Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/XvxinObJ_Ej5nBLFUwMOjtk2T4E.roa
File: XvxinObJ_Ej5nBLFUwMOjtk2T4E.roa (raw, json)
Hash identifier: IfeFWTU1UR3YBE9GSFaZmBt5m0QI6LQRR1xjta/zJxo=
Subject key identifier: 5E:FC:62:9C:E6:C9:FC:48:F9:9C:12:C5:53:03:0E:8E:D9:36:4F:81
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 01966BCD67672793AB2989956427126465C2
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/XvxinObJ_Ej5nBLFUwMOjtk2T4E.roa
Signing time: Fri 25 Apr 2025 07:15:45 +0000
ROA not before: Fri 25 Apr 2025 07:15:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57768
IP address blocks: 5.187.8.0/21 maxlen: 21
5.187.9.0/24 maxlen: 24
5.187.10.0/24 maxlen: 24
5.187.11.0/24 maxlen: 24
5.187.12.0/24 maxlen: 24
5.187.13.0/24 maxlen: 24
5.187.14.0/24 maxlen: 24
5.187.15.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
37.75.128.0/24 maxlen: 24
37.75.129.0/24 maxlen: 24
37.75.130.0/24 maxlen: 24
37.75.131.0/24 maxlen: 24
37.75.132.0/24 maxlen: 24
37.75.133.0/24 maxlen: 24
37.75.134.0/24 maxlen: 24
37.75.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 07:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:cd:67:67:27:93:ab:29:89:95:64:27:12:64:65:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Apr 25 07:15:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5efc629ce6c9fc48f99c12c553030e8ed9364f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:58:35:5e:22:79:68:30:05:e5:02:9d:ee:3a:
49:c2:44:a8:09:21:37:d8:90:91:26:3e:e8:85:71:
8d:a5:d1:0b:7d:7c:0b:32:ec:dd:f4:9e:eb:09:41:
a1:a7:f6:69:c4:73:d7:0e:26:43:a2:24:f9:5d:ec:
54:c2:98:60:13:f4:c5:5f:84:e3:f0:62:e4:0d:18:
35:dc:83:62:b1:ec:27:18:d8:97:64:0e:68:7a:39:
4d:07:42:2e:81:e4:1d:07:9f:79:1c:a8:a2:fc:fc:
6a:18:58:19:ca:61:dc:c5:3b:38:69:c7:a0:32:57:
c8:9b:b5:14:28:84:3b:b1:82:90:1d:f7:4a:f6:61:
3a:04:b8:c0:d1:3a:2c:c9:a0:fe:e5:a7:eb:dd:c0:
22:a6:de:cc:fd:23:34:5d:32:70:a2:36:f5:23:ec:
f3:03:40:fd:7d:22:1f:cc:80:0e:ed:6b:40:0e:1c:
2b:dd:99:9a:37:dd:54:2f:5d:00:39:fa:a3:8e:6a:
bf:ec:5b:f9:d5:f0:3e:7a:59:f3:d2:92:73:98:7a:
6e:af:45:a5:23:bd:1f:27:ab:8b:a9:8d:e7:22:b3:
01:e6:73:ea:2b:96:07:5a:04:18:94:3e:18:ae:eb:
4f:33:68:f4:0e:0d:42:49:5e:26:da:7a:8d:47:0c:
36:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FC:62:9C:E6:C9:FC:48:F9:9C:12:C5:53:03:0E:8E:D9:36:4F:81
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/XvxinObJ_Ej5nBLFUwMOjtk2T4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
