Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/xn5m4EslppaLzMQirkAjRslNCRc.roa
File: xn5m4EslppaLzMQirkAjRslNCRc.roa (raw, json)
Hash identifier: UOBKdq1hXA/nlG6uZfbozsCpkf5JEX4D4dlwEvI1lPs=
Subject key identifier: C6:7E:66:E0:4B:25:A6:96:8B:CC:C4:22:AE:40:23:46:C9:4D:09:17
Certificate issuer: /CN=64dfe26d403141be9059ab2144325b402d4cab7d
Certificate serial: 01963E4FC697292D5BA24DF032A11D74E8A6
Authority key identifier: 64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/xn5m4EslppaLzMQirkAjRslNCRc.roa
Signing time: Wed 16 Apr 2025 11:15:37 +0000
ROA not before: Wed 16 Apr 2025 11:15:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 176.241.80.0/20 maxlen: 24
185.54.158.0/24 maxlen: 24
185.129.4.0/22 maxlen: 24
185.129.4.0/24 maxlen: 24
185.129.5.0/24 maxlen: 24
185.129.6.0/24 maxlen: 24
185.129.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:4f:c6:97:29:2d:5b:a2:4d:f0:32:a1:1d:74:e8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64dfe26d403141be9059ab2144325b402d4cab7d
Validity
Not Before: Apr 16 11:15:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c67e66e04b25a6968bccc422ae402346c94d0917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:05:52:3b:fb:15:5e:94:78:fb:21:ad:98:
c2:80:70:bb:4e:ac:37:7d:ed:f7:f2:5b:bb:6d:dd:
66:bd:f3:60:5f:0a:50:13:7a:c2:e6:16:73:47:2a:
b2:52:2e:e1:11:61:63:a9:fa:d1:72:85:dd:4e:e9:
d4:25:76:35:46:dd:0a:11:08:05:f8:b3:e2:0f:33:
25:13:e1:41:12:a6:0b:02:9b:bf:fc:f9:8c:94:82:
cf:4f:0c:ff:08:30:c9:26:06:4b:d9:0a:f3:93:c9:
e9:b0:19:90:7b:c1:22:de:41:5e:f1:64:f4:dc:9b:
a4:e4:5f:da:41:7b:8e:d7:87:4b:00:1b:12:7e:15:
7b:6d:4a:fe:9a:d4:79:15:1b:2d:6d:bd:cb:05:d8:
87:93:b8:6b:1d:8f:24:8c:80:a0:65:b3:50:6b:c6:
f7:86:9a:07:be:68:fe:65:1e:82:e2:6c:eb:f3:43:
e5:95:5c:3c:cf:df:12:79:ac:64:af:b3:05:7d:e3:
be:70:2c:6f:1d:5f:05:10:05:3d:9e:20:8d:2d:9c:
46:61:87:5e:52:b9:b7:83:67:65:d9:76:96:95:40:
cc:dc:f3:2c:58:db:f4:36:0d:54:91:b6:25:7d:1c:
db:15:c9:e1:de:ab:46:a3:02:07:0e:bb:6f:c1:b4:
95:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7E:66:E0:4B:25:A6:96:8B:CC:C4:22:AE:40:23:46:C9:4D:09:17
X509v3 Authority Key Identifier:
keyid:64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/xn5m4EslppaLzMQirkAjRslNCRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.241.80.0/20
185.54.158.0/24
185.129.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:88:d0:5e:e2:cf:78:9a:04:de:aa:cd:58:e4:d6:5b:e2:16:
d3:3b:b5:80:65:b9:dc:19:76:30:f9:32:dc:fd:19:e7:59:98:
4d:75:61:67:d9:e4:04:c8:1c:a0:3f:7e:ca:37:bf:d0:1b:25:
33:7e:4f:b9:95:60:dd:70:84:b1:7c:32:15:39:ab:0e:c8:de:
09:b6:79:64:4c:69:c1:67:81:c3:35:ee:72:9d:f8:4e:df:ba:
31:35:84:f8:a1:32:f3:93:a8:f5:c6:f6:1b:95:8c:4e:4f:b4:
14:35:37:35:cb:8d:d6:54:9c:bf:4b:18:7e:3a:01:24:a0:49:
41:50:82:3d:ef:01:b2:2f:d8:5b:ac:fa:ec:51:a1:cc:cd:3a:
49:c2:ac:3b:41:4b:da:c6:61:cc:1d:9b:11:55:31:f4:d9:e7:
da:b7:b4:27:3b:e3:0a:ff:6b:06:20:05:30:33:e1:cd:25:5e:
4b:31:79:6e:df:3e:32:98:fc:77:32:1d:99:c3:86:b5:ee:45:
f5:a5:19:74:69:9b:18:88:55:8e:56:e2:57:6d:45:f0:9b:d2:
18:2f:7e:7c:e8:08:89:f0:08:4a:ea:19:5e:f3:38:34:2c:d8:
2a:fe:d1:21:cd:79:e2:b2:06:46:cf:c9:f1:a7:01:2d:3c:7e:
2a:7c:e0:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY+T8aXKS1bok3wMqEddOimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGZlMjZkNDAzMTQxYmU5MDU5YWIyMTQ0MzI1YjQwMmQ0
Y2FiN2QwHhcNMjUwNDE2MTExNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjdlNjZlMDRiMjVhNjk2OGJjY2M0MjJhZTQwMjM0NmM5NGQwOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswkFUjv7FV6UePshrZjCgHC7Tqw3
fe338lu7bd1mvfNgXwpQE3rC5hZzRyqyUi7hEWFjqfrRcoXdTunUJXY1Rt0KEQgF
+LPiDzMlE+FBEqYLApu//PmMlILPTwz/CDDJJgZL2Qrzk8npsBmQe8Ei3kFe8WT0
3Juk5F/aQXuO14dLABsSfhV7bUr+mtR5FRstbb3LBdiHk7hrHY8kjICgZbNQa8b3
hpoHvmj+ZR6C4mzr80PllVw8z98Seaxkr7MFfeO+cCxvHV8FEAU9niCNLZxGYYde
Urm3g2dl2XaWlUDM3PMsWNv0Ng1UkbYlfRzbFcnh3qtGowIHDrtvwbSV6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZ+ZuBLJaaWi8zEIq5AI0bJTQkXMB8GA1UdIwQY
MBaAFGTf4m1AMUG+kFmrIUQyW0AtTKt9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDct
ZjY1NzUxOWQwMjMzLzEveG41bTRFc2xwcGFMek1RaXJrQWpSc2xOQ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDctZjY1NzUxOWQwMjMz
LzEvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEsPFQAwQA
uTaeAwQCuYEEMA0GCSqGSIb3DQEBCwUAA4IBAQB7iNBe4s94mgTeqs1Y5NZb4hbT
O7WAZbncGXYw+TLc/RnnWZhNdWFn2eQEyBygP37KN7/QGyUzfk+5lWDdcISxfDIV
OasOyN4JtnlkTGnBZ4HDNe5ynfhO37oxNYT4oTLzk6j1xvYblYxOT7QUNTc1y43W
VJy/Sxh+OgEkoElBUII97wGyL9hbrPrsUaHMzTpJwqw7QUvaxmHMHZsRVTH02efa
t7QnO+MK/2sGIAUwM+HNJV5LMXlu3z4ymPx3Mh2Zw4a17kX1pRl0aZsYiFWOVuJX
bUXwm9IYL3586AiJ8AhK6hle8zg0LNgq/tEhzXnisgZGz8nxpwEtPH4qfOCx
-----END CERTIFICATE-----
Generated at Wed May 7 09:01:20 2025 by rpki-client