Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XymxCebgP2iZukhvR2MoULKQYg8.roa
File: XymxCebgP2iZukhvR2MoULKQYg8.roa (raw, json)
Hash identifier: Gic+qBu6uDav81P9UIqh8LoxizRVVE2tkjr5RFnItJo=
Subject key identifier: 5F:29:B1:09:E6:E0:3F:68:99:BA:48:6F:47:63:28:50:B2:90:62:0F
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B5A2AD998925E8357BC0FDD2140F7
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XymxCebgP2iZukhvR2MoULKQYg8.roa
Signing time: Thu 02 Jan 2025 09:49:17 +0000
ROA not before: Thu 02 Jan 2025 09:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39251
IP address blocks: 109.160.52.0/24 maxlen: 24
109.160.53.0/24 maxlen: 24
109.160.54.0/24 maxlen: 24
109.160.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5a:2a:d9:98:92:5e:83:57:bc:0f:dd:21:40:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f29b109e6e03f6899ba486f47632850b290620f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:74:20:63:ec:f0:6a:a8:68:26:1a:85:ca:e7:
98:20:c6:ef:65:b0:91:b5:8f:a3:aa:38:ac:50:e4:
03:c1:76:33:32:83:71:ea:62:21:89:b4:a7:b4:b1:
82:f9:44:7f:77:78:ab:8f:9d:e8:bf:ff:29:5a:15:
92:68:bc:03:c7:24:2e:22:b9:81:1e:95:01:b5:f6:
74:1e:de:6b:8e:e4:33:d4:2e:59:b0:f6:b7:7d:9e:
8c:55:b7:ca:0a:1a:ed:4c:27:29:52:c2:6d:d5:ad:
35:1a:ea:4c:03:56:14:a0:18:3e:32:f5:ee:a6:66:
6a:20:c6:c0:10:4e:ed:2f:7c:ea:ca:15:2d:a0:4c:
8d:cb:23:f4:fd:9b:a7:cb:e7:3b:ba:72:62:6b:10:
a0:24:14:bd:ac:39:da:25:af:75:70:5d:63:90:d0:
90:fa:14:05:1f:94:f3:2e:42:58:5c:9a:4b:e3:a1:
28:da:22:18:c4:c2:53:05:40:48:10:69:f2:e5:ea:
9c:ed:af:74:3b:8a:e8:6d:fc:8e:69:e3:be:e6:1e:
48:f3:19:25:01:00:30:40:d5:51:0b:ff:22:08:5d:
a4:71:39:0d:0d:63:16:ab:1a:ba:b7:58:b6:f6:7f:
a2:e9:49:0e:17:b5:7a:1e:30:9c:28:2e:22:23:98:
da:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:29:B1:09:E6:E0:3F:68:99:BA:48:6F:47:63:28:50:B2:90:62:0F
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/XymxCebgP2iZukhvR2MoULKQYg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.52.0/22
Signature Algorithm: sha256WithRSAEncryption
12:41:c0:8a:f4:cd:59:41:e1:ad:87:76:8e:b5:4b:0a:fe:c0:
2d:b4:4e:6c:f4:f2:0b:d5:7b:33:50:49:f2:a1:e9:1e:3b:ff:
56:09:8a:75:d1:24:ec:7c:c5:02:0d:81:c4:f8:68:58:12:db:
36:e9:ea:3b:91:68:ef:8b:e9:56:5b:ab:7f:c1:a9:26:69:00:
85:92:24:e0:c1:4f:6a:34:56:eb:4f:d0:9d:49:e5:c1:c3:66:
aa:69:41:43:50:70:19:a9:1c:ef:ec:79:9b:dd:e9:40:35:cb:
0e:64:bf:d9:af:d8:dd:d7:d9:0f:55:5b:57:69:a9:e1:43:8b:
66:f8:bc:82:9e:4a:6d:5d:9c:7d:13:de:84:df:3d:1d:3d:da:
09:2a:9a:1e:8d:4e:8f:23:0a:59:d8:27:ea:63:5a:7b:41:60:
8e:7c:96:87:22:0c:56:ac:26:86:48:8a:93:25:18:24:5c:ee:
cf:d3:db:3e:1d:c1:14:c4:7a:1a:32:1f:a0:aa:2c:7f:a4:e7:
62:fe:c9:fe:2c:09:ab:c4:50:8a:d3:6a:aa:55:35:43:54:53:
4d:59:b2:1c:86:b7:2a:3c:1b:09:dc:38:c0:95:b7:43:7d:d7:
11:ca:e2:fd:9f:ce:f3:80:c0:45:4d:88:cf:95:55:7b:7d:39:
2b:5e:06:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma1oq2ZiSXoNXvA/dIUD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI5YjEwOWU2ZTAzZjY4OTliYTQ4NmY0NzYzMjg1MGIyOTA2MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnQgY+zwaqhoJhqFyueYIMbvZbCR
tY+jqjisUOQDwXYzMoNx6mIhibSntLGC+UR/d3irj53ov/8pWhWSaLwDxyQuIrmB
HpUBtfZ0Ht5rjuQz1C5ZsPa3fZ6MVbfKChrtTCcpUsJt1a01GupMA1YUoBg+MvXu
pmZqIMbAEE7tL3zqyhUtoEyNyyP0/Zuny+c7unJiaxCgJBS9rDnaJa91cF1jkNCQ
+hQFH5TzLkJYXJpL46Eo2iIYxMJTBUBIEGny5eqc7a90O4robfyOaeO+5h5I8xkl
AQAwQNVRC/8iCF2kcTkNDWMWqxq6t1i29n+i6UkOF7V6HjCcKC4iI5jaRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8psQnm4D9ombpIb0djKFCykGIPMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvWHlteENlYmdQMmladWtodlIyTW9VTEtRWWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaA0MA0G
CSqGSIb3DQEBCwUAA4IBAQASQcCK9M1ZQeGth3aOtUsK/sAttE5s9PIL1XszUEny
oekeO/9WCYp10STsfMUCDYHE+GhYEts26eo7kWjvi+lWW6t/wakmaQCFkiTgwU9q
NFbrT9CdSeXBw2aqaUFDUHAZqRzv7Hmb3elANcsOZL/Zr9jd19kPVVtXaanhQ4tm
+LyCnkptXZx9E96E3z0dPdoJKpoejU6PIwpZ2CfqY1p7QWCOfJaHIgxWrCaGSIqT
JRgkXO7P09s+HcEUxHoaMh+gqix/pOdi/sn+LAmrxFCK02qqVTVDVFNNWbIchrcq
PBsJ3DjAlbdDfdcRyuL9n87zgMBFTYjPlVV7fTkrXgbH
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:37:47 2025 by rpki-client