Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xi2geuzGmAg0SVUCS9xklubR4sc.roa
File: xi2geuzGmAg0SVUCS9xklubR4sc.roa (raw, json)
Hash identifier: gt5up9TkcdTFqZP7WdRbTFhWkX49lVJ5kxzIcO99jjA=
Subject key identifier: C6:2D:A0:7A:EC:C6:98:08:34:49:55:02:4B:DC:64:96:E6:D1:E2:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196D41ECD7B712018210DAE2C6CD67D67C2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xi2geuzGmAg0SVUCS9xklubR4sc.roa
Signing time: Thu 15 May 2025 13:25:10 +0000
ROA not before: Thu 15 May 2025 13:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42446
IP address blocks: 87.120.197.0/24 maxlen: 24
91.92.232.0/24 maxlen: 24
93.123.104.0/22 maxlen: 24
2a00:1728:30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:1e:cd:7b:71:20:18:21:0d:ae:2c:6c:d6:7d:67:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 13:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c62da07aecc69808344955024bdc6496e6d1e2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c2:30:ba:12:75:5d:ab:fa:27:e6:a3:fe:36:
d7:b9:19:e4:5c:fd:9c:94:54:21:05:c2:3e:de:9c:
2b:4e:83:1c:cd:66:33:4e:90:ab:e7:35:1f:40:81:
74:e6:9f:b1:65:8b:59:92:19:21:0b:3d:84:d1:8b:
a5:57:7a:78:ca:00:cd:41:5f:7b:1d:95:4e:62:7f:
c0:d2:8d:e4:95:0a:3a:8f:25:7b:44:de:9e:ca:53:
f6:5a:70:0e:3d:d8:55:34:4e:14:ee:26:e4:e2:1f:
20:9c:75:99:4a:9b:f7:70:aa:64:96:4b:da:f3:ba:
c7:3f:f0:64:2a:60:f6:ca:be:5c:0d:be:1d:68:60:
5a:5e:8b:33:4f:0e:ff:1f:d4:8f:eb:be:bb:d9:bb:
1c:e2:4e:48:b3:03:68:c6:e2:c4:ae:95:2a:4e:56:
36:4c:e0:2e:c3:ab:54:04:4e:38:03:d5:62:87:2e:
d3:f8:03:b6:fc:18:7d:5a:c0:97:ba:89:8b:60:b0:
a8:c4:b3:b6:94:69:7f:d1:7e:76:df:b2:f7:04:85:
40:0f:21:de:f4:af:3c:39:2f:67:f3:d0:fe:d4:3e:
f7:11:b4:f6:e1:26:78:69:5d:4f:f4:bb:d9:be:99:
ae:28:37:09:57:b5:ff:87:94:53:94:99:b1:0f:ad:
eb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:A0:7A:EC:C6:98:08:34:49:55:02:4B:DC:64:96:E6:D1:E2:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xi2geuzGmAg0SVUCS9xklubR4sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.197.0/24
91.92.232.0/24
93.123.104.0/22
IPv6:
2a00:1728:30::/48
Signature Algorithm: sha256WithRSAEncryption
84:ac:00:86:52:6f:5c:e5:4f:b6:30:b6:72:cc:87:18:90:52:
c1:3d:8c:17:22:27:4f:51:70:d8:b2:ea:87:7f:b4:4c:fe:7c:
0d:dd:00:41:5e:5f:2b:c0:a1:51:40:2d:d3:f7:b9:6f:3c:b4:
05:1d:62:4f:f7:5c:e2:37:5d:9c:63:63:27:ad:79:09:ef:8a:
cc:6e:89:ef:5f:3b:1b:10:ef:bf:b1:b1:78:49:f1:62:5b:02:
ed:d3:e4:cd:80:24:51:58:86:c8:98:11:c6:f5:a3:c5:0d:08:
fb:5d:ef:6a:30:7b:c3:c2:ee:99:d0:e2:7e:e1:a9:c2:03:5f:
9b:bc:89:0d:e4:22:69:31:c1:d2:68:af:77:a4:2c:06:c1:89:
36:41:16:f1:02:e0:85:a0:a6:9d:3b:ca:e9:dd:d7:1f:0f:7c:
3b:65:8d:be:b7:be:63:eb:f7:01:d5:b0:cb:4b:94:a8:41:70:
62:a2:cc:66:87:82:88:cf:7e:70:23:70:91:86:10:09:fd:a9:
bb:a5:f6:b2:d1:59:08:2b:52:fc:4c:fe:6a:15:ed:25:4d:41:
96:92:cb:9f:89:2f:62:c8:36:d3:51:02:88:0b:5d:e7:b5:1d:
5b:ec:fa:42:44:d6:dd:de:ac:e4:40:cb:8a:74:98:1a:0c:49:
c1:0b:66:2a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbUHs17cSAYIQ2uLGzWfWfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTE1MTMyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJkYTA3YWVjYzY5ODA4MzQ0OTU1MDI0YmRjNjQ5NmU2ZDFlMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8IwuhJ1Xav6J+aj/jbXuRnkXP2c
lFQhBcI+3pwrToMczWYzTpCr5zUfQIF05p+xZYtZkhkhCz2E0YulV3p4ygDNQV97
HZVOYn/A0o3klQo6jyV7RN6eylP2WnAOPdhVNE4U7ibk4h8gnHWZSpv3cKpklkva
87rHP/BkKmD2yr5cDb4daGBaXoszTw7/H9SP67672bsc4k5IswNoxuLErpUqTlY2
TOAuw6tUBE44A9Vihy7T+AO2/Bh9WsCXuomLYLCoxLO2lGl/0X5237L3BIVADyHe
9K88OS9n89D+1D73EbT24SZ4aV1P9LvZvpmuKDcJV7X/h5RTlJmxD63rxwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMYtoHrsxpgINElVAkvcZJbm0eLHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveGkyZ2V1ekdtQWcwU1ZVQ1M5eGtsdWJSNHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAV3jFAwQA
W1zoAwQCXXtoMA8EAgACMAkDBwAqABcoADAwDQYJKoZIhvcNAQELBQADggEBAISs
AIZSb1zlT7YwtnLMhxiQUsE9jBciJ09RcNiy6od/tEz+fA3dAEFeXyvAoVFALdP3
uW88tAUdYk/3XOI3XZxjYyeteQnvisxuie9fOxsQ77+xsXhJ8WJbAu3T5M2AJFFY
hsiYEcb1o8UNCPtd72owe8PC7pnQ4n7hqcIDX5u8iQ3kImkxwdJor3ekLAbBiTZB
FvEC4IWgpp07yund1x8PfDtljb63vmPr9wHVsMtLlKhBcGKizGaHgojPfnAjcJGG
EAn9qbul9rLRWQgrUvxM/moV7SVNQZaSy5+JL2LINtNRAogLXee1HVvs+kJE1t3e
rORAy4p0mBoMScELZio=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:35:10 2025 by rpki-client