Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cxwuK9Z0rB7HylKEUoR3Yg2ezws.roa
File: cxwuK9Z0rB7HylKEUoR3Yg2ezws.roa (raw, json)
Hash identifier: ceM/yHHu6KSw6DQvKp1J3q+MTikdPxdgqZ19CLACXgY=
Subject key identifier: 73:1C:2E:2B:D6:74:AC:1E:C7:CA:52:84:52:84:77:62:0D:9E:CF:0B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0196827C0EDFE655CAD239CDDE621E4E2A39
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cxwuK9Z0rB7HylKEUoR3Yg2ezws.roa
Signing time: Tue 29 Apr 2025 16:58:10 +0000
ROA not before: Tue 29 Apr 2025 16:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
45.12.216.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 16:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:7c:0e:df:e6:55:ca:d2:39:cd:de:62:1e:4e:2a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Apr 29 16:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=731c2e2bd674ac1ec7ca5284528477620d9ecf0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9e:6e:6d:b4:89:4a:30:65:f1:53:4a:f1:ab:
df:21:4d:cb:8f:83:ba:18:f8:05:11:a9:9d:4f:75:
fd:7f:c8:2e:e1:b1:82:04:fd:5b:fb:b6:d0:d6:4a:
c0:fc:b2:46:67:4e:ef:66:56:a1:e8:1d:c7:54:c7:
c0:30:d0:c2:e3:d2:c8:44:cc:d8:0e:65:6b:56:f5:
d7:96:7a:9f:a3:88:ac:c3:d6:e2:58:11:e3:73:39:
a2:3b:14:fa:2a:45:e1:73:02:cd:b6:16:fa:25:cb:
70:fb:f5:81:8f:a4:ac:aa:05:24:76:41:91:19:4b:
68:4d:94:a8:3b:f6:e4:a8:39:6d:57:1e:03:9f:b9:
64:bf:55:c3:7d:a7:4e:fe:9c:03:e1:9d:e1:79:c0:
53:12:a8:71:06:d3:50:3f:8e:f6:e4:a6:0f:bb:62:
2f:ae:b1:d0:7d:f7:4a:5e:80:6a:8e:b9:90:cf:13:
f6:b5:47:ec:3d:6d:a7:35:28:47:f5:b4:eb:94:df:
64:b7:f1:dc:74:8e:ab:d8:0d:ec:18:6b:b3:1a:3d:
b3:42:cd:a0:f2:6d:70:ca:42:af:fb:87:0f:00:ac:
0b:27:7b:0b:e3:a8:ec:09:cb:88:c5:4e:25:fb:9f:
31:55:ef:24:d9:c3:52:0f:00:4e:fd:38:bf:e3:b2:
66:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1C:2E:2B:D6:74:AC:1E:C7:CA:52:84:52:84:77:62:0D:9E:CF:0B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cxwuK9Z0rB7HylKEUoR3Yg2ezws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.178.97.0/24
45.12.216.0/24
45.12.219.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3f:65:66:3b:4e:50:33:95:79:4f:a7:22:cc:56:4f:0e:46:
0b:3a:c8:60:c9:24:e2:0b:f4:a4:82:f2:31:74:1b:3b:4b:4d:
79:a3:2b:c6:04:87:0a:93:16:7e:33:7e:22:cb:af:bf:2d:2a:
07:86:21:6d:cd:07:9c:61:36:72:cc:49:1d:75:f8:37:f8:15:
c2:84:fe:4f:af:08:47:e1:18:dc:55:3c:ae:32:8f:c9:4e:32:
a8:66:7a:f6:6b:ec:8e:59:82:62:4c:f7:a8:53:3c:f1:00:82:
7e:0e:2b:29:ef:71:da:42:9a:5d:a8:c2:1c:39:a6:8c:78:e8:
e6:28:02:e9:57:79:b6:e9:5b:ff:03:e4:c3:b7:dc:88:c5:70:
8e:cf:57:df:45:32:4b:ce:4b:39:ce:58:ea:63:49:3a:06:9d:
2e:b2:5d:b0:d4:7b:f8:39:f8:c4:5d:1b:34:24:01:a3:1d:0d:
91:d0:1e:6a:29:34:82:4c:79:50:ea:60:e2:8f:bf:73:f0:c8:
50:0f:06:96:7d:30:d9:c7:54:5d:2b:60:f8:b4:fd:3b:56:87:
69:04:c3:6b:d7:c8:a9:04:1c:7d:90:ef:fd:52:8f:25:da:c8:
d7:53:50:8c:8a:cd:1a:74:9d:4f:18:b4:9e:a5:f7:29:21:93:
ff:a2:a5:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaCfA7f5lXK0jnN3mIeTio5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwNDI5MTY1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFjMmUyYmQ2NzRhYzFlYzdjYTUyODQ1Mjg0Nzc2MjBkOWVjZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ5ubbSJSjBl8VNK8avfIU3Lj4O6
GPgFEamdT3X9f8gu4bGCBP1b+7bQ1krA/LJGZ07vZlah6B3HVMfAMNDC49LIRMzY
DmVrVvXXlnqfo4isw9biWBHjczmiOxT6KkXhcwLNthb6Jctw+/WBj6SsqgUkdkGR
GUtoTZSoO/bkqDltVx4Dn7lkv1XDfadO/pwD4Z3hecBTEqhxBtNQP4725KYPu2Iv
rrHQffdKXoBqjrmQzxP2tUfsPW2nNShH9bTrlN9kt/HcdI6r2A3sGGuzGj2zQs2g
8m1wykKv+4cPAKwLJ3sL46jsCcuIxU4l+58xVe8k2cNSDwBO/Ti/47JmVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHMcLivWdKwex8pShFKEd2INns8LMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvY3h3dUs5WjByQjdIeWxLRVVvUjNZZzJlendzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABSf4AwQA
BbJhAwQALQzYAwQALQzbMA0GCSqGSIb3DQEBCwUAA4IBAQCeP2VmO05QM5V5T6ci
zFZPDkYLOshgySTiC/SkgvIxdBs7S015oyvGBIcKkxZ+M34iy6+/LSoHhiFtzQec
YTZyzEkddfg3+BXChP5PrwhH4RjcVTyuMo/JTjKoZnr2a+yOWYJiTPeoUzzxAIJ+
Disp73HaQppdqMIcOaaMeOjmKALpV3m26Vv/A+TDt9yIxXCOz1ffRTJLzks5zljq
Y0k6Bp0usl2w1Hv4OfjEXRs0JAGjHQ2R0B5qKTSCTHlQ6mDij79z8MhQDwaWfTDZ
x1RdK2D4tP07VodpBMNr18ipBBx9kO/9Uo8l2sjXU1CMis0adJ1PGLSepfcpIZP/
oqXN
-----END CERTIFICATE-----
Generated at Wed May 7 00:54:40 2025 by rpki-client