cb:63:8a:67:b2:43:86:81:db:60:43:a3:2a:3a:5b:
68:f4:30:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnR2hEdNbCPuJPNVrwou51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM3MTY0MWY2ZTRjMmY2NzhhNGVlNzZmOTE5N2U5NGVhYzFmZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qHMbRo5bff6R+zHOOJm7nloVXW2
ffQaOOQIEwmx9iBzSar4QGzzWJV0Y1KQwBCL76s+8misLAyHDxuPMljL7D7u86SN
/TRHk/0fUd0zlSVdQid5P3pnxsnKAuV7DeOtmdr7UkwbGzpMaeHMt4ontdEKatXF
/RUlGfByM8IWN/58iYSjYEWvD0JWG3mUWQcjhl3AdtDrHezeilTRIqIRHheNu/KO
KvnbOW1iDBV6UVFBTv7KQxc6eoQ0qp+cwIcy5Dnts4FcnKtPVB0r3zyb+eFsAwXK
lf3HTecIw6yOvDE0H26SlVhVLUAqsGrz35iFG6LCZqBg9fj6AtlneKoASwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFw3FkH25ML2eKTudvkZfpTqwf4sMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWERjV1FmYmt3dlo0cE81Mi1SbC1sT3JCX2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQCh8H7EVny+my21
aLyFljKSZvBcs2lgA5mDzRp2UekeDRe1JIKQYo/17GX8bf/JsZYHo2o6I8TwRqML
MyixZjvj2DNIOFXmcfemJllPFJDHf+nnfXK6u2HKzUB5zr8zL7Tb4PjsHKfF8bg6
5cPdSwV2vwTkHE/X139Wz6FKxOf/6b5x96mmffH6XPL2Wf/kdUxmvW1r7JxbKgHB
mfw1wKlPlCb/TKcaTTS1shs/tzlVb8ChmEDSyWSnjx6SRGEmRPvjRvIycyylL29m
sbAsjVdeTHfKH7BS7fJyLaoWZx4PutdI6JGuMwVpIO0HbE/LY4pnskOGgdtgQ6Mq
Olto9DBt
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:56:33 2025 by rpki-client