Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/XQd1c0isqEth9h07f_gdrmhW6kM.roa
File: XQd1c0isqEth9h07f_gdrmhW6kM.roa (raw, json)
Hash identifier: WoVAodjsDqf5sS0K6LPcCANkMFHDsRKs5Hf+/9kb228=
Subject key identifier: 5D:07:75:73:48:AC:A8:4B:61:F6:1D:3B:7F:F8:1D:AE:68:56:EA:43
Certificate issuer: /CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Certificate serial: 019427487C3136CE29583B464AE89F2E8AB4
Authority key identifier: DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/XQd1c0isqEth9h07f_gdrmhW6kM.roa
Signing time: Thu 02 Jan 2025 13:50:49 +0000
ROA not before: Thu 02 Jan 2025 13:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12748
IP address blocks: 5.183.20.0/22 maxlen: 22
45.137.56.0/22 maxlen: 22
185.225.140.0/22 maxlen: 22
193.104.216.0/24 maxlen: 24
194.31.198.0/24 maxlen: 24
2a0d:d400::/29 maxlen: 29
2a0e:8c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:7c:31:36:ce:29:58:3b:46:4a:e8:9f:2e:8a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Validity
Not Before: Jan 2 13:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d07757348aca84b61f61d3b7ff81dae6856ea43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:de:a9:51:84:78:84:d9:dd:3b:f8:b4:0c:
d3:b6:49:75:80:95:f7:d1:8a:8c:07:92:44:67:3d:
23:99:01:3b:0e:c1:e3:19:03:f7:8d:9b:29:69:ef:
6f:5f:be:34:1d:7e:d7:62:3e:8c:d8:15:bc:52:89:
3f:1a:02:a8:ee:3b:8e:b5:c0:61:ba:f3:55:53:1e:
a2:75:2d:73:26:5c:9e:9c:39:4a:1b:29:44:ed:2b:
fa:1a:85:32:50:24:4f:55:df:4f:c6:80:02:2a:95:
e6:4c:9d:98:f1:2d:40:01:2b:10:bc:4a:d7:26:e4:
db:41:9c:d9:9e:c8:3a:35:e2:7d:51:15:ea:70:a6:
7a:73:59:bf:e6:5e:20:64:1d:d8:0c:86:62:0a:ba:
44:cc:4a:9e:a4:a6:2c:bf:be:61:9c:e9:df:b5:0f:
46:f0:56:75:bd:98:5a:11:9b:b4:0c:ce:26:62:36:
49:d2:86:97:3d:ad:1e:b6:d9:34:19:ef:3e:8b:32:
57:42:db:37:03:f7:6d:c4:d2:8f:91:64:c5:af:9b:
0d:ca:c8:d9:14:f3:34:11:35:4a:24:69:28:d0:5e:
79:8b:ca:a0:0c:b0:17:00:92:6a:0f:51:fd:65:55:
d7:56:60:cb:67:38:f6:7e:19:f1:9b:e7:b5:d6:ad:
81:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:07:75:73:48:AC:A8:4B:61:F6:1D:3B:7F:F8:1D:AE:68:56:EA:43
X509v3 Authority Key Identifier:
keyid:DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/XQd1c0isqEth9h07f_gdrmhW6kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.20.0/22
45.137.56.0/22
185.225.140.0/22
193.104.216.0/24
194.31.198.0/24
IPv6:
2a0d:d400::/29
