Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XWYIJ6UuSY9_AQiT-hJINBObDQE.roa
File: XWYIJ6UuSY9_AQiT-hJINBObDQE.roa (raw, json)
Hash identifier: PdxLhxNEU7vSAkCuLaQWVId/t5OMWmj8bekrOqUDrSs=
Subject key identifier: 5D:66:08:27:A5:2E:49:8F:7F:01:08:93:FA:12:48:34:13:9B:0D:01
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0194252202F01F94898D1BE85A6E7EE0F828
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XWYIJ6UuSY9_AQiT-hJINBObDQE.roa
Signing time: Thu 02 Jan 2025 03:49:33 +0000
ROA not before: Thu 02 Jan 2025 03:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207990
IP address blocks: 45.10.236.0/22 maxlen: 32
45.66.176.0/22 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
45.154.192.0/22 maxlen: 32
45.156.224.0/22 maxlen: 32
63.141.36.0/23 maxlen: 32
82.115.213.0/24 maxlen: 32
92.118.208.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.153.149.0/24 maxlen: 24
185.188.63.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
188.119.154.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
194.53.70.0/24 maxlen: 32
194.88.143.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
2a05:6700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:02:f0:1f:94:89:8d:1b:e8:5a:6e:7e:e0:f8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 2 03:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d660827a52e498f7f010893fa124834139b0d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fa:84:33:2d:ca:ac:73:35:34:02:a8:cb:5c:
a6:c2:9f:06:06:6d:01:09:c6:82:f6:c3:4f:2a:65:
e6:ba:2b:cb:27:9f:ec:ff:4f:1d:04:cb:39:a4:44:
b4:7c:58:1f:e4:50:41:cf:dd:9c:5a:c4:9e:cc:3f:
13:92:33:49:1b:1a:c8:5f:28:3d:a0:4f:08:d6:7d:
a5:51:6e:50:37:4e:bc:d6:ba:68:56:5b:26:a3:09:
5b:4a:1e:53:15:19:a6:a6:ec:09:5d:d8:0a:cd:5d:
ac:7a:ab:d7:c8:c6:f3:59:c3:77:5c:81:9f:1b:a2:
8a:c9:77:f1:4e:b0:27:40:a7:a4:fe:70:e0:3e:77:
9d:6c:97:ea:d3:ff:91:61:7f:60:26:05:c7:20:90:
41:66:9b:72:48:32:61:97:b5:16:85:ec:5b:22:e7:
1f:0c:3a:98:50:2e:9a:77:cb:86:db:0d:54:39:4e:
bd:4d:10:5a:b3:2b:52:29:df:82:03:1b:64:41:1c:
8d:b7:d2:0a:6e:fb:50:4e:e0:37:ea:1f:3e:93:c5:
40:5c:6c:b9:0d:fc:29:6d:69:41:6a:3a:26:12:8d:
7e:85:87:9a:3d:7d:7f:b0:27:f4:94:cd:9a:e8:0c:
44:4f:dd:22:3a:88:0d:cc:16:d0:d8:a2:4a:00:ba:
6c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:66:08:27:A5:2E:49:8F:7F:01:08:93:FA:12:48:34:13:9B:0D:01
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XWYIJ6UuSY9_AQiT-hJINBObDQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.236.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
82.115.213.0/24
92.118.208.0/22
139.28.120.0/22
185.36.254.0/24
185.153.149.0/24
185.188.63.0/24
185.223.248.0/22
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.88.143.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
IPv6:
2a05:6700::/29
Signature Algorithm: sha256WithRSAEncryption
c5:60:a5:28:84:64:c4:cc:31:6c:dd:b1:a5:9a:9a:d7:bc:ea:
08:ac:c2:00:30:80:74:97:ba:4b:63:89:01:10:7f:9e:3a:76:
4e:96:20:2c:42:c8:a4:1f:0f:41:c1:62:2e:9e:3f:2c:40:74:
41:8e:93:52:17:fe:dc:06:92:bb:8c:2f:c7:c6:44:c8:53:ff:
13:a4:58:91:b5:3f:14:30:e0:72:2e:2b:39:df:17:82:d5:2d:
bc:11:43:d4:88:cb:c6:6d:a0:f4:b5:16:04:19:c0:37:07:53:
5e:ed:68:69:31:eb:fa:0a:53:af:37:3b:be:97:1a:50:67:73:
9f:da:c2:0f:a5:63:f0:13:a0:ec:16:14:77:db:57:3c:4e:e2:
d5:34:5e:4a:ec:04:d3:73:7c:bd:ad:1d:26:e4:94:f1:21:97:
05:08:04:f4:8e:bc:75:aa:bd:aa:a6:2a:ca:c3:92:5f:a2:60:
65:3a:3b:5f:7f:c6:78:49:c2:27:fd:a8:96:a4:94:0f:2a:37:
4f:ca:ae:f2:3a:17:52:d0:86:5b:d0:ed:99:79:ca:37:74:49:
16:c3:78:94:e6:e0:1f:ae:86:a9:69:5b:d4:07:62:7b:82:83:
9b:ae:a5:74:2c:b8:11:f8:52:99:19:a9:ee:8c:46:d2:77:2a:
a4:ce:c6:88
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZQlIgLwH5SJjRvoWm5+4PgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwMTAyMDM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY2MDgyN2E1MmU0OThmN2YwMTA4OTNmYTEyNDgzNDEzOWIwZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvqEMy3KrHM1NAKoy1ymwp8GBm0B
CcaC9sNPKmXmuivLJ5/s/08dBMs5pES0fFgf5FBBz92cWsSezD8TkjNJGxrIXyg9
oE8I1n2lUW5QN0681rpoVlsmowlbSh5TFRmmpuwJXdgKzV2seqvXyMbzWcN3XIGf
G6KKyXfxTrAnQKek/nDgPnedbJfq0/+RYX9gJgXHIJBBZptySDJhl7UWhexbIucf
DDqYUC6ad8uG2w1UOU69TRBasytSKd+CAxtkQRyNt9IKbvtQTuA36h8+k8VAXGy5
DfwpbWlBajomEo1+hYeaPX1/sCf0lM2a6AxET90iOogNzBbQ2KJKALpscwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFF1mCCelLkmPfwEIk/oSSDQTmw0BMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvWFdZSUo2VXVTWTlfQVFpVC1oSklOQk9iRFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAIt
CuwDBAItQrADBAItUmADBAItVOQDBAItmsADBAItnOADBAE/jSQDBABSc9UDBAJc
dtADBAKLHHgDBAC5JP4DBAC5mZUDBAC5vD8DBAK53/gDBAC8d5oDBAHB5DowDAME
AMH+GwMEAMH+HAMEAMIAhQMEAMIAiAMEAMI1RgMEAMJYjzAMAwQAwnzvAwQAwnzw
MAwDBADCfPcDBADCfPgwDQQCAAIwBwMFAyoFZwAwDQYJKoZIhvcNAQELBQADggEB
AMVgpSiEZMTMMWzdsaWamte86giswgAwgHSXuktjiQEQf546dk6WICxCyKQfD0HB
Yi6ePyxAdEGOk1IX/twGkruML8fGRMhT/xOkWJG1PxQw4HIuKznfF4LVLbwRQ9SI
y8ZtoPS1FgQZwDcHU17taGkx6/oKU683O76XGlBnc5/awg+lY/AToOwWFHfbVzxO
4tU0XkrsBNNzfL2tHSbklPEhlwUIBPSOvHWqvaqmKsrDkl+iYGU6O19/xnhJwif9
qJaklA8qN0/KrvI6F1LQhlvQ7Zl5yjd0SRbDeJTm4B+uhqlpW9QHYnuCg5uupXQs
uBH4UpkZqe6MRtJ3KqTOxog=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:37:09 2025 by rpki-client