Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/XtfUxUGkjCJuklebiN54Yxg8R5M.roa
File: XtfUxUGkjCJuklebiN54Yxg8R5M.roa (raw, json)
Hash identifier: 6ylTl3fnc+Bg9Pz92d7wJrvdCwc0XcQ4KZdtR4bRI4k=
Subject key identifier: 5E:D7:D4:C5:41:A4:8C:22:6E:92:57:9B:88:DE:78:63:18:3C:47:93
Certificate issuer: /CN=34e110b59362f673eae33b66ee7aea3c4028294e
Certificate serial: 0196A5A3B0DD3A2B55B25FD4F8E917780412
Authority key identifier: 34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/XtfUxUGkjCJuklebiN54Yxg8R5M.roa
Signing time: Tue 06 May 2025 12:48:10 +0000
ROA not before: Tue 06 May 2025 12:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29028
IP address blocks: 141.105.120.0/21 maxlen: 24
141.105.120.0/22 maxlen: 24
141.105.124.0/24 maxlen: 24
141.105.126.0/23 maxlen: 24
178.21.112.0/21 maxlen: 24
185.2.44.0/22 maxlen: 24
185.2.45.0/24 maxlen: 24
185.2.46.0/24 maxlen: 24
193.200.132.0/24 maxlen: 24
194.145.200.0/23 maxlen: 24
2a02:2308::/32 maxlen: 32
2a02:2308:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:a3:b0:dd:3a:2b:55:b2:5f:d4:f8:e9:17:78:04:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e110b59362f673eae33b66ee7aea3c4028294e
Validity
Not Before: May 6 12:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ed7d4c541a48c226e92579b88de7863183c4793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:6e:92:b6:bd:19:e0:ca:b9:0e:d5:87:28:
ff:43:12:4e:af:2e:5b:9d:6b:ab:31:7d:71:1d:f2:
45:7a:b3:25:b4:f4:bb:74:c4:0d:15:66:80:7c:db:
7f:a8:4f:e1:ab:0e:8a:6b:f9:5d:5d:f0:23:49:eb:
71:ec:4c:78:d0:48:4e:9a:73:c2:07:e7:ab:67:a4:
17:62:cb:de:7c:72:29:d1:bc:b4:5d:a7:f3:46:f8:
72:5e:78:d5:9b:0d:01:b0:fe:ff:1a:4b:b3:2b:e5:
5c:cf:f7:27:4f:8e:6d:23:8d:35:64:af:23:51:d1:
91:11:5d:12:e8:ed:c7:79:a6:fe:95:ab:de:4e:02:
e0:24:83:e3:32:5a:0c:ab:d5:5b:58:35:8e:42:4f:
cb:d0:b5:c4:81:db:83:b2:61:c3:68:e0:18:6d:f5:
11:9e:c2:a5:84:f6:ce:58:88:b3:e7:a1:10:25:62:
c9:27:20:72:e7:49:3a:e8:46:82:05:cc:df:85:d7:
9b:73:e8:58:60:f2:21:a1:d3:12:05:b3:5c:9e:bb:
8e:d2:f9:45:2f:11:16:0f:db:53:c0:cb:c5:5a:a8:
d0:68:21:01:62:11:90:5d:fe:8a:04:e5:2c:f6:61:
2a:f1:49:c8:bc:f5:ee:0f:f9:8f:9e:c7:e4:71:5c:
34:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D7:D4:C5:41:A4:8C:22:6E:92:57:9B:88:DE:78:63:18:3C:47:93
X509v3 Authority Key Identifier:
keyid:34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/XtfUxUGkjCJuklebiN54Yxg8R5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.120.0/21
178.21.112.0/21
185.2.44.0/22
