Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/xk36of5GcRMNZGUJt-_5r_QctTo.roa
File: xk36of5GcRMNZGUJt-_5r_QctTo.roa (raw, json)
Hash identifier: BbMVXEvQwTUOBV0n4W+iUw7Na6Uh7I6Smkrm6hqGQWQ=
Subject key identifier: C6:4D:FA:A1:FE:46:71:13:0D:64:65:09:B7:EF:F9:AF:F4:1C:B5:3A
Certificate issuer: /CN=9f24064f95331cf1f315dc50de4db05ff95aa410
Certificate serial: 019420687390294AFB920BC257F90FB1D896
Authority key identifier: 9F:24:06:4F:95:33:1C:F1:F3:15:DC:50:DE:4D:B0:5F:F9:5A:A4:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyQGT5UzHPHzFdxQ3k2wX_lapBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/xk36of5GcRMNZGUJt-_5r_QctTo.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44462
IP address blocks: 81.21.112.0/20 maxlen: 24
185.178.0.0/22 maxlen: 24
2a0a:4d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/nyQGT5UzHPHzFdxQ3k2wX_lapBA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/nyQGT5UzHPHzFdxQ3k2wX_lapBA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nyQGT5UzHPHzFdxQ3k2wX_lapBA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:73:90:29:4a:fb:92:0b:c2:57:f9:0f:b1:d8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f24064f95331cf1f315dc50de4db05ff95aa410
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c64dfaa1fe4671130d646509b7eff9aff41cb53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:38:ff:b1:73:7b:55:39:e7:e5:8f:f4:91:62:
ea:a6:18:c0:65:2c:d7:b4:89:bf:d6:c9:e8:e0:34:
6c:8e:15:01:42:49:d6:79:d3:40:88:3f:48:7b:da:
a5:5e:ea:bd:8f:02:01:85:d9:42:ec:04:b6:47:35:
50:1c:4c:13:3b:0e:85:6c:a9:8d:0f:11:f2:7a:e2:
9b:f0:2d:9a:34:59:5f:86:5a:05:36:9f:fb:f1:44:
e7:d9:3c:9a:cd:e2:40:15:63:b1:10:d1:79:eb:86:
65:7a:cf:cb:44:bb:e2:95:55:c4:f3:bb:6d:c1:77:
69:20:2a:dc:b2:83:2a:bd:c8:31:21:f8:e7:11:02:
ff:d5:3a:26:48:ba:a0:7d:2f:67:38:68:aa:ed:42:
b4:18:01:aa:0e:b9:26:b4:11:b8:57:2b:b4:92:45:
c3:ee:9a:05:56:01:22:ca:19:b1:fc:93:9d:26:c8:
ec:eb:fd:b0:3f:4c:45:a4:a2:c2:49:20:3a:dc:9d:
a3:46:fa:9b:99:8f:8e:11:70:7a:9e:0b:0e:29:e1:
dc:2f:f8:e1:e5:82:c3:fb:4f:0e:3f:d2:6f:bb:65:
88:84:3a:0e:10:c2:57:f3:e2:f2:9a:e4:a9:c9:c8:
b2:74:7c:25:4f:cb:1a:59:91:8f:61:da:f1:f2:01:
28:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4D:FA:A1:FE:46:71:13:0D:64:65:09:B7:EF:F9:AF:F4:1C:B5:3A
X509v3 Authority Key Identifier:
keyid:9F:24:06:4F:95:33:1C:F1:F3:15:DC:50:DE:4D:B0:5F:F9:5A:A4:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyQGT5UzHPHzFdxQ3k2wX_lapBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/xk36of5GcRMNZGUJt-_5r_QctTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/nyQGT5UzHPHzFdxQ3k2wX_lapBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.112.0/20
