Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa
File: wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa (raw, json)
Hash identifier: xFPdoUnkz2JIkzmQ5taq1hUGjTFKvPuKX93R37CXGQk=
Subject key identifier: C1:DF:D4:A0:9A:A5:0B:A5:FC:98:A3:1F:4B:B3:BE:60:41:95:46:EA
Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Certificate serial: 019423D6B5C22D3614F4DFD49BFB237229D4
Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42779
IP address blocks: 77.244.112.0/20 maxlen: 20
77.244.116.0/23 maxlen: 23
77.244.118.0/23 maxlen: 23
77.244.124.0/23 maxlen: 23
77.244.126.0/23 maxlen: 23
2a02:4380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b5:c2:2d:36:14:f4:df:d4:9b:fb:23:72:29:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1dfd4a09aa50ba5fc98a31f4bb3be60419546ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:d2:4e:f7:fb:94:1a:df:db:47:ba:03:bc:
5f:9b:7a:e0:81:72:15:22:14:ec:55:24:96:1f:72:
44:0e:14:55:47:c5:e1:55:db:95:6a:e3:d5:b0:b1:
55:98:5c:35:d2:cc:e7:58:3e:be:e0:ff:03:09:74:
05:78:df:9d:fd:67:f1:17:67:2d:dc:8f:1c:b2:e5:
13:6b:b8:64:bc:65:3b:8a:23:ff:7c:fb:cd:9b:a9:
84:4c:21:03:d8:d9:50:f2:72:8a:88:6e:60:35:cb:
24:3d:18:e3:41:66:93:54:18:09:f4:4a:40:d8:00:
99:4a:ea:66:65:dd:89:b4:ba:17:c5:0f:37:5d:5a:
24:da:05:02:bd:79:3d:c6:d0:f8:b7:72:14:b5:71:
df:ef:ed:b2:9b:b1:55:ef:07:2c:be:51:fe:f1:c0:
e0:5a:ed:be:ec:52:59:60:f4:32:65:6b:24:ab:a8:
93:8d:1d:58:24:1f:30:b9:03:31:84:ee:8b:62:dd:
ee:e7:b9:b3:ea:aa:a0:52:da:7e:de:0a:91:bc:26:
5b:52:7a:e4:70:0b:46:9b:7c:6f:1d:b8:6d:4a:75:
6c:b4:70:07:52:c8:95:e3:2b:7c:47:0a:61:e0:8b:
d1:f1:6c:7f:22:35:4a:94:35:ee:6b:dc:82:b7:fc:
fd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DF:D4:A0:9A:A5:0B:A5:FC:98:A3:1F:4B:B3:BE:60:41:95:46:EA
X509v3 Authority Key Identifier:
keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.112.0/20
IPv6:
2a02:4380::/32
Signature Algorithm: sha256WithRSAEncryption
12:a2:2d:cb:d5:df:2f:12:20:37:36:fe:68:b0:e0:cd:31:ae:
13:a0:d5:ed:00:33:13:94:a6:fa:12:8b:c2:84:f6:c4:15:da:
f2:c9:c4:ed:96:9f:dc:28:cb:30:a8:21:cd:4c:5f:de:68:4f:
03:9c:d2:35:bb:df:4a:97:a0:b5:62:16:53:89:2e:92:95:b8:
bd:8d:11:4e:e3:c3:2c:17:66:27:48:af:4e:10:a7:13:85:4e:
4c:d3:9a:5e:ae:06:ea:03:4c:2e:0f:56:cf:33:68:cd:69:1d:
30:8d:c2:94:96:39:df:86:18:fd:7f:79:ce:59:7c:b5:06:3d:
8e:55:69:5b:8e:71:5d:90:11:1e:a2:00:75:1e:3a:96:5b:eb:
5c:64:c1:76:6f:4e:13:cd:ec:8a:ef:55:b0:09:2e:78:e3:40:
78:41:9c:a6:91:e2:9b:a1:da:aa:59:de:74:d0:29:aa:ac:a0:
84:aa:3f:45:ca:02:16:a1:3e:39:92:ee:e7:07:48:b4:ae:a1:
d9:49:ce:7a:3e:d4:05:36:2c:87:31:98:7e:20:d0:cd:c1:72:
a2:bf:4a:84:1c:c0:45:61:2d:5b:95:96:21:f7:93:f4:84:8b:
ab:f2:fc:96:09:bf:10:a8:84:b9:a5:3e:0d:dc:d7:4d:5e:e5:
63:25:bb:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1rXCLTYU9N/Um/sjcinUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz
OGRlMjEwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRmZDRhMDlhYTUwYmE1ZmM5OGEzMWY0YmIzYmU2MDQxOTU0NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6XSTvf7lBrf20e6A7xfm3rggXIV
IhTsVSSWH3JEDhRVR8XhVduVauPVsLFVmFw10sznWD6+4P8DCXQFeN+d/WfxF2ct
3I8csuUTa7hkvGU7iiP/fPvNm6mETCED2NlQ8nKKiG5gNcskPRjjQWaTVBgJ9EpA
2ACZSupmZd2JtLoXxQ83XVok2gUCvXk9xtD4t3IUtXHf7+2ym7FV7wcsvlH+8cDg
Wu2+7FJZYPQyZWskq6iTjR1YJB8wuQMxhO6LYt3u57mz6qqgUtp+3gqRvCZbUnrk
cAtGm3xvHbhtSnVstHAHUsiV4yt8Rwph4IvR8Wx/IjVKlDXua9yCt/z98wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMHf1KCapQul/JijH0uzvmBBlUbqMB8GA1UdIwQY
MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt
MzY5MmY3ODQxNjE5LzEvd2RfVW9KcWxDNlg4bUtNZlM3Ty1ZRUdWUnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5
LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQETfRwMA0E
AgACMAcDBQAqAkOAMA0GCSqGSIb3DQEBCwUAA4IBAQASoi3L1d8vEiA3Nv5osODN
Ma4ToNXtADMTlKb6EovChPbEFdryycTtlp/cKMswqCHNTF/eaE8DnNI1u99Kl6C1
YhZTiS6Slbi9jRFO48MsF2YnSK9OEKcThU5M05pergbqA0wuD1bPM2jNaR0wjcKU
ljnfhhj9f3nOWXy1Bj2OVWlbjnFdkBEeogB1HjqWW+tcZMF2b04TzeyK71WwCS54
40B4QZymkeKbodqqWd500CmqrKCEqj9FygIWoT45ku7nB0i0rqHZSc56PtQFNiyH
MZh+INDNwXKiv0qEHMBFYS1blZYh95P0hIur8vyWCb8QqIS5pT4N3NdNXuVjJbs9
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:05:13 2025 by rpki-client