Signature Algorithm: sha256WithRSAEncryption
77:39:7e:b2:e1:6c:44:28:3f:5d:fd:75:fd:a0:6a:00:ef:78:
58:41:10:b0:a7:d7:8e:d7:de:51:f7:66:0a:10:68:93:47:33:
53:31:cf:fe:d5:18:b1:5e:73:d1:75:d0:5e:49:43:4b:5f:af:
cc:d3:64:01:5a:18:9d:b0:c9:77:f6:b3:6d:8c:23:66:1c:ec:
74:8d:b2:72:ec:3a:19:78:c6:38:ec:12:57:43:8b:c8:9e:c3:
6c:04:8e:d7:71:48:6c:6e:a6:98:b6:5c:cf:fd:24:f8:de:e4:
c2:a6:27:a9:fb:ec:89:a8:cf:37:32:6b:f0:0b:e7:b7:fd:a8:
d4:2e:a1:72:dd:ca:55:18:97:1b:7b:e0:02:26:ba:78:90:8c:
db:48:9f:49:df:69:d7:86:a2:82:a4:72:7d:8b:b1:94:a6:4a:
cd:75:bf:b1:dc:ce:87:2a:70:cf:34:15:8e:8a:88:bd:98:da:
05:27:5a:1e:a2:54:cf:0c:88:e9:6b:0f:39:90:17:53:c1:e6:
4c:07:44:60:cc:d1:54:a0:bf:ec:9e:2e:75:e8:86:58:48:be:
4e:d5:4b:d5:b2:7a:db:83:2d:68:f6:47:98:1b:be:97:30:ee:
9e:f4:6d:e2:e2:3e:ed:38:a9:4e:25:1a:61:10:e9:99:7a:2c:
53:b9:ff:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZrzWdnJ5OrKYmVZCcSZGXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjkzNjI2NmU5ODBkZDIwM2IyY2JlYjFjOWM0NTcwNjA0
YjkxMWIwHhcNMjUwNDI1MDcxNTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZjNjI5Y2U2YzlmYzQ4Zjk5YzEyYzU1MzAzMGU4ZWQ5MzY0ZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVg1XiJ5aDAF5QKd7jpJwkSoCSE3
2JCRJj7ohXGNpdELfXwLMuzd9J7rCUGhp/ZpxHPXDiZDoiT5XexUwphgE/TFX4Tj
8GLkDRg13INisewnGNiXZA5oejlNB0IugeQdB595HKii/PxqGFgZymHcxTs4aceg
MlfIm7UUKIQ7sYKQHfdK9mE6BLjA0TosyaD+5afr3cAipt7M/SM0XTJwojb1I+zz
A0D9fSIfzIAO7WtADhwr3ZmaN91UL10AOfqjjmq/7Fv51fA+elnz0pJzmHpur0Wl
I70fJ6uLqY3nIrMB5nPqK5YHWgQYlD4YrutPM2j0Dg1CSV4m2nqNRww2hwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF78YpzmyfxI+ZwSxVMDDo7ZNk+BMB8GA1UdIwQY
MBaAFFhpNiZumA3SA7LL6xycRXBgS5EbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEt
N2RhMTgzZWZmMTE1LzEvWHZ4aW5PYkpfRWo1bkJMRlV3TU9qdGsyVDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEtN2RhMTgzZWZmMTE1
LzEvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBbsIAwQD
JUuAMA0GCSqGSIb3DQEBCwUAA4IBAQB3OX6y4WxEKD9d/XX9oGoA73hYQRCwp9eO
195R92YKEGiTRzNTMc/+1RixXnPRddBeSUNLX6/M02QBWhidsMl39rNtjCNmHOx0
jbJy7DoZeMY47BJXQ4vInsNsBI7XcUhsbqaYtlzP/ST43uTCpiep++yJqM83Mmvw
C+e3/ajULqFy3cpVGJcbe+ACJrp4kIzbSJ9J32nXhqKCpHJ9i7GUpkrNdb+x3M6H
KnDPNBWOioi9mNoFJ1oeolTPDIjpaw85kBdTweZMB0RgzNFUoL/sni516IZYSL5O
1UvVsnrbgy1o9keYG76XMO6e9G3i4j7tOKlOJRphEOmZeixTuf+h
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:17:19 2025 by rpki-client