Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xlz5cxlOP8wU1rRS7vQDBbyZbAI.roa
File: xlz5cxlOP8wU1rRS7vQDBbyZbAI.roa (raw, json)
Hash identifier: TMgufs18Jyzo1gVxoROmRG+tYJ3b8XSa3gyzmDIKCUs=
Subject key identifier: C6:5C:F9:73:19:4E:3F:CC:14:D6:B4:52:EE:F4:03:05:BC:99:6C:02
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195F53FBCF7795E21CB84E37D8065A4BF36
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xlz5cxlOP8wU1rRS7vQDBbyZbAI.roa
Signing time: Wed 02 Apr 2025 06:45:49 +0000
ROA not before: Wed 02 Apr 2025 06:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 170.62.239.0/24 maxlen: 24
170.62.244.0/24 maxlen: 24
170.62.245.0/24 maxlen: 24
193.142.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 09:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:3f:bc:f7:79:5e:21:cb:84:e3:7d:80:65:a4:bf:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 2 06:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c65cf973194e3fcc14d6b452eef40305bc996c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:aa:69:df:ea:85:a2:1d:53:7e:5e:26:a3:
2e:cd:2c:3d:f7:de:ad:27:da:e8:82:1d:60:24:7e:
b8:69:d4:1f:a3:99:22:2d:18:6d:b7:01:b2:b5:96:
40:5a:6d:1d:af:0d:26:9c:f0:c3:db:4b:c8:23:00:
62:9f:f5:40:5b:08:f7:fd:cd:75:ff:6b:11:00:53:
65:b1:7a:81:8c:a6:c7:51:26:fa:42:dc:ec:23:6e:
9e:56:e6:48:55:3e:50:45:02:a5:4d:bd:6a:3a:32:
a5:e8:d1:62:fd:44:ba:19:93:7c:19:d5:5b:02:79:
8d:9a:35:7e:82:cc:5a:c3:2d:70:7d:89:3b:c0:5f:
c3:a1:d1:b7:44:4d:ce:0a:34:72:e9:98:c6:26:d5:
39:c6:34:f3:50:e4:d1:1f:7d:40:a2:4c:f7:23:71:
a5:39:86:c7:a0:01:13:25:eb:8e:e3:ac:1e:21:01:
d0:69:07:8d:17:41:56:63:bd:20:88:1b:cb:17:99:
d2:d3:5f:3b:65:24:d8:68:d8:d3:fb:04:5d:7d:9d:
e3:61:ca:48:c1:e9:fb:41:b8:2d:ef:8a:8f:92:44:
66:1a:fd:6b:30:44:6a:9f:33:8e:18:d0:ad:00:0e:
f6:ef:a5:b0:57:ee:68:cf:b5:f3:f4:27:92:6e:9f:
61:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5C:F9:73:19:4E:3F:CC:14:D6:B4:52:EE:F4:03:05:BC:99:6C:02
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xlz5cxlOP8wU1rRS7vQDBbyZbAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.239.0/24
170.62.244.0/23
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:10:76:a6:ab:28:d0:76:5f:e1:15:cd:95:fa:fa:18:3a:83:
9b:dd:04:12:77:16:98:a5:8d:b0:c4:84:e5:23:aa:3c:11:d1:
6b:df:f4:22:f5:0e:78:5f:13:d1:23:f9:13:c0:cd:a9:9b:54:
d7:0c:97:ba:8d:b8:44:8d:ee:a3:c1:3b:64:35:f2:11:6e:10:
42:7f:ee:66:d5:52:97:eb:1b:52:a1:f1:72:e4:6a:68:82:1d:
d6:a6:4a:db:77:06:78:e0:ef:7f:de:e0:d2:d1:c2:89:e5:63:
13:56:97:57:d1:61:f7:b3:c9:95:b1:03:41:9b:7c:5b:08:cb:
5a:9d:d8:89:0c:7c:5b:35:e4:db:6a:a8:c3:a3:b8:a8:8a:75:
1e:a0:9a:65:81:14:d9:ef:3c:42:b6:d6:86:ea:e1:b2:4b:8a:
28:55:46:1c:64:82:94:59:8f:25:38:be:8f:b2:80:1f:76:f3:
08:9e:f8:15:9b:b4:60:70:25:0a:e2:6e:2d:71:95:d4:db:e3:
d7:1c:ad:c6:31:41:fe:93:75:a1:bc:3b:07:4a:27:fe:70:b7:
fe:fa:d6:57:51:1a:de:0f:b2:c6:6e:5e:86:f7:ad:3a:7a:15:
ad:f2:98:7e:59:c8:39:b6:6e:4e:a3:6d:af:bd:3a:e5:7c:28:
90:b3:86:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX1P7z3eV4hy4TjfYBlpL82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNDAyMDY0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjVjZjk3MzE5NGUzZmNjMTRkNmI0NTJlZWY0MDMwNWJjOTk2YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhGqad/qhaIdU35eJqMuzSw9996t
J9rogh1gJH64adQfo5kiLRhttwGytZZAWm0drw0mnPDD20vIIwBin/VAWwj3/c11
/2sRAFNlsXqBjKbHUSb6QtzsI26eVuZIVT5QRQKlTb1qOjKl6NFi/US6GZN8GdVb
AnmNmjV+gsxawy1wfYk7wF/DodG3RE3OCjRy6ZjGJtU5xjTzUOTRH31Aokz3I3Gl
OYbHoAETJeuO46weIQHQaQeNF0FWY70giBvLF5nS0187ZSTYaNjT+wRdfZ3jYcpI
wen7Qbgt74qPkkRmGv1rMERqnzOOGNCtAA7276WwV+5oz7Xz9CeSbp9h5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZc+XMZTj/MFNa0Uu70AwW8mWwCMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveGx6NWN4bE9QOHdVMXJSUzd2UURCYnlaYkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAqj7vAwQB
qj70AwQAwY46MA0GCSqGSIb3DQEBCwUAA4IBAQDREHamqyjQdl/hFc2V+voYOoOb
3QQSdxaYpY2wxITlI6o8EdFr3/Qi9Q54XxPRI/kTwM2pm1TXDJe6jbhEje6jwTtk
NfIRbhBCf+5m1VKX6xtSofFy5Gpogh3WpkrbdwZ44O9/3uDS0cKJ5WMTVpdX0WH3
s8mVsQNBm3xbCMtandiJDHxbNeTbaqjDo7ioinUeoJplgRTZ7zxCttaG6uGyS4oo
VUYcZIKUWY8lOL6PsoAfdvMInvgVm7RgcCUK4m4tcZXU2+PXHK3GMUH+k3WhvDsH
Sif+cLf++tZXURreD7LGbl6G9606ehWt8ph+Wcg5tm5Oo22vvTrlfCiQs4bT
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:58 2025 by rpki-client