Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/Xv_k9B_Ol6KMXiDbnDdwE9msKgI.roa
File: Xv_k9B_Ol6KMXiDbnDdwE9msKgI.roa (raw, json)
Hash identifier: o2br+mpVDRPvcRh8PVchKStcPAlc6/q+ycf8CdzuWcA=
Subject key identifier: 5E:FF:E4:F4:1F:CE:97:A2:8C:5E:20:DB:9C:37:70:13:D9:AC:2A:02
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 01942522115E9D60754BCFCD271F88347295
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/Xv_k9B_Ol6KMXiDbnDdwE9msKgI.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 176.105.252.0/24 maxlen: 24
176.105.254.0/24 maxlen: 24
2a0d:c740:1a::/48 maxlen: 48
2a0d:c740:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:11:5e:9d:60:75:4b:cf:cd:27:1f:88:34:72:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5effe4f41fce97a28c5e20db9c377013d9ac2a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8f:72:c1:43:6c:da:2c:88:59:f0:ac:cd:d0:
c1:03:23:fd:44:01:55:98:1e:f0:a2:5e:c4:41:61:
f8:03:71:22:16:6f:16:6f:0a:c7:59:ad:84:2f:01:
87:83:35:10:a9:d6:33:ea:04:05:6b:b2:42:41:93:
ac:b9:fd:93:ab:1f:c3:e5:fd:3b:b8:29:d8:55:e6:
1f:b7:8c:b0:58:d1:ce:09:f2:5f:c0:4c:f3:6e:d1:
90:62:26:49:66:c2:24:bb:35:6a:91:cc:fc:07:9b:
c1:d3:5e:c3:d3:04:31:71:92:8e:84:c3:88:10:8f:
19:bd:c4:82:df:5c:a4:00:3e:93:c9:f8:e2:77:4e:
8b:55:18:f2:2b:f1:c9:24:1f:fc:7c:e7:9d:c9:c1:
75:bb:ac:a7:d8:7a:fb:ab:1f:10:73:06:6c:b0:3b:
a1:f5:60:60:4a:36:db:d2:c6:4a:eb:54:3b:8c:41:
01:3c:ac:f9:ab:4c:a6:51:78:5a:98:59:8e:cb:0c:
8e:6e:8c:d6:eb:2d:91:b8:e1:5b:45:b3:af:f4:f4:
f9:52:d1:ce:8a:bf:6a:64:43:f2:b3:3a:4d:fa:a1:
b6:05:d9:d3:7d:60:5e:87:09:4a:0e:45:c5:32:66:
be:18:35:d7:de:a1:e4:03:cd:a6:8c:eb:ab:83:f4:
b6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FF:E4:F4:1F:CE:97:A2:8C:5E:20:DB:9C:37:70:13:D9:AC:2A:02
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/Xv_k9B_Ol6KMXiDbnDdwE9msKgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.252.0/24
176.105.254.0/24
IPv6:
2a0d:c740:1a::/48
2a0d:c740:1c::/48
Signature Algorithm: sha256WithRSAEncryption
6b:d5:1c:00:57:c1:f4:c1:9d:d3:77:ee:0d:4d:dc:be:1a:4f:
b9:31:d4:ad:81:28:cf:00:83:55:40:1d:2c:85:88:24:1c:bc:
1e:10:6a:c4:1b:d4:dd:08:c2:eb:96:56:6a:f3:f9:7a:e1:96:
e7:ba:19:6d:68:36:b9:3c:69:5f:ff:30:b3:f9:c4:ac:99:dc:
c0:b0:8e:18:af:35:e2:5e:fa:67:f5:da:9f:d2:17:a5:b8:2d:
fe:11:35:a8:3e:a1:02:0d:63:60:82:62:39:3f:41:0e:1c:f4:
5c:0d:f8:17:fb:aa:f9:4f:d3:c2:9d:6d:b8:62:f0:0d:ed:da:
6e:57:a3:3a:78:11:55:7e:6f:8b:c1:05:1b:6a:67:b8:ce:c5:
0b:b6:f6:df:9a:54:12:a8:1e:14:ff:cb:6b:50:fc:4b:4c:29:
e9:2c:06:12:69:bd:9a:3b:03:41:33:bf:d7:ed:68:8f:99:d1:
3f:16:61:6a:be:9f:0d:51:38:28:79:7f:48:34:1e:00:ef:e6:
3c:f0:8e:84:71:4a:fb:fb:7b:d7:6a:1f:bf:67:f2:fd:88:06:
05:6a:29:dc:fb:5e:4c:dc:ad:e5:aa:d7:ca:cd:b6:cf:e0:2a:
0a:25:9a:ba:09:f4:ed:7d:a4:ca:a6:28:e6:28:96:bc:ec:05:
e6:e6:07:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQlIhFenWB1S8/NJx+INHKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZmZTRmNDFmY2U5N2EyOGM1ZTIwZGI5YzM3NzAxM2Q5YWMyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA849ywUNs2iyIWfCszdDBAyP9RAFV
mB7wol7EQWH4A3EiFm8WbwrHWa2ELwGHgzUQqdYz6gQFa7JCQZOsuf2Tqx/D5f07
uCnYVeYft4ywWNHOCfJfwEzzbtGQYiZJZsIkuzVqkcz8B5vB017D0wQxcZKOhMOI
EI8ZvcSC31ykAD6Tyfjid06LVRjyK/HJJB/8fOedycF1u6yn2Hr7qx8QcwZssDuh
9WBgSjbb0sZK61Q7jEEBPKz5q0ymUXhamFmOywyObozW6y2RuOFbRbOv9PT5UtHO
ir9qZEPyszpN+qG2BdnTfWBehwlKDkXFMma+GDXX3qHkA82mjOurg/S2DwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF7/5PQfzpeijF4g25w3cBPZrCoCMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvWHZfazlCX09sNktNWGlEYm5EZHdFOW1zS2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAsGn8AwQA
sGn+MBgEAgACMBIDBwAqDcdAABoDBwAqDcdAABwwDQYJKoZIhvcNAQELBQADggEB
AGvVHABXwfTBndN37g1N3L4aT7kx1K2BKM8Ag1VAHSyFiCQcvB4QasQb1N0IwuuW
Vmrz+Xrhlue6GW1oNrk8aV//MLP5xKyZ3MCwjhivNeJe+mf12p/SF6W4Lf4RNag+
oQINY2CCYjk/QQ4c9FwN+Bf7qvlP08Kdbbhi8A3t2m5Xozp4EVV+b4vBBRtqZ7jO
xQu29t+aVBKoHhT/y2tQ/EtMKeksBhJpvZo7A0Ezv9ftaI+Z0T8WYWq+nw1ROCh5
f0g0HgDv5jzwjoRxSvv7e9dqH79n8v2IBgVqKdz7XkzcreWq18rNts/gKgolmroJ
9O19pMqmKOYolrzsBebmB+c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:24 2025 by rpki-client