185.178.0.0/22
IPv6:
2a0a:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
51:22:31:7e:32:93:99:bd:e6:e0:ab:79:33:4c:5a:67:42:5a:
6a:08:8c:fa:92:9d:c9:f3:bb:55:70:0f:53:43:68:80:65:d3:
71:48:57:4e:12:75:49:be:e2:8c:a5:38:90:7a:b3:e6:b8:ee:
cc:08:17:e1:30:a7:99:64:06:89:c4:76:e3:91:a6:e7:e0:03:
8a:35:24:d5:e4:6e:53:dc:fb:b4:14:5c:d8:08:45:ec:0c:58:
04:a1:41:6f:16:c9:1b:48:50:7c:24:96:ce:6d:bf:a9:f6:98:
5f:e6:c5:52:ac:af:c3:27:59:d0:f2:36:84:37:30:b2:a8:4d:
96:1a:97:5c:ec:d7:b9:a7:7d:e6:71:d9:97:ab:e2:a1:df:9e:
5d:a8:06:34:2b:d6:98:a1:f8:36:67:63:16:f4:a5:66:70:59:
42:fd:83:97:15:6e:cd:0c:51:92:2e:e8:d9:49:5d:bf:0a:83:
01:ad:29:62:0d:6e:e5:2d:ee:a0:69:a5:da:39:8f:11:fc:ac:
b6:ac:0a:b2:01:25:c6:f3:26:46:8d:f2:21:70:cb:30:17:4b:
9b:43:dd:f4:ed:dc:8b:56:6f:fb:c5:c3:7a:de:63:63:23:a7:
5c:d6:d8:f6:cd:21:a4:7b:d9:44:a8:bb:46:9c:3e:03:ed:97:
12:57:82:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaHOQKUr7kgvCV/kPsdiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjQwNjRmOTUzMzFjZjFmMzE1ZGM1MGRlNGRiMDVmZjk1
YWE0MTAwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRkZmFhMWZlNDY3MTEzMGQ2NDY1MDliN2VmZjlhZmY0MWNiNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zj/sXN7VTnn5Y/0kWLqphjAZSzX
tIm/1sno4DRsjhUBQknWedNAiD9Ie9qlXuq9jwIBhdlC7AS2RzVQHEwTOw6FbKmN
DxHyeuKb8C2aNFlfhloFNp/78UTn2TyazeJAFWOxENF564Zles/LRLvilVXE87tt
wXdpICrcsoMqvcgxIfjnEQL/1TomSLqgfS9nOGiq7UK0GAGqDrkmtBG4Vyu0kkXD
7poFVgEiyhmx/JOdJsjs6/2wP0xFpKLCSSA63J2jRvqbmY+OEXB6ngsOKeHcL/jh
5YLD+08OP9Jvu2WIhDoOEMJX8+LymuSpyciydHwlT8saWZGPYdrx8gEoywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMZN+qH+RnETDWRlCbfv+a/0HLU6MB8GA1UdIwQY
MBaAFJ8kBk+VMxzx8xXcUN5NsF/5WqQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlRR1Q1VXpIUEh6RmR4UTNrMndYX2xhcEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MDA3OWItZmNhYS00NmQ5LTgxNjEt
NjZhNmM4MGQyNmE1LzEveGszNm9mNUdjUk1OWkdVSnQtXzVyX1FjdFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MDA3OWItZmNhYS00NmQ5LTgxNjEtNjZhNmM4MGQyNmE1
LzEvbnlRR1Q1VXpIUEh6RmR4UTNrMndYX2xhcEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURVwAwQC
ubIAMA0EAgACMAcDBQMqCk2AMA0GCSqGSIb3DQEBCwUAA4IBAQBRIjF+MpOZvebg
q3kzTFpnQlpqCIz6kp3J87tVcA9TQ2iAZdNxSFdOEnVJvuKMpTiQerPmuO7MCBfh
MKeZZAaJxHbjkabn4AOKNSTV5G5T3Pu0FFzYCEXsDFgEoUFvFskbSFB8JJbObb+p
9phf5sVSrK/DJ1nQ8jaENzCyqE2WGpdc7Ne5p33mcdmXq+Kh355dqAY0K9aYofg2
Z2MW9KVmcFlC/YOXFW7NDFGSLujZSV2/CoMBrSliDW7lLe6gaaXaOY8R/Ky2rAqy
ASXG8yZGjfIhcMswF0ubQ9307dyLVm/7xcN63mNjI6dc1tj2zSGke9lEqLtGnD4D
7ZcSV4Jm
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:41:46 2025 by rpki-client