Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/03lwydKtCZHQEk2eJ-Xu7XO1GIM.roa
File: 03lwydKtCZHQEk2eJ-Xu7XO1GIM.roa (raw, json)
Hash identifier: ahW8tOJq3lMD+kt3AfOfhZmsXfW799orAq0O1PT1Py0=
Subject key identifier: D3:79:70:C9:D2:AD:09:91:D0:12:4D:9E:27:E5:EE:ED:73:B5:18:83
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6AC07A199669B4C9272934B8B4AD
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/03lwydKtCZHQEk2eJ-Xu7XO1GIM.roa
Signing time: Thu 02 Jan 2025 09:50:26 +0000
ROA not before: Thu 02 Jan 2025 09:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29456
IP address blocks: 82.151.96.0/19 maxlen: 19
82.151.110.0/24 maxlen: 24
95.71.104.0/21 maxlen: 21
109.62.128.0/17 maxlen: 24
109.62.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6a:c0:7a:19:96:69:b4:c9:27:29:34:b8:b4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d37970c9d2ad0991d0124d9e27e5eeed73b51883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:42:c7:30:f0:62:b5:20:80:89:83:2a:2c:a1:
3e:22:11:9d:5c:4a:31:8f:0f:d1:3f:dc:30:d6:ae:
5f:a1:83:96:1b:a7:de:4f:28:4c:5f:8e:0e:a4:65:
c5:b3:ef:09:f0:94:4a:5b:08:f2:5d:c0:eb:4a:d5:
b7:b6:86:d5:46:46:40:cc:24:d6:c4:c1:b8:53:10:
9c:de:05:19:99:58:3e:05:72:bd:8a:c3:ff:c0:05:
b7:92:4a:61:7f:f2:30:0d:fb:91:6a:df:ae:78:de:
82:4a:f7:c8:94:2e:5b:ea:fb:09:4f:9f:68:a0:4d:
a6:74:d8:6f:b2:9a:da:01:c0:0d:79:da:c3:88:c5:
9c:e3:af:01:9e:68:42:30:62:fa:44:17:de:06:10:
81:9f:6e:74:2e:d6:1f:18:ce:46:5f:4c:cd:26:0c:
d1:99:d1:78:e2:8e:de:72:41:b4:33:87:51:ab:fa:
73:c7:22:97:2d:ed:c0:32:6c:7b:1d:ba:31:a5:ed:
76:ec:ce:24:96:15:18:2e:71:16:e4:e3:d7:93:07:
08:58:85:3b:1d:83:db:cf:a2:98:b3:4e:24:04:68:
ff:1a:72:ae:b0:56:14:de:ed:5d:6c:79:98:2a:56:
16:c9:25:40:12:3f:c6:a9:a3:7a:e0:27:d6:10:9e:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:70:C9:D2:AD:09:91:D0:12:4D:9E:27:E5:EE:ED:73:B5:18:83
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/03lwydKtCZHQEk2eJ-Xu7XO1GIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.151.96.0/19
95.71.104.0/21
109.62.128.0/17
Signature Algorithm: sha256WithRSAEncryption
6a:0a:92:d2:44:24:ea:0a:b1:2a:70:d5:a7:b1:c7:e4:b5:45:
c9:13:c5:84:3e:2a:0c:49:97:64:1c:46:a3:a4:d9:26:e7:e3:
95:c3:79:5a:70:92:ba:ef:9d:c0:e8:ca:3d:16:83:5d:8c:3d:
96:31:8d:de:f3:13:af:9c:82:29:ac:d9:c7:a2:e7:d9:97:ac:
4c:ca:05:59:bf:72:e8:44:79:10:ef:54:c4:96:a8:30:fc:fe:
5f:28:65:89:92:d2:e8:03:24:8d:7e:d1:49:fc:69:2b:1e:59:
0e:2a:81:fd:cd:3a:cd:5c:75:95:3d:45:86:97:fa:91:b8:1f:
1a:da:09:6c:97:d8:96:5f:2b:85:08:50:8d:8f:6f:ae:60:40:
9a:98:7c:79:1c:af:7e:7e:75:d0:23:af:34:31:f1:79:5f:e2:
1c:c6:02:dc:65:29:62:19:72:10:73:ac:7e:59:5c:b1:78:b5:
dd:a4:11:71:aa:b9:f5:38:46:aa:5d:f3:39:a2:bd:2c:f3:c1:
91:fa:27:a3:ca:d2:e4:93:4a:29:f0:a5:0a:8d:12:db:ce:2c:
1c:62:81:c0:d5:6f:88:06:47:28:80:47:c5:6c:8f:36:31:74:
1c:53:82:25:41:10:2a:e4:e1:fb:a0:bd:da:09:f1:19:63:25:
c0:f5:21:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbGrAehmWabTJJyk0uLStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc5NzBjOWQyYWQwOTkxZDAxMjRkOWUyN2U1ZWVlZDczYjUxODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kLHMPBitSCAiYMqLKE+IhGdXEox
jw/RP9ww1q5foYOWG6feTyhMX44OpGXFs+8J8JRKWwjyXcDrStW3tobVRkZAzCTW
xMG4UxCc3gUZmVg+BXK9isP/wAW3kkphf/IwDfuRat+ueN6CSvfIlC5b6vsJT59o
oE2mdNhvspraAcANedrDiMWc468BnmhCMGL6RBfeBhCBn250LtYfGM5GX0zNJgzR
mdF44o7eckG0M4dRq/pzxyKXLe3AMmx7Hboxpe127M4klhUYLnEW5OPXkwcIWIU7
HYPbz6KYs04kBGj/GnKusFYU3u1dbHmYKlYWySVAEj/GqaN64CfWEJ4aswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNN5cMnSrQmR0BJNnifl7u1ztRiDMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMDNsd3lkS3RDWkhRRWsyZUotWHU3WE8xR0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFUpdgAwQD
X0doAwQHbT6AMA0GCSqGSIb3DQEBCwUAA4IBAQBqCpLSRCTqCrEqcNWnscfktUXJ
E8WEPioMSZdkHEajpNkm5+OVw3lacJK6753A6Mo9FoNdjD2WMY3e8xOvnIIprNnH
oufZl6xMygVZv3LoRHkQ71TElqgw/P5fKGWJktLoAySNftFJ/GkrHlkOKoH9zTrN
XHWVPUWGl/qRuB8a2glsl9iWXyuFCFCNj2+uYECamHx5HK9+fnXQI680MfF5X+Ic
xgLcZSliGXIQc6x+WVyxeLXdpBFxqrn1OEaqXfM5or0s88GR+iejytLkk0op8KUK
jRLbziwcYoHA1W+IBkcogEfFbI82MXQcU4IlQRAq5OH7oL3aCfEZYyXA9SEc
-----END CERTIFICATE-----
Generated at Fri May 2 15:39:03 2025 by rpki-client