Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/XtmDae46QkYa7sEtA72HCIbTV4Q.roa
File: XtmDae46QkYa7sEtA72HCIbTV4Q.roa (raw, json)
Hash identifier: ao7gCVHbh6StUEiDryV1leL/0iZ1OGU6VawDFaNVP8A=
Subject key identifier: 5E:D9:83:69:EE:3A:42:46:1A:EE:C1:2D:03:BD:87:08:86:D3:57:84
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 01963D815D73D4BC4D62E8E8F8B2ABA8ECE5
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/XtmDae46QkYa7sEtA72HCIbTV4Q.roa
Signing time: Wed 16 Apr 2025 07:30:10 +0000
ROA not before: Wed 16 Apr 2025 07:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 94.16.30.0/23 maxlen: 23
94.16.30.128/25 maxlen: 25
94.16.104.0/22 maxlen: 24
94.16.108.0/22 maxlen: 24
94.16.112.0/21 maxlen: 24
94.16.120.0/22 maxlen: 24
185.216.176.0/22 maxlen: 22
185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
193.26.156.0/22 maxlen: 22
194.36.144.0/22 maxlen: 22
2a00:11c0:5d::/48 maxlen: 48
2a00:11c0:5f::/48 maxlen: 48
2a00:11c0:60::/48 maxlen: 48
2a00:11c0:81::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 22:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:81:5d:73:d4:bc:4d:62:e8:e8:f8:b2:ab:a8:ec:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Apr 16 07:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ed98369ee3a42461aeec12d03bd870886d35784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2c:c6:ea:15:de:19:c8:55:8a:c6:1c:e0:71:
74:be:e0:60:a0:b2:b5:99:4e:09:64:42:ec:44:97:
62:b8:49:bc:6e:d4:fb:47:53:5d:5f:9d:a2:98:21:
54:a8:b2:15:90:a5:9a:7d:70:da:f0:11:cf:27:bc:
7b:2a:84:46:a4:a5:d7:b4:7d:b7:0a:cb:0f:23:c0:
d2:5e:67:ee:43:bf:eb:0f:d6:e1:f3:8a:c6:9b:2a:
87:95:60:a1:f9:6e:1e:82:88:9a:b9:93:98:09:2e:
85:4b:ca:db:3c:94:11:07:25:49:86:78:dc:69:db:
d0:cd:a2:f6:9f:b5:a1:e1:bf:bb:2b:30:6f:6d:c1:
16:c6:f2:66:78:b8:7c:20:8b:b7:4e:ba:df:5d:42:
b1:d4:c4:e1:e7:21:9c:1d:10:da:50:df:ac:30:20:
12:7b:b8:9a:59:cf:6a:eb:8d:b9:68:4b:95:9f:83:
d5:e7:0e:14:d6:2f:f0:3f:4c:75:ae:72:19:a7:b1:
1c:c7:3d:2f:eb:2f:d7:6d:80:b5:b1:1f:39:c1:23:
f2:8a:ef:27:23:bb:8a:fc:b6:e9:6c:8b:f7:b7:e4:
74:d8:fb:a0:0e:f6:2d:3d:b3:f6:a1:e5:87:43:37:
b2:c3:80:f7:be:3b:0e:7b:e8:73:83:5d:2d:4e:cc:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D9:83:69:EE:3A:42:46:1A:EE:C1:2D:03:BD:87:08:86:D3:57:84
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/XtmDae46QkYa7sEtA72HCIbTV4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
94.16.104.0-94.16.123.255
185.216.176.0/22
