Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/XuUIg00P_oELwRIdekPlKjcVl2M.roa
File: XuUIg00P_oELwRIdekPlKjcVl2M.roa (raw, json)
Hash identifier: D5bbltVcpYBKzhGcnj29+Y83dlfa0xkosi+p8XbJoUc=
Subject key identifier: 5E:E5:08:83:4D:0F:FE:81:0B:C1:12:1D:7A:43:E5:2A:37:15:97:63
Certificate issuer: /CN=2e98c506a174cf2cad9c1a6c5b81d6e89886362d
Certificate serial: 01942067C775F023FAEC1CB0B33E03AEECB7
Authority key identifier: 2E:98:C5:06:A1:74:CF:2C:AD:9C:1A:6C:5B:81:D6:E8:98:86:36:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/XuUIg00P_oELwRIdekPlKjcVl2M.roa
Signing time: Wed 01 Jan 2025 05:47:39 +0000
ROA not before: Wed 01 Jan 2025 05:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206123
IP address blocks: 91.247.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c7:75:f0:23:fa:ec:1c:b0:b3:3e:03:ae:ec:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e98c506a174cf2cad9c1a6c5b81d6e89886362d
Validity
Not Before: Jan 1 05:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee508834d0ffe810bc1121d7a43e52a37159763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:be:fa:85:de:9b:cb:b8:1c:c5:97:f3:a5:
29:f0:c6:21:fe:72:fd:9c:3d:52:ac:a1:ce:4d:e4:
21:7b:0f:b1:68:58:ed:4d:f9:c6:da:2e:6f:93:7d:
1b:24:d5:ed:28:07:56:57:17:80:37:07:ab:c1:42:
db:6b:8d:e5:5c:fc:86:0f:78:bc:88:9f:c1:24:d4:
ef:9f:d7:c4:55:79:41:b7:c3:2a:21:bf:f8:c2:0e:
14:d5:a9:79:3d:74:2c:a1:88:8e:e4:c8:06:ba:a9:
de:0c:4a:59:29:1b:6a:86:b2:6f:36:49:b6:e2:7d:
c1:81:16:36:78:af:7c:fa:96:c6:f6:d9:01:9b:2a:
e8:8f:02:63:35:85:73:78:39:c3:2e:40:e2:27:a7:
1c:05:af:e5:ce:c6:9f:f1:21:49:73:fd:41:6a:5e:
e3:b5:2f:70:4b:79:f7:97:bd:00:a4:07:35:fb:c0:
c9:a4:9f:16:54:93:6f:4f:d5:f9:ef:93:ca:d1:b8:
0a:74:c1:c3:37:39:e9:47:f4:f9:cf:d5:3c:08:ce:
fd:ca:42:9f:0b:02:29:73:71:7d:8d:6e:4d:7a:a7:
82:6c:3c:d5:1c:2c:73:ec:89:8e:f0:fb:99:d8:d4:
33:77:94:5b:89:bf:50:33:66:da:89:90:0f:8a:8e:
f6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E5:08:83:4D:0F:FE:81:0B:C1:12:1D:7A:43:E5:2A:37:15:97:63
X509v3 Authority Key Identifier:
keyid:2E:98:C5:06:A1:74:CF:2C:AD:9C:1A:6C:5B:81:D6:E8:98:86:36:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/XuUIg00P_oELwRIdekPlKjcVl2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.253.0/24
Signature Algorithm: sha256WithRSAEncryption
66:48:72:60:25:a3:6f:5d:cf:ca:0b:d4:ec:ba:17:60:ee:df:
29:20:f5:ec:7c:50:c8:2f:c0:94:0e:b8:0a:7c:c4:fc:0a:8b:
