Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/WBa-OMWvS5R9EiWcpIqPa_m7lKo.roa
File: WBa-OMWvS5R9EiWcpIqPa_m7lKo.roa (raw, json)
Hash identifier: JhWDx8KAw0uX/VJGQRKzvoZLcAnbsOAM+D0EwwgJJrs=
Subject key identifier: 58:16:BE:38:C5:AF:4B:94:7D:12:25:9C:A4:8A:8F:6B:F9:BB:94:AA
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 019425FD5FBF83B419C11F8AA66777DCEDB6
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/WBa-OMWvS5R9EiWcpIqPa_m7lKo.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211454
IP address blocks: 185.215.7.0/24 maxlen: 24
2a0a:d6c0:2157::/48 maxlen: 48
2a0a:d6c0:eff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5f:bf:83:b4:19:c1:1f:8a:a6:67:77:dc:ed:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5816be38c5af4b947d12259ca48a8f6bf9bb94aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9d:e3:3d:c3:f1:a2:e2:88:6b:46:55:a3:02:
d1:15:19:b3:26:45:7d:e6:44:51:75:27:05:01:8f:
69:55:37:ab:f9:c8:dc:22:8e:a8:97:5f:cf:a3:94:
9c:71:4c:62:bb:a8:25:fc:ee:05:1f:bf:50:58:db:
f6:86:db:87:d4:82:3e:0f:00:c3:6a:93:d6:68:f2:
8a:9c:d6:b7:f5:b4:18:f6:44:bd:18:9f:90:05:b7:
38:8d:62:38:f4:9a:ad:01:3b:8f:52:e3:33:b2:5e:
f3:4b:66:d5:a4:e5:ab:07:b8:ea:68:4a:11:93:42:
53:8d:11:7a:31:d0:7d:57:75:83:f3:ed:a7:08:98:
5b:e7:00:43:f0:6d:e6:79:79:a3:c3:cc:77:37:60:
b1:1a:aa:37:b9:a9:a5:16:3b:d0:65:58:5c:05:d4:
a4:6f:71:ed:14:a8:0c:1f:0e:3e:a8:ba:35:2f:63:
ca:38:85:c9:06:2f:d1:a2:59:1b:99:15:0a:d9:3e:
2a:52:c6:df:9a:19:fd:29:0a:b8:3d:0f:d3:db:da:
25:57:e8:4b:a0:00:e7:1b:8e:ce:5c:a4:67:2c:f5:
d0:06:43:48:5c:73:47:7f:6a:9d:63:ef:0e:a0:5f:
24:d8:3c:9b:1d:20:f9:d6:7f:14:86:48:3c:bb:65:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:16:BE:38:C5:AF:4B:94:7D:12:25:9C:A4:8A:8F:6B:F9:BB:94:AA
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/WBa-OMWvS5R9EiWcpIqPa_m7lKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.7.0/24
IPv6:
2a0a:d6c0:2157::/48
2a0a:d6c0:eff4::/48
Signature Algorithm: sha256WithRSAEncryption
ab:98:cf:7f:29:bb:44:34:62:a5:d4:b0:9a:ce:00:8e:e7:b9:
bf:07:04:7c:6f:69:fb:26:64:62:5c:78:b5:eb:31:c8:72:89:
50:1a:af:5b:9e:ed:a7:a8:25:c9:36:5a:46:fa:87:59:76:d8:
c3:cc:a6:c2:8a:d7:80:7a:99:9c:5f:fb:ac:9f:00:5e:39:3b:
71:04:c5:c6:3d:86:bd:dd:b3:ba:6d:a9:f9:4c:7e:1b:d1:a9:
17:db:6c:8d:4f:4c:44:34:89:af:70:4c:65:01:53:23:3c:38:
e4:77:b2:d6:27:bc:fd:1c:e5:13:23:42:9c:4e:d2:a7:13:84:
b0:8c:ac:cb:bc:5a:20:9a:a8:42:31:85:38:56:65:02:32:de:
fb:ce:e3:1b:53:42:d8:74:72:ed:43:97:27:58:0a:04:cb:91:
97:5e:4a:49:9d:06:9c:67:3a:f8:c2:8f:2c:2b:55:71:d4:b3:
1b:af:ef:be:4e:b0:f3:22:9c:5f:67:92:77:46:a9:8b:94:85:
cf:35:f4:81:d2:42:2e:6e:55:38:2f:98:a1:f2:dd:e6:e1:5c:
c0:14:06:9e:04:45:1a:cf:06:ba:04:b9:80:46:f4:c4:82:e3:
b3:43:d4:0e:20:81:64:dd:a7:38:f2:ae:df:2f:88:f9:82:c1:
0a:b9:b8:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/V+/g7QZwR+Kpmd33O22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE2YmUzOGM1YWY0Yjk0N2QxMjI1OWNhNDhhOGY2YmY5YmI5NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ3jPcPxouKIa0ZVowLRFRmzJkV9
5kRRdScFAY9pVTer+cjcIo6ol1/Po5SccUxiu6gl/O4FH79QWNv2htuH1II+DwDD
apPWaPKKnNa39bQY9kS9GJ+QBbc4jWI49JqtATuPUuMzsl7zS2bVpOWrB7jqaEoR
k0JTjRF6MdB9V3WD8+2nCJhb5wBD8G3meXmjw8x3N2CxGqo3uamlFjvQZVhcBdSk
b3HtFKgMHw4+qLo1L2PKOIXJBi/RolkbmRUK2T4qUsbfmhn9KQq4PQ/T29olV+hL
oADnG47OXKRnLPXQBkNIXHNHf2qdY+8OoF8k2DybHSD51n8Uhkg8u2U+zwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFgWvjjFr0uUfRIlnKSKj2v5u5SqMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvV0JhLU9NV3ZTNVI5RWlXY3BJcVBhX203bEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAudcHMBgE