Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XnKhkIj8XU2HxSZI-PPO4P-cC2I.roa
File: XnKhkIj8XU2HxSZI-PPO4P-cC2I.roa (raw, json)
Hash identifier: RZJBztvaM9qOkXAu1EUg2oUvPjGzxSs7nEvJhyJK0qY=
Subject key identifier: 5E:72:A1:90:88:FC:5D:4D:87:C5:26:48:F8:F3:CE:E0:FF:9C:0B:62
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B58908CA214181D97CDDEA6BF54BC
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XnKhkIj8XU2HxSZI-PPO4P-cC2I.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 87.246.8.0/22 maxlen: 22
87.246.12.0/24 maxlen: 24
87.246.13.0/24 maxlen: 24
87.246.14.0/24 maxlen: 24
87.246.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 18:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:58:90:8c:a2:14:18:1d:97:cd:de:a6:bf:54:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e72a19088fc5d4d87c52648f8f3cee0ff9c0b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:59:b9:07:ca:58:ab:4f:ab:83:c6:b9:35:86:
11:83:ef:ae:9c:04:12:6a:7d:5f:0e:ea:ac:1f:d4:
68:73:b5:93:77:d1:03:67:26:6c:47:01:0e:79:47:
64:ac:f8:5f:f6:41:c9:e5:64:f4:01:62:5e:d5:29:
b2:6c:39:dd:c8:c6:0f:25:a4:67:f8:f8:78:a0:e0:
e8:c4:4e:cc:0c:07:c9:96:72:74:0a:64:43:55:82:
a6:bc:4c:ef:71:76:11:24:bb:8a:63:6f:2c:89:3b:
e9:b1:22:e9:9a:0b:6f:1e:4e:84:b1:26:c3:7d:7b:
c0:af:ed:15:6e:c9:3f:1f:39:a7:b9:a0:fa:b0:8b:
44:a3:ad:38:9d:28:e8:ab:bd:24:86:fc:1d:95:60:
d6:62:14:5f:e8:b9:bf:19:95:d6:e7:db:52:e3:0b:
15:b5:b9:21:3d:6d:1a:5b:db:1f:68:91:3b:42:e0:
7b:8a:82:f2:fa:6e:5a:11:e8:10:d7:34:be:4d:75:
ab:0c:65:89:42:72:17:b9:2b:ae:65:00:e2:04:26:
a6:9b:70:c3:a8:ce:58:2e:c8:d7:16:6f:70:51:20:
53:36:6c:74:bb:88:8b:89:bf:08:46:27:cc:cc:2b:
06:75:b7:eb:23:0b:1b:03:d7:2c:14:81:ef:e2:57:
7b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:72:A1:90:88:FC:5D:4D:87:C5:26:48:F8:F3:CE:E0:FF:9C:0B:62
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XnKhkIj8XU2HxSZI-PPO4P-cC2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.8.0-87.246.14.255
87.246.28.0/22
Signature Algorithm: sha256WithRSAEncryption
38:83:e7:cc:c2:23:71:b2:d8:93:8f:70:5a:d6:8d:f2:40:8a:
02:27:40:6d:f4:39:14:c0:07:46:36:ae:ab:8a:ea:94:f4:6b:
a7:d7:71:5e:ba:01:1e:10:fe:83:e8:05:f7:4c:4a:17:63:db:
7d:17:b9:e9:41:b4:0f:be:24:9c:82:20:0f:59:36:1a:b4:68:
b0:a9:45:4a:76:2a:15:97:43:5e:98:7a:38:7b:25:47:1a:f5:
f8:04:9c:d6:c8:48:a1:e7:a3:da:15:04:ed:5a:e3:88:ec:cf:
77:c4:01:86:18:83:a3:24:c3:30:91:8a:d9:3d:c0:e4:3b:bb:
1c:fc:1d:b6:eb:70:06:a4:e7:60:df:9e:ae:48:6d:f1:3a:41:
aa:a9:df:9d:ff:18:62:c1:70:23:34:cb:35:60:8e:87:ae:c5:
4d:2d:fc:91:d7:28:e2:a3:56:c2:39:ce:4c:69:fb:b2:aa:c0:
2e:47:79:16:6f:d9:e7:c1:99:94:3d:65:1b:08:19:1f:6d:b8:
f7:54:0c:43:bb:28:84:c6:1e:a0:ed:59:e0:f4:68:d9:25:b0:
42:72:45:e9:ab:5a:5a:12:8d:af:f8:aa:82:c2:e3:49:19:09:
b1:35:60:b0:d5:35:46:33:f9:e6:cd:5a:3e:4c:c0:9a:a8:f1:
ea:f1:67:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQma1iQjKIUGB2Xzd6mv1S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcyYTE5MDg4ZmM1ZDRkODdjNTI2NDhmOGYzY2VlMGZmOWMwYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFm5B8pYq0+rg8a5NYYRg++unAQS
an1fDuqsH9Roc7WTd9EDZyZsRwEOeUdkrPhf9kHJ5WT0AWJe1SmybDndyMYPJaRn
+Ph4oODoxE7MDAfJlnJ0CmRDVYKmvEzvcXYRJLuKY28siTvpsSLpmgtvHk6EsSbD
fXvAr+0Vbsk/HzmnuaD6sItEo604nSjoq70khvwdlWDWYhRf6Lm/GZXW59tS4wsV
tbkhPW0aW9sfaJE7QuB7ioLy+m5aEegQ1zS+TXWrDGWJQnIXuSuuZQDiBCamm3DD
qM5YLsjXFm9wUSBTNmx0u4iLib8IRifMzCsGdbfrIwsbA9csFIHv4ld7QQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF5yoZCI/F1Nh8UmSPjzzuD/nAtiMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvWG5LaGtJajhYVTJIeFNaSS1QUE80UC1jQzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANX9ggD
BABX9g4DBAJX9hwwDQYJKoZIhvcNAQELBQADggEBADiD58zCI3Gy2JOPcFrWjfJA
igInQG30ORTAB0Y2rquK6pT0a6fXcV66AR4Q/oPoBfdMShdj230XuelBtA++JJyC
IA9ZNhq0aLCpRUp2KhWXQ16Yejh7JUca9fgEnNbISKHno9oVBO1a44jsz3fEAYYY
g6MkwzCRitk9wOQ7uxz8HbbrcAak52Dfnq5IbfE6Qaqp353/GGLBcCM0yzVgjoeu
xU0t/JHXKOKjVsI5zkxp+7KqwC5HeRZv2efBmZQ9ZRsIGR9tuPdUDEO7KITGHqDt
WeD0aNklsEJyRemrWloSja/4qoLC40kZCbE1YLDVNUYz+ebNWj5MwJqo8erxZ04=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:12:10 2025 by rpki-client