25:ae:66:d6:89:52:d3:d5:c5:cf:8f:80:8f:16:3b:0a:9d:3b:
35:04:cd:8e:e0:94:e5:64:2a:af:42:47:ef:9c:9b:7d:1c:a4:
c4:79:36:d0:20:fa:4f:63:98:67:de:75:7b:4a:bd:8e:23:cf:
3b:34:52:2a:c1:86:fd:e6:c8:68:5d:c3:db:d5:ff:9b:b1:2e:
dc:d4:68:da:07:44:a4:54:bc:0d:5b:62:5e:43:33:16:91:ad:
0d:da:a5:21:64:ff:05:78:d5:8a:b8:93:20:7f:86:c3:d8:25:
f8:b0:91:32:3b:dc:b7:d7:2f:50:f3:b6:73:63:5e:0f:f0:fd:
bc:d0:72:ca:b6:59:37:58:3a:11:21:3d:ac:50:d3:05:7d:03:
24:ff:76:8c:6f:06:25:ef:cd:33:98:fc:b1:ed:90:2b:8b:03:
5a:5c:ca:b4:7e:db:6a:76:8d:60:92:b2:74:c2:67:77:48:54:
84:21:e3:a6:d2:86:e9:79:b0:2a:85:85:59:91:84:01:54:a2:
34:08:2e:64:02:3b:ff:ab:b0:6a:20:d5:e9:d7:b9:7d:6d:7b:
4b:ff:27:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8d18CP67Bywsz4Druy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOThjNTA2YTE3NGNmMmNhZDljMWE2YzViODFkNmU4OTg4
NjM2MmQwHhcNMjUwMTAxMDU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU1MDg4MzRkMGZmZTgxMGJjMTEyMWQ3YTQzZTUyYTM3MTU5NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoq++oXem8u4HMWX86Up8MYh/nL9
nD1SrKHOTeQhew+xaFjtTfnG2i5vk30bJNXtKAdWVxeANwerwULba43lXPyGD3i8
iJ/BJNTvn9fEVXlBt8MqIb/4wg4U1al5PXQsoYiO5MgGuqneDEpZKRtqhrJvNkm2
4n3BgRY2eK98+pbG9tkBmyrojwJjNYVzeDnDLkDiJ6ccBa/lzsaf8SFJc/1Bal7j
tS9wS3n3l70ApAc1+8DJpJ8WVJNvT9X575PK0bgKdMHDNznpR/T5z9U8CM79ykKf
CwIpc3F9jW5NeqeCbDzVHCxz7ImO8PuZ2NQzd5Rbib9QM2baiZAPio72xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7lCINND/6BC8ESHXpD5So3FZdjMB8GA1UdIwQY
MBaAFC6YxQahdM8srZwabFuB1uiYhjYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBqRkJxRjB6eXl0bkJwc1c0SFc2SmlHTmkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hNjQyNWMtMGM3Yy00ZmRmLTg3YjIt
NmJiYTdmYzMxNzI4LzEvWHVVSWcwMFBfb0VMd1JJZGVrUGxLamNWbDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hNjQyNWMtMGM3Yy00ZmRmLTg3YjItNmJiYTdmYzMxNzI4
LzEvTHBqRkJxRjB6eXl0bkJwc1c0SFc2SmlHTmkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/f9MA0G
CSqGSIb3DQEBCwUAA4IBAQBmSHJgJaNvXc/KC9Tsuhdg7t8pIPXsfFDIL8CUDrgK
fMT8CoslrmbWiVLT1cXPj4CPFjsKnTs1BM2O4JTlZCqvQkfvnJt9HKTEeTbQIPpP
Y5hn3nV7Sr2OI887NFIqwYb95shoXcPb1f+bsS7c1GjaB0SkVLwNW2JeQzMWka0N
2qUhZP8FeNWKuJMgf4bD2CX4sJEyO9y31y9Q87ZzY14P8P280HLKtlk3WDoRIT2s
UNMFfQMk/3aMbwYl780zmPyx7ZAriwNaXMq0fttqdo1gkrJ0wmd3SFSEIeOm0obp
ebAqhYVZkYQBVKI0CC5kAjv/q7BqINXp17l9bXtL/ye7
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:32:28 2025 by rpki-client