Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/XhwSMGIs-RJh42PHFXzltSHF5Po.roa
File: XhwSMGIs-RJh42PHFXzltSHF5Po.roa (raw, json)
Hash identifier: fV4yfjd+EyERI+gquZwyYz9nAML4bAM6ZOC3xmM9+8s=
Subject key identifier: 5E:1C:12:30:62:2C:F9:12:61:E3:63:C7:15:7C:E5:B5:21:C5:E4:FA
Certificate issuer: /CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Certificate serial: 01968C18FE3161106A84BAD4D5DEECA888AB
Authority key identifier: 3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/XhwSMGIs-RJh42PHFXzltSHF5Po.roa
Signing time: Thu 01 May 2025 13:46:10 +0000
ROA not before: Thu 01 May 2025 13:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40065
IP address blocks: 37.77.80.0/21 maxlen: 24
74.113.236.0/23 maxlen: 24
103.143.178.0/23 maxlen: 24
172.96.38.0/23 maxlen: 24
192.198.184.0/23 maxlen: 24
199.36.102.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:18:fe:31:61:10:6a:84:ba:d4:d5:de:ec:a8:88:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Validity
Not Before: May 1 13:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1c1230622cf91261e363c7157ce5b521c5e4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:df:ab:d9:f7:b7:0a:7e:35:99:d2:cb:22:
b5:61:e4:a3:c3:6e:97:36:c6:88:9d:8d:88:ed:de:
9f:48:54:9c:ae:0a:4a:20:6d:c7:0b:86:46:22:78:
64:e5:49:c1:a8:04:6a:13:9f:db:46:10:d8:6d:55:
9e:6f:3c:c5:40:c9:2c:7d:24:5c:c3:67:ce:b7:a1:
83:95:f5:53:5e:23:de:33:a3:0c:52:97:d7:a1:eb:
31:4c:23:07:36:9a:9b:2f:7e:b6:3b:78:ba:ab:50:
54:70:6c:f8:82:a5:d7:7a:a2:bd:3c:69:62:f9:0e:
99:46:0d:01:2f:8e:b0:3c:2a:64:ef:a9:31:0f:43:
ba:de:75:1a:05:de:1e:27:97:51:41:30:e0:c7:56:
64:21:15:32:a5:80:c8:59:1d:cf:a6:f0:88:fb:c7:
8b:b2:14:fd:02:f6:75:45:5e:08:1f:db:99:1d:cc:
49:33:33:3d:cb:05:75:4a:6c:24:0a:96:66:0c:50:
75:37:d2:6e:00:be:10:90:4a:77:06:3a:0e:b0:ab:
50:b4:d5:ce:8c:13:0c:a7:5c:81:71:91:d1:66:85:
fc:0d:3f:96:74:74:b5:a7:d6:a5:af:c0:e2:3d:b2:
6b:a2:aa:c1:00:60:50:37:bf:4f:c2:7a:ff:06:57:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1C:12:30:62:2C:F9:12:61:E3:63:C7:15:7C:E5:B5:21:C5:E4:FA
X509v3 Authority Key Identifier:
keyid:3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/XhwSMGIs-RJh42PHFXzltSHF5Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.80.0/21
74.113.236.0/23
103.143.178.0/23
172.96.38.0/23
192.198.184.0/23
199.36.102.0/23
Signature Algorithm: sha256WithRSAEncryption
53:ce:bd:a4:05:ff:e2:c8:74:a1:17:bb:6c:16:1c:8d:54:e5:
f4:b1:21:12:bf:a9:ee:e1:82:0e:f4:a2:18:cc:49:73:21:2d:
38:9d:5b:24:e5:94:ce:94:44:98:52:d3:71:fa:3a:5b:1f:cb:
c2:33:61:73:27:f8:d5:95:cf:a4:db:a6:a2:07:51:e7:7e:bf:
44:de:83:83:b6:a7:70:84:62:4f:fa:54:22:19:b0:b4:ca:d7:
86:6c:0f:f3:94:78:b2:4c:c9:c7:85:f5:39:96:6b:e1:5e:71:
be:f1:10:96:32:0f:c2:94:e5:79:80:e9:59:81:c8:70:02:be:
0d:69:10:f9:1f:88:0e:b1:38:a0:e9:aa:d8:c7:3a:b0:ce:69:
31:f3:e3:66:fc:ef:8f:26:9d:c1:80:93:1a:55:f5:8c:60:85:
f0:9e:c2:93:16:4c:2e:a7:44:16:d0:11:36:00:07:ed:1a:60:
6c:66:14:5d:26:a2:8f:76:3b:ea:55:88:04:fe:f6:2d:63:81:
83:9b:0c:b1:b4:40:d6:f4:70:41:79:5b:da:48:12:9a:ad:cc:
88:c2:1e:f4:90:42:ed:b7:62:db:73:e3:50:9d:50:69:c8:c7:
5f:26:2e:63:c9:bb:15:39:18:57:36:cb:ea:29:30:fc:39:e3:
c5:c7:35:81
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaMGP4xYRBqhLrU1d7sqIirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWQ0YTMyOTcwMmUyYzk4MzFjZDM2MjYyYmJiN2ZhN2I5
N2RlMzcwHhcNMjUwNTAxMTM0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFjMTIzMDYyMmNmOTEyNjFlMzYzYzcxNTdjZTViNTIxYzVlNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF7fq9n3twp+NZnSyyK1YeSjw26X
NsaInY2I7d6fSFScrgpKIG3HC4ZGInhk5UnBqARqE5/bRhDYbVWebzzFQMksfSRc
w2fOt6GDlfVTXiPeM6MMUpfXoesxTCMHNpqbL362O3i6q1BUcGz4gqXXeqK9PGli
+Q6ZRg0BL46wPCpk76kxD0O63nUaBd4eJ5dRQTDgx1ZkIRUypYDIWR3PpvCI+8eL
shT9AvZ1RV4IH9uZHcxJMzM9ywV1SmwkCpZmDFB1N9JuAL4QkEp3BjoOsKtQtNXO
jBMMp1yBcZHRZoX8DT+WdHS1p9alr8DiPbJroqrBAGBQN79Pwnr/Blcu3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF4cEjBiLPkSYeNjxxV85bUhxeT6MB8GA1UdIwQY
MBaAFDpdSjKXAuLJgxzTYmK7t/p7l943MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEt
MmNlYThlMTUzNjMyLzEvWGh3U01HSXMtUkpoNDJQSEZYemx0U0hGNVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEtMmNlYThlMTUzNjMy
LzEvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJU1QAwQB
SnHsAwQBZ4+yAwQBrGAmAwQBwMa4AwQBxyRmMA0GCSqGSIb3DQEBCwUAA4IBAQBT
zr2kBf/iyHShF7tsFhyNVOX0sSESv6nu4YIO9KIYzElzIS04nVsk5ZTOlESYUtNx
+jpbH8vCM2FzJ/jVlc+k26aiB1Hnfr9E3oODtqdwhGJP+lQiGbC0yteGbA/zlHiy
TMnHhfU5lmvhXnG+8RCWMg/ClOV5gOlZgchwAr4NaRD5H4gOsTig6arYxzqwzmkx
8+Nm/O+PJp3BgJMaVfWMYIXwnsKTFkwup0QW0BE2AAftGmBsZhRdJqKPdjvqVYgE
/vYtY4GDmwyxtEDW9HBBeVvaSBKarcyIwh70kELtt2Lbc+NQnVBpyMdfJi5jybsV
ORhXNsvqKTD8OePFxzWB
-----END CERTIFICATE-----
Generated at Sun May 11 16:34:54 2025 by rpki-client