193.200.132.0/24
194.145.200.0/23
IPv6:
2a02:2308::/32
Signature Algorithm: sha256WithRSAEncryption
2d:4b:c9:a9:63:02:f6:4e:3f:4f:91:2f:78:ad:1f:61:50:93:
8f:ed:f8:9e:5a:a5:33:25:44:47:cc:fd:89:8e:f3:ef:81:2f:
d1:38:7b:93:35:ed:63:ee:e9:83:9f:f4:28:0b:f2:db:08:f6:
a6:6f:46:46:b1:64:00:52:72:9d:e7:c8:b6:f8:56:ae:a9:a8:
48:5d:c6:15:6c:75:95:9b:a2:9b:c3:67:a9:6d:ff:81:b6:d1:
a8:5a:65:23:d2:00:de:8c:30:34:3d:a0:c1:c9:11:12:83:c7:
1b:bd:3d:01:c5:01:79:17:3a:3d:b3:60:3d:24:68:35:16:99:
cf:84:fb:07:fc:e3:47:91:0b:54:ef:22:72:07:bc:45:98:6a:
ef:8f:ee:ce:03:fa:d1:fd:19:7b:94:09:56:70:6b:11:b6:1f:
68:07:12:99:31:3a:6d:1c:74:b0:d5:26:d8:e0:ca:57:61:14:
be:10:0d:ac:d9:06:aa:d4:eb:6a:ad:33:db:eb:7e:6e:39:d3:
32:0c:a8:1c:72:fd:b2:33:09:82:33:8c:43:40:66:59:fa:4d:
ae:c6:fe:23:d8:a9:f5:2f:94:ce:d0:73:85:ed:28:32:b1:c7:
99:76:5d:cb:11:5d:67:37:b0:88:6f:d1:f0:94:41:72:51:4e:
a5:82:0c:66
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZalo7DdOitVsl/U+OkXeAQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTExMGI1OTM2MmY2NzNlYWUzM2I2NmVlN2FlYTNjNDAy
ODI5NGUwHhcNMjUwNTA2MTI0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ3ZDRjNTQxYTQ4YzIyNmU5MjU3OWI4OGRlNzg2MzE4M2M0NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCtukra9GeDKuQ7Vhyj/QxJOry5b
nWurMX1xHfJFerMltPS7dMQNFWaAfNt/qE/hqw6Ka/ldXfAjSetx7Ex40EhOmnPC
B+erZ6QXYsvefHIp0by0XafzRvhyXnjVmw0BsP7/GkuzK+Vcz/cnT45tI401ZK8j
UdGREV0S6O3Heab+laveTgLgJIPjMloMq9VbWDWOQk/L0LXEgduDsmHDaOAYbfUR
nsKlhPbOWIiz56EQJWLJJyBy50k66EaCBczfhdebc+hYYPIhodMSBbNcnruO0vlF
LxEWD9tTwMvFWqjQaCEBYhGQXf6KBOUs9mEq8UnIvPXuD/mPnsfkcVw0BQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF7X1MVBpIwibpJXm4jeeGMYPEeTMB8GA1UdIwQY
MBaAFDThELWTYvZz6uM7Zu566jxAKClOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYt
MWJiMjdjNWQzOTdlLzEvWHRmVXhVR2tqQ0p1a2xlYmlONTRZeGc4UjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYtMWJiMjdjNWQzOTdl
LzEvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDjWl4AwQD
shVwAwQCuQIsAwQAwciEAwQBwpHIMA0EAgACMAcDBQAqAiMIMA0GCSqGSIb3DQEB
CwUAA4IBAQAtS8mpYwL2Tj9PkS94rR9hUJOP7fieWqUzJURHzP2JjvPvgS/ROHuT
Ne1j7umDn/QoC/LbCPamb0ZGsWQAUnKd58i2+FauqahIXcYVbHWVm6Kbw2epbf+B
ttGoWmUj0gDejDA0PaDByRESg8cbvT0BxQF5Fzo9s2A9JGg1FpnPhPsH/ONHkQtU
7yJyB7xFmGrvj+7OA/rR/Rl7lAlWcGsRth9oBxKZMTptHHSw1SbY4MpXYRS+EA2s
2Qaq1OtqrTPb635uOdMyDKgccv2yMwmCM4xDQGZZ+k2uxv4j2Kn1L5TO0HOF7Sgy
sceZdl3LEV1nN7CIb9HwlEFyUU6lggxm
-----END CERTIFICATE-----
Generated at Fri May 9 02:53:15 2025 by rpki-client