Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xqyjrBAsPt6VFzztGhRFGsUeKVs.roa
File: xqyjrBAsPt6VFzztGhRFGsUeKVs.roa (raw, json)
Hash identifier: nSJGx8Mnaocq9nqKOOejGII6taJSf7vvPw4XmH1Q6Ys=
Subject key identifier: C6:AC:A3:AC:10:2C:3E:DE:95:17:3C:ED:1A:14:45:1A:C5:1E:29:5B
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0195B81AF6FFB7B9B9EA154B644C6AEBC5B4
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xqyjrBAsPt6VFzztGhRFGsUeKVs.roa
Signing time: Fri 21 Mar 2025 09:48:49 +0000
ROA not before: Fri 21 Mar 2025 09:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15755
IP address blocks: 87.251.22.0/24 maxlen: 24
94.103.39.0/24 maxlen: 24
185.35.21.0/24 maxlen: 24
185.35.22.0/24 maxlen: 24
185.96.168.0/24 maxlen: 24
185.96.171.0/24 maxlen: 24
185.203.32.0/24 maxlen: 24
185.203.33.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
185.203.35.0/24 maxlen: 24
2a00:7300::/32 maxlen: 32
2a00:7300::/48 maxlen: 48
2a0a:e0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:1a:f6:ff:b7:b9:b9:ea:15:4b:64:4c:6a:eb:c5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Mar 21 09:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6aca3ac102c3ede95173ced1a14451ac51e295b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:d7:ac:da:0e:5c:a4:af:9a:b9:86:bb:fb:
75:e1:5f:26:3b:93:41:cb:9d:48:89:0a:9a:d5:c1:
ec:ec:b0:d8:81:cc:2a:8f:cc:48:9d:92:17:38:2b:
b9:de:be:9c:5a:fb:5f:e9:03:bc:87:60:42:d7:1a:
d1:8a:5c:ba:10:6a:59:b1:f2:c2:2a:ff:32:c5:be:
5f:f1:f7:2c:b0:ca:55:2b:b3:f5:1b:2b:b8:e0:e3:
1b:ad:d5:e8:81:dc:4b:18:7f:49:76:31:35:21:70:
04:d2:d0:8e:b3:d0:2f:13:84:8e:dd:8a:ed:b2:e3:
d1:cd:78:8f:15:66:b0:83:0f:f7:85:1c:4c:91:2c:
2a:db:c6:15:e0:3e:51:f1:f0:91:79:88:71:10:39:
ef:7d:3b:c6:2d:cc:16:80:9f:83:ee:f0:36:85:33:
64:1b:3e:a4:ee:ea:54:95:88:36:65:58:a6:a2:c7:
56:84:ed:d4:67:f0:79:99:ae:81:78:91:d6:f9:f3:
f2:3c:3f:49:74:3c:9d:20:4d:8c:b1:16:46:8c:8f:
b9:55:8f:d7:25:d1:80:d8:1e:eb:b8:e6:18:12:23:
aa:43:29:fe:a6:5a:33:cb:02:3e:1f:90:39:9c:50:
ab:71:3f:7a:8a:86:b1:ab:84:43:35:96:31:b9:a0:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AC:A3:AC:10:2C:3E:DE:95:17:3C:ED:1A:14:45:1A:C5:1E:29:5B
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xqyjrBAsPt6VFzztGhRFGsUeKVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.22.0/24
94.103.39.0/24
185.35.21.0-185.35.22.255
185.96.168.0/24
185.96.171.0/24
185.203.32.0/22
IPv6:
2a00:7300::/32
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:03:8a:46:8e:16:03:96:f1:2b:9d:8e:48:65:08:52:de:61:
f9:c8:ed:c7:83:d0:64:e4:ca:a8:81:25:65:3b:2d:00:d8:06:
01:3f:59:2e:5d:9e:ff:c5:8e:e6:99:e1:f0:c9:55:2d:34:5a:
9b:d4:86:55:be:35:c6:43:59:36:2b:a6:63:d2:70:af:fa:15:
f1:0e:5a:3f:90:ed:d5:9f:fb:a0:75:17:96:31:73:00:89:ed:
d5:8d:36:75:62:9c:67:fd:03:a3:63:d6:9c:6b:60:fa:81:57:
41:c2:02:08:20:9c:07:94:9e:9d:f9:ec:ad:0a:55:eb:b2:2a:
5a:19:82:6d:dc:a9:da:ac:b4:85:47:fd:f3:7f:7a:f8:ed:3c:
39:17:ed:8c:b4:ff:78:80:a4:7f:25:15:a7:d9:57:90:9d:d4:
77:2d:3c:49:6f:f0:01:25:5d:18:aa:37:60:f8:76:c9:28:94:
f6:b1:59:1e:c1:40:64:f6:2a:c3:2a:b0:27:0d:53:16:df:03:
99:f6:6d:4f:93:b7:45:93:7f:66:c1:39:41:13:80:ff:6f:4a:
e1:73:d6:a4:88:0d:bb:0b:ce:80:a4:ff:da:c3:2c:d3:b7:40:
1f:e8:3e:cf:8e:c8:60:c8:f4:9c:a8:08:35:0a:61:9b:96:60:
45:91:32:5d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZW4Gvb/t7m56hVLZExq68W0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjUwMzIxMDk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFjYTNhYzEwMmMzZWRlOTUxNzNjZWQxYTE0NDUxYWM1MWUyOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTXrNoOXKSvmrmGu/t14V8mO5NB
y51IiQqa1cHs7LDYgcwqj8xInZIXOCu53r6cWvtf6QO8h2BC1xrRily6EGpZsfLC
Kv8yxb5f8fcssMpVK7P1Gyu44OMbrdXogdxLGH9JdjE1IXAE0tCOs9AvE4SO3Yrt
suPRzXiPFWawgw/3hRxMkSwq28YV4D5R8fCReYhxEDnvfTvGLcwWgJ+D7vA2hTNk
Gz6k7upUlYg2ZVimosdWhO3UZ/B5ma6BeJHW+fPyPD9JdDydIE2MsRZGjI+5VY/X
JdGA2B7ruOYYEiOqQyn+plozywI+H5A5nFCrcT96ioaxq4RDNZYxuaC9aQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMaso6wQLD7elRc87RoURRrFHilbMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEveHF5anJCQXNQdDZWRnp6dEdoUkZHc1VlS1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQAV/sWAwQA
XmcnMAwDBAC5IxUDBAC5IxYDBAC5YKgDBAC5YKsDBAK5yyAwFAQCAAIwDgMFACoA
cwADBQMqCuDAMA0GCSqGSIb3DQEBCwUAA4IBAQBNA4pGjhYDlvErnY5IZQhS3mH5
yO3Hg9Bk5MqogSVlOy0A2AYBP1kuXZ7/xY7mmeHwyVUtNFqb1IZVvjXGQ1k2K6Zj
0nCv+hXxDlo/kO3Vn/ugdReWMXMAie3VjTZ1Ypxn/QOjY9aca2D6gVdBwgIIIJwH
lJ6d+eytClXrsipaGYJt3KnarLSFR/3zf3r47Tw5F+2MtP94gKR/JRWn2VeQndR3
LTxJb/ABJV0Yqjdg+HbJKJT2sVkewUBk9irDKrAnDVMW3wOZ9m1Pk7dFk39mwTlB
E4D/b0rhc9akiA27C86ApP/awyzTt0Af6D7PjshgyPScqAg1CmGblmBFkTJd
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:28:48 2025 by rpki-client