Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/XdmrjuWzZy62aNAP27lIvhOU4pg.roa
File: XdmrjuWzZy62aNAP27lIvhOU4pg.roa (raw, json)
Hash identifier: GLuRF8qY+3QymEUwnc/Z5m+7OQeVn6lmu8CHrOCaebE=
Subject key identifier: 5D:D9:AB:8E:E5:B3:67:2E:B6:68:D0:0F:DB:B9:48:BE:13:94:E2:98
Certificate issuer: /CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Certificate serial: 0196C94C697952518084500E1FCE64ED43C2
Authority key identifier: 71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/XdmrjuWzZy62aNAP27lIvhOU4pg.roa
Signing time: Tue 13 May 2025 10:59:10 +0000
ROA not before: Tue 13 May 2025 10:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212616
IP address blocks: 91.230.48.0/24 maxlen: 24
93.175.32.0/19 maxlen: 24
93.175.40.0/24 maxlen: 24
93.175.41.0/24 maxlen: 24
93.175.42.0/24 maxlen: 24
93.175.45.0/24 maxlen: 24
93.175.47.0/24 maxlen: 24
93.175.57.0/24 maxlen: 24
93.175.58.0/24 maxlen: 24
93.175.59.0/24 maxlen: 24
93.175.60.0/24 maxlen: 24
176.97.214.0/24 maxlen: 24
2a0e:5b00::/29 maxlen: 48
2a0e:5b00::/48 maxlen: 48
2a0e:5b00:3::/48 maxlen: 48
2a0e:5b00:100::/48 maxlen: 48
2a0e:5b00:403::/48 maxlen: 48
2a0e:5b00:406::/48 maxlen: 48
2a0e:5b00:409::/48 maxlen: 48
2a0e:5b00:40f::/48 maxlen: 48
2a0e:5b00:411::/48 maxlen: 48
2a0e:5b00:412::/48 maxlen: 48
2a0e:5b00:413::/48 maxlen: 48
2a0e:5b00:415::/48 maxlen: 48
2a0e:5b00:418::/48 maxlen: 48
2a0e:5b00:419::/48 maxlen: 48
2a0e:5b00:41b::/48 maxlen: 48
2a0e:5b00:41d::/48 maxlen: 48
2a0e:5b00:41e::/48 maxlen: 48
2a0e:5b00:41f::/48 maxlen: 48
2a0e:5b00:420::/48 maxlen: 48
2a0e:5b00:500::/48 maxlen: 48
2a0e:5b00:a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 16:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:4c:69:79:52:51:80:84:50:0e:1f:ce:64:ed:43:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Validity
Not Before: May 13 10:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dd9ab8ee5b3672eb668d00fdbb948be1394e298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:56:a9:67:1a:3c:b1:9f:df:01:6d:5d:e5:cf:
67:1f:06:40:c0:ac:ee:03:d3:54:f9:94:ce:3b:ea:
83:7b:cf:42:f9:a9:fe:c8:70:03:1a:f8:f0:da:5a:
da:e0:dd:fa:10:19:89:73:10:9c:81:8d:24:e6:12:
0b:60:4a:f6:59:66:6f:c1:21:b0:88:7d:6b:49:9f:
19:48:f3:8c:7d:21:6c:b3:aa:86:93:6c:f9:c4:6b:
70:e4:e4:1c:eb:2b:dd:c8:c4:3a:db:b8:ea:54:8d:
f6:97:29:9c:42:a9:c2:94:76:b9:f4:db:7e:f9:e9:
6d:2d:38:09:95:2c:28:75:1a:c8:09:33:72:b5:a2:
c3:ff:a5:bf:f5:37:a4:4b:47:99:48:55:8f:67:c5:
a2:a6:b4:04:44:e9:24:e2:22:5e:6a:99:8f:b8:2f:
ad:4b:c2:3a:83:74:97:09:50:0c:a2:dc:8b:5a:e8:
16:8a:6f:d7:a9:2e:67:5b:f9:05:c6:6d:f8:cc:8e:
d8:da:cc:00:4a:a4:e0:34:b3:fb:2c:ee:8b:90:f3:
99:4c:bf:c6:b4:cc:cc:fe:f9:9e:bc:82:2e:ea:de:
78:7f:97:1c:91:23:0d:3e:d1:df:5c:d5:67:be:6f:
28:81:65:72:99:4a:72:e1:04:e7:d3:23:64:ba:44:
08:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D9:AB:8E:E5:B3:67:2E:B6:68:D0:0F:DB:B9:48:BE:13:94:E2:98
X509v3 Authority Key Identifier:
keyid:71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/XdmrjuWzZy62aNAP27lIvhOU4pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.48.0/24
93.175.32.0/19
176.97.214.0/24
IPv6:
2a0e:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
01:0d:11:bb:db:10:91:c8:3f:43:9e:4e:a7:82:51:7e:78:d5:
bf:5b:2a:c8:a6:71:10:d8:fa:9c:1a:d9:06:8c:43:66:ea:a0:
4e:6f:21:b4:3e:95:65:68:48:7d:20:5c:e7:70:14:c3:8b:35:
dd:49:55:bf:5a:e7:91:2a:e9:ae:9d:ee:76:45:93:f9:a9:e3:
60:80:02:04:73:f2:c8:c8:f2:70:62:bc:d0:92:9e:68:42:84:
17:6f:72:0c:6d:04:a6:4e:65:43:00:c7:a3:1a:41:e7:02:b7:
4f:c7:09:a3:d2:82:32:98:cb:0b:f3:ff:94:6c:ad:a5:ba:49:
19:df:7f:5f:59:71:c3:a7:cd:0e:c0:37:13:63:86:2e:df:ac:
e8:01:20:17:07:45:e4:e2:e7:3e:79:2f:22:d4:b8:61:62:15:
56:d8:fb:c6:a5:4e:6d:32:e2:a2:79:d0:18:a3:03:65:00:d3:
fe:90:75:c7:de:fa:99:14:89:8d:8f:33:15:2b:e1:27:63:a5:
5c:73:cb:f4:f5:dc:d5:36:0c:3e:35:2a:85:ec:58:41:10:81:
12:14:1e:fa:6d:ba:5d:b0:fc:1c:a9:0f:61:6e:71:0a:08:7b:
1b:24:88:91:1d:a3:85:42:9c:df:08:d4:bd:01:df:7b:ca:e4:
a6:c7:0d:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZbJTGl5UlGAhFAOH85k7UPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmYyMjY5ZDE1NjMzYmRiYzcxZDhjZDNmNDU4Y2JkMDNm
ZTAzMWYwHhcNMjUwNTEzMTA1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ5YWI4ZWU1YjM2NzJlYjY2OGQwMGZkYmI5NDhiZTEzOTRlMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFapZxo8sZ/fAW1d5c9nHwZAwKzu
A9NU+ZTOO+qDe89C+an+yHADGvjw2lra4N36EBmJcxCcgY0k5hILYEr2WWZvwSGw
iH1rSZ8ZSPOMfSFss6qGk2z5xGtw5OQc6yvdyMQ627jqVI32lymcQqnClHa59Nt+
+eltLTgJlSwodRrICTNytaLD/6W/9TekS0eZSFWPZ8WiprQEROkk4iJeapmPuC+t
S8I6g3SXCVAMotyLWugWim/XqS5nW/kFxm34zI7Y2swASqTgNLP7LO6LkPOZTL/G
tMzM/vmevIIu6t54f5cckSMNPtHfXNVnvm8ogWVymUpy4QTn0yNkukQI+QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF3Zq47ls2cutmjQD9u5SL4TlOKYMB8GA1UdIwQY
MBaAFHEvImnRVjO9vHHYzT9FjL0D/gMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUt
ZDE4YmFiOTUxNWJmLzEvWGRtcmp1V3paeTYyYU5BUDI3bEl2aE9VNHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUtZDE4YmFiOTUxNWJm
LzEvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+YwAwQF
Xa8gAwQAsGHWMA0EAgACMAcDBQMqDlsAMA0GCSqGSIb3DQEBCwUAA4IBAQABDRG7
2xCRyD9Dnk6nglF+eNW/WyrIpnEQ2PqcGtkGjENm6qBObyG0PpVlaEh9IFzncBTD
izXdSVW/WueRKumune52RZP5qeNggAIEc/LIyPJwYrzQkp5oQoQXb3IMbQSmTmVD
AMejGkHnArdPxwmj0oIymMsL8/+UbK2lukkZ339fWXHDp80OwDcTY4Yu36zoASAX
B0Xk4uc+eS8i1LhhYhVW2PvGpU5tMuKiedAYowNlANP+kHXH3vqZFImNjzMVK+En
Y6Vcc8v09dzVNgw+NSqF7FhBEIESFB76bbpdsPwcqQ9hbnEKCHsbJIiRHaOFQpzf
CNS9Ad97yuSmxw1w
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:03:22 2025 by rpki-client