Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XojxGlHike-I6ipeSILxN9dQoS4.roa
File: XojxGlHike-I6ipeSILxN9dQoS4.roa (raw, json)
Hash identifier: AyUXNsHBoUfhtQIg5LyjlXYeH7oxNvlqfuEzNVX+aVE=
Subject key identifier: 5E:88:F1:1A:51:E2:91:EF:88:EA:2A:5E:48:82:F1:37:D7:50:A1:2E
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBC4426A0C7B4F43822E6A94B0388D
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XojxGlHike-I6ipeSILxN9dQoS4.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396568
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c4:42:6a:0c:7b:4f:43:82:2e:6a:94:b0:38:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e88f11a51e291ef88ea2a5e4882f137d750a12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b6:98:c7:d8:c8:73:0d:db:86:30:14:1a:37:
cf:be:03:7c:d8:fc:b4:1e:1c:82:ab:c8:d4:a2:18:
45:ea:0c:69:4f:c2:27:3f:60:9d:ff:83:f1:d4:99:
7e:94:f9:1c:7c:2f:05:5a:de:c8:3f:c6:fe:1e:c3:
f6:31:f4:ea:3c:5c:2e:b4:a8:45:87:b3:bc:c9:4d:
f3:c5:93:9a:1d:36:72:6d:c4:ea:40:09:db:aa:74:
ee:d4:29:e0:69:fd:91:d2:33:9c:85:a0:fa:ca:ab:
3b:e3:36:c1:28:45:89:a9:9c:25:51:c4:a0:6e:b5:
5c:9c:1a:0e:4d:ac:e7:97:d0:b2:1c:6c:87:12:ee:
9e:b1:4a:3e:ed:bc:0a:0b:65:a0:ed:a4:22:2c:97:
a9:b0:fc:1d:3a:a9:1e:f5:df:75:2c:15:f6:e7:6c:
54:ac:e2:45:1f:52:3b:c4:b2:09:a7:85:57:42:c1:
6e:ad:cc:4a:d2:7b:ac:79:e7:6a:7b:f3:d4:2b:20:
aa:24:06:88:7d:25:16:bd:4f:5f:79:25:57:2b:43:
1e:d3:76:12:da:de:00:a9:57:a4:48:b9:ab:47:ed:
d6:f3:cc:93:ad:26:af:6c:e8:bd:fc:5e:85:1a:dc:
b0:31:a5:b0:6f:36:cd:25:a8:c8:9a:f2:53:c2:b3:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:88:F1:1A:51:E2:91:EF:88:EA:2A:5E:48:82:F1:37:D7:50:A1:2E
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XojxGlHike-I6ipeSILxN9dQoS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
a3:01:6c:9c:d7:50:9b:32:76:f0:bb:5d:25:f3:73:aa:e4:92:
51:a0:06:f1:b2:c5:d8:af:e6:c7:17:15:c8:b1:25:75:1d:4a:
da:36:3f:22:78:df:ce:41:e5:1b:6a:0c:2b:c0:32:d4:c8:a1:
36:3c:75:1b:94:be:6f:d6:ad:b9:d2:7c:3f:e7:61:61:60:fc:
2e:f7:b8:0e:95:5c:b5:d4:9f:02:ed:d8:10:59:17:ca:f3:1f:
b3:1d:35:5e:5b:c1:d0:13:8f:bf:2f:1d:0b:ee:be:72:d0:01:
67:f4:88:d8:19:59:5f:ca:33:29:e7:93:24:b2:0f:9a:f2:9b:
83:a2:fd:c5:8d:79:a5:82:91:e0:33:e9:68:fe:3e:26:2c:be:
6c:1d:89:d6:08:13:26:ed:0d:37:31:e2:63:02:66:01:d2:84:
5d:a7:d8:36:07:99:13:b8:c5:28:3f:6d:17:04:b8:e8:bb:0b:
cd:20:46:ed:64:67:64:69:5f:ad:4d:e4:37:36:8b:99:91:0e:
d6:b5:07:32:2e:2f:48:55:a5:57:76:54:0a:56:40:62:83:34:
eb:7d:ad:20:76:06:20:a4:37:a2:b5:06:69:d5:31:e0:03:0a:
1d:6c:e0:f5:b4:f2:ed:93:70:b5:a7:ff:95:9d:c7:cb:47:d9:
ac:20:e5:92
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+8RCagx7T0OCLmqUsDiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg4ZjExYTUxZTI5MWVmODhlYTJhNWU0ODgyZjEzN2Q3NTBhMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbaYx9jIcw3bhjAUGjfPvgN82Py0
HhyCq8jUohhF6gxpT8InP2Cd/4Px1Jl+lPkcfC8FWt7IP8b+HsP2MfTqPFwutKhF
h7O8yU3zxZOaHTZybcTqQAnbqnTu1Cngaf2R0jOchaD6yqs74zbBKEWJqZwlUcSg
brVcnBoOTaznl9CyHGyHEu6esUo+7bwKC2Wg7aQiLJepsPwdOqke9d91LBX252xU
rOJFH1I7xLIJp4VXQsFurcxK0nuseedqe/PUKyCqJAaIfSUWvU9feSVXK0Me03YS
2t4AqVekSLmrR+3W88yTrSavbOi9/F6FGtywMaWwbzbNJajImvJTwrO1fQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF6I8RpR4pHviOoqXkiC8TfXUKEuMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWG9qeEdsSGlrZS1JNmlwZVNJTHhOOWRRb1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAKMBbJzXUJsydvC7XSXzc6rkklGgBvGy
xdiv5scXFcixJXUdSto2PyJ4385B5RtqDCvAMtTIoTY8dRuUvm/WrbnSfD/nYWFg
/C73uA6VXLXUnwLt2BBZF8rzH7MdNV5bwdATj78vHQvuvnLQAWf0iNgZWV/KMynn
kySyD5rym4Oi/cWNeaWCkeAz6Wj+PiYsvmwdidYIEybtDTcx4mMCZgHShF2n2DYH
mRO4xSg/bRcEuOi7C80gRu1kZ2RpX61N5Dc2i5mRDta1BzIuL0hVpVd2VApWQGKD
NOt9rSB2BiCkN6K1BmnVMeADCh1s4PW08u2TcLWn/5Wdx8tH2awg5ZI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:30 2025 by rpki-client