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:5d::/48
2a00:11c0:5f::-2a00:11c0:60:ffff:ffff:ffff:ffff:ffff
2a00:11c0:81::/56
Signature Algorithm: sha256WithRSAEncryption
15:58:8b:15:89:04:a8:42:e8:4e:87:1e:f4:73:90:ec:ff:24:
93:10:c6:fc:a1:74:32:83:e6:28:41:47:ad:fe:86:8e:30:92:
0c:1a:cb:68:4c:a5:42:6e:84:7a:cd:58:a9:29:59:23:1b:13:
64:c9:95:53:15:80:bb:ed:9e:97:80:b0:94:82:28:d5:2a:38:
24:e6:d8:f6:bc:68:33:eb:da:ab:fb:3f:db:e7:7c:22:4f:d2:
44:0c:07:87:fd:40:77:52:1b:30:53:73:6b:ca:36:41:fb:0d:
a4:4d:ef:c8:e0:18:30:bc:6e:03:aa:b6:05:2a:4f:ef:42:f8:
fa:64:e6:4d:98:4f:c7:2c:47:ea:32:19:24:9f:5d:9a:a9:a7:
08:a9:0c:4f:e1:07:28:42:ec:59:f6:a5:fd:a9:c1:bc:d9:01:
36:27:be:61:c0:9f:c8:4f:f8:2b:b8:0c:71:48:46:62:d0:44:
f5:d2:f1:f0:d2:20:eb:c2:f0:ee:0c:93:0c:cb:3f:82:03:e9:
53:f2:39:ce:34:72:98:ae:58:39:67:f2:37:b1:94:62:5f:a5:
01:6e:a5:cb:f6:b3:6f:15:19:80:9e:36:39:14:3c:5d:68:58:
02:43:cd:ce:b9:a4:e2:bc:76:da:a6:0b:91:a3:e0:05:ef:66:
7a:41:45:d0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZY9gV1z1LxNYujo+LKrqOzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwNDE2MDczMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ5ODM2OWVlM2E0MjQ2MWFlZWMxMmQwM2JkODcwODg2ZDM1Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwizG6hXeGchVisYc4HF0vuBgoLK1
mU4JZELsRJdiuEm8btT7R1NdX52imCFUqLIVkKWafXDa8BHPJ7x7KoRGpKXXtH23
CssPI8DSXmfuQ7/rD9bh84rGmyqHlWCh+W4egoiauZOYCS6FS8rbPJQRByVJhnjc
advQzaL2n7Wh4b+7KzBvbcEWxvJmeLh8IIu3TrrfXUKx1MTh5yGcHRDaUN+sMCAS
e7iaWc9q6425aEuVn4PV5w4U1i/wP0x1rnIZp7Ecxz0v6y/XbYC1sR85wSPyiu8n
I7uK/LbpbIv3t+R02PugDvYtPbP2oeWHQzeyw4D3vjsOe+hzg10tTsyKgQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFF7Zg2nuOkJGGu7BLQO9hwiG01eEMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvWHRtRGFlNDZRa1lhN3NFdEE3MkhDSWJUVjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA4BAIAATAyAwQBXhAeMAwD
BANeEGgDBAJeEHgDBAK52LADBAK56EQDBAG8rOQDBALBGpwDBALCJJAwLQQCAAIw
JwMHACoAEcAAXTASAwcAKgARwABfAwcAKgARwABgAwgAKgARwACBADANBgkqhkiG
9w0BAQsFAAOCAQEAFViLFYkEqELoToce9HOQ7P8kkxDG/KF0MoPmKEFHrf6GjjCS
DBrLaEylQm6Ees1YqSlZIxsTZMmVUxWAu+2el4CwlIIo1So4JObY9rxoM+vaq/s/
2+d8Ik/SRAwHh/1Ad1IbMFNza8o2QfsNpE3vyOAYMLxuA6q2BSpP70L4+mTmTZhP
xyxH6jIZJJ9dmqmnCKkMT+EHKELsWfal/anBvNkBNie+YcCfyE/4K7gMcUhGYtBE
9dLx8NIg68Lw7gyTDMs/ggPpU/I5zjRymK5YOWfyN7GUYl+lAW6ly/azbxUZgJ42
ORQ8XWhYAkPNzrmk4rx22qYLkaPgBe9mekFF0A==
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:18:24 2025 by rpki-client