2a0e:8c00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:7c:be:a7:8c:6b:57:d5:82:32:3b:a2:f5:02:60:8b:f3:8a:
83:07:bd:a4:7a:f5:59:35:e4:a0:fa:d6:8a:3c:14:66:c8:90:
52:ef:91:e5:e7:35:9b:82:4e:9b:7c:4f:4c:77:32:a2:4f:db:
5f:f8:db:32:e1:11:07:01:67:32:59:89:d9:ef:0a:4c:a3:da:
22:d7:49:c9:f0:65:c1:fe:b3:b6:9e:ca:02:b3:15:1f:6e:73:
70:a0:ac:2d:a1:ea:c4:47:bb:05:f8:9e:a4:5c:3b:0b:37:2c:
5e:06:7e:65:1c:b2:36:fc:9a:c9:f0:9d:01:a8:9d:5b:05:62:
b4:56:28:46:8c:cc:02:e8:61:df:60:e6:e8:41:cf:83:6a:ee:
59:1e:07:ed:ad:f8:1d:4b:2d:13:4b:d8:c0:ce:a6:81:30:a9:
5e:6e:1c:fa:c1:22:54:e7:18:c6:41:3b:66:f4:f3:ea:88:95:
20:16:0c:45:e0:16:aa:86:b1:65:78:cb:d0:24:81:f0:a5:d3:
83:99:be:45:d6:10:36:4f:f7:cc:25:78:21:83:83:92:17:7d:
97:85:7f:e1:60:e7:37:2c:e7:dd:e4:a3:b0:6f:5c:c7:6a:6a:
a8:ef:2e:b1:5c:32:77:ec:1b:8d:fb:ba:dc:28:eb:af:43:cf:
33:6d:f3:85
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQnSHwxNs4pWDtGSuifLoq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzc4MTJiZDQ1MjczZWEzYjJhNTNkOWU5NmY2ZGJhMjE1
ODI2ZjMwHhcNMjUwMTAyMTM1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA3NzU3MzQ4YWNhODRiNjFmNjFkM2I3ZmY4MWRhZTY4NTZlYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OPeqVGEeITZ3Tv4tAzTtkl1gJX3
0YqMB5JEZz0jmQE7DsHjGQP3jZspae9vX740HX7XYj6M2BW8Uok/GgKo7juOtcBh
uvNVUx6idS1zJlyenDlKGylE7Sv6GoUyUCRPVd9PxoACKpXmTJ2Y8S1AASsQvErX
JuTbQZzZnsg6NeJ9URXqcKZ6c1m/5l4gZB3YDIZiCrpEzEqepKYsv75hnOnftQ9G
8FZ1vZhaEZu0DM4mYjZJ0oaXPa0ettk0Ge8+izJXQts3A/dtxNKPkWTFr5sNysjZ
FPM0ETVKJGko0F55i8qgDLAXAJJqD1H9ZVXXVmDLZzj2fhnxm+e11q2BWwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF0HdXNIrKhLYfYdO3/4Ha5oVupDMB8GA1UdIwQY
MBaAFN43gSvUUnPqOypT2elvbbohWCbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQt
YWY2NDZjOGY0YWY2LzEvWFFkMWMwaXNxRXRoOWgwN2ZfZ2RybWhXNmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQtYWY2NDZjOGY0YWY2
LzEvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCBbcUAwQC
LYk4AwQCueGMAwQAwWjYAwQAwh/GMBQEAgACMA4DBQMqDdQAAwUDKg6MADANBgkq
hkiG9w0BAQsFAAOCAQEAHHy+p4xrV9WCMjui9QJgi/OKgwe9pHr1WTXkoPrWijwU
ZsiQUu+R5ec1m4JOm3xPTHcyok/bX/jbMuERBwFnMlmJ2e8KTKPaItdJyfBlwf6z
tp7KArMVH25zcKCsLaHqxEe7BfiepFw7CzcsXgZ+ZRyyNvyayfCdAaidWwVitFYo
RozMAuhh32Dm6EHPg2ruWR4H7a34HUstE0vYwM6mgTCpXm4c+sEiVOcYxkE7ZvTz
6oiVIBYMReAWqoaxZXjL0CSB8KXTg5m+RdYQNk/3zCV4IYODkhd9l4V/4WDnNyzn
3eSjsG9cx2pqqO8usVwyd+wbjfu63Cjrr0PPM23zhQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:20:02 2025 by rpki-client