Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/xqh-TDqxA6PFl_pLopVGhxzgy70.roa
File: xqh-TDqxA6PFl_pLopVGhxzgy70.roa (raw, json)
Hash identifier: PFQ4rC1LE7WPTBJwr+kRgUbb+SgESq5u6lAAWw+3gVQ=
Subject key identifier: C6:A8:7E:4C:3A:B1:03:A3:C5:97:FA:4B:A2:95:46:87:1C:E0:CB:BD
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 019426D981B294CF56BB2B090C8095D8DEEC
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/xqh-TDqxA6PFl_pLopVGhxzgy70.roa
Signing time: Thu 02 Jan 2025 11:49:36 +0000
ROA not before: Thu 02 Jan 2025 11:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201333
IP address blocks: 45.11.116.0/22 maxlen: 24
185.54.212.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
193.243.184.0/24 maxlen: 24
194.156.8.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:81:b2:94:cf:56:bb:2b:09:0c:80:95:d8:de:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Jan 2 11:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6a87e4c3ab103a3c597fa4ba29546871ce0cbbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:cc:93:54:cd:6d:ce:5b:2f:81:f8:7d:8e:
03:79:f9:99:86:37:a5:e1:e9:7c:55:01:99:3b:39:
98:e5:23:73:bb:c2:c0:ce:9d:12:d9:77:11:77:8b:
f4:b2:ce:ba:f3:21:db:71:b5:02:d5:af:d5:7f:dd:
7b:a4:34:06:2c:2e:e2:4f:f8:50:c7:c0:ab:0b:c7:
72:fb:c6:dc:d5:e8:5e:dd:d2:01:f6:cd:55:22:c0:
cf:d2:c7:da:2c:ae:2d:f8:42:e1:b1:9f:d6:80:80:
c3:d0:4f:3b:ae:6b:42:e1:06:b1:c1:40:d4:21:7a:
b3:18:c2:aa:2c:8c:98:5f:19:c9:07:a3:f6:6d:2c:
64:bd:4c:c0:7d:e1:9d:d8:66:d5:4a:43:11:72:d6:
6a:9f:d7:3c:8c:55:dd:1b:9c:07:eb:e3:52:1b:01:
c6:3b:5a:bb:66:b2:ac:be:75:a3:54:27:24:09:56:
76:2c:79:50:72:91:ca:64:da:c0:57:35:d0:b0:ae:
00:95:65:3b:f0:69:ac:a0:3b:37:bf:87:b8:31:c9:
13:0b:92:ff:1f:09:1f:a4:5b:db:96:9f:7e:9b:2d:
b4:aa:da:ca:3a:9b:07:de:4c:00:f6:3c:5b:a1:68:
86:a0:99:fe:82:9e:38:b0:83:7e:79:2a:28:3d:5c:
9f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A8:7E:4C:3A:B1:03:A3:C5:97:FA:4B:A2:95:46:87:1C:E0:CB:BD
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/xqh-TDqxA6PFl_pLopVGhxzgy70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.116.0/22
185.54.212.0/22
185.78.48.0/22
193.243.184.0/24
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
8e:be:f5:f0:f6:0d:81:7d:a7:03:01:6f:58:d6:6e:03:7d:c7:
d0:53:55:78:da:df:9b:26:d1:31:1f:26:d1:f8:17:e0:23:be:
ef:3e:1f:f9:09:fb:75:eb:6d:2a:53:ed:a7:ba:f8:95:af:6c:
7a:a5:dc:08:b8:8c:2b:05:7d:75:36:8e:60:f6:39:2a:e1:be:
2b:52:3d:e4:bd:28:d2:50:7b:6a:cf:48:cf:e0:5f:c9:cd:25:
19:4b:10:f7:fb:98:eb:41:da:9b:ae:e8:dd:a3:af:be:8c:29:
9d:99:b1:28:1f:55:99:ba:52:f2:97:f3:b1:15:57:3c:5d:1a:
76:87:c0:ba:7d:4f:b5:94:16:1b:93:27:03:e9:51:1e:c2:4a:
57:f0:60:c0:ef:a9:b6:29:1a:e4:7c:b8:a6:22:54:a4:a7:9b:
b2:b6:89:17:e8:2a:75:16:77:a5:a4:87:bb:31:c8:76:8f:b0:
69:9c:d5:eb:9e:01:b2:1c:cd:bd:87:bb:45:ec:0f:ca:2a:49:
6b:d3:c1:08:55:43:60:16:74:e2:18:4f:40:35:cb:f8:f6:31:
ed:91:3d:33:26:36:d6:27:c6:3c:b9:3f:07:5c:fc:07:a5:8c:
c9:9c:a2:34:0a:57:94:d8:03:20:2f:0e:60:7c:2a:8f:13:be:
6d:26:38:23
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQm2YGylM9WuysJDICV2N7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOTM5MDVhZmExMzQ5NDRmMDYzMGM5NDlmM2FiZGE0MDY0
NmRhYzEwHhcNMjUwMTAyMTE0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE4N2U0YzNhYjEwM2EzYzU5N2ZhNGJhMjk1NDY4NzFjZTBjYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FbMk1TNbc5bL4H4fY4DefmZhjel
4el8VQGZOzmY5SNzu8LAzp0S2XcRd4v0ss668yHbcbUC1a/Vf917pDQGLC7iT/hQ
x8CrC8dy+8bc1ehe3dIB9s1VIsDP0sfaLK4t+ELhsZ/WgIDD0E87rmtC4QaxwUDU
IXqzGMKqLIyYXxnJB6P2bSxkvUzAfeGd2GbVSkMRctZqn9c8jFXdG5wH6+NSGwHG
O1q7ZrKsvnWjVCckCVZ2LHlQcpHKZNrAVzXQsK4AlWU78GmsoDs3v4e4MckTC5L/
HwkfpFvblp9+my20qtrKOpsH3kwA9jxboWiGoJn+gp44sIN+eSooPVyflwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMaofkw6sQOjxZf6S6KVRocc4Mu9MB8GA1UdIwQY
MBaAFIKTkFr6E0lE8GMMlJ86vaQGRtrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQt
ODEwOTVhMTNiOWRlLzEveHFoLVREcXhBNlBGbF9wTG9wVkdoeHpneTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQtODEwOTVhMTNiOWRl
LzEvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQt0AwQC
uTbUAwQCuU4wAwQAwfO4AwQCwpwIMA0EAgACMAcDBQMqAkcgMA0GCSqGSIb3DQEB
CwUAA4IBAQCOvvXw9g2BfacDAW9Y1m4DfcfQU1V42t+bJtExHybR+BfgI77vPh/5
Cft1620qU+2nuviVr2x6pdwIuIwrBX11No5g9jkq4b4rUj3kvSjSUHtqz0jP4F/J
zSUZSxD3+5jrQdqbrujdo6++jCmdmbEoH1WZulLyl/OxFVc8XRp2h8C6fU+1lBYb
kycD6VEewkpX8GDA76m2KRrkfLimIlSkp5uytokX6Cp1FnelpIe7Mch2j7BpnNXr
ngGyHM29h7tF7A/KKklr08EIVUNgFnTiGE9ANcv49jHtkT0zJjbWJ8Y8uT8HXPwH
pYzJnKI0CleU2AMgLw5gfCqPE75tJjgj
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:15:04 2025 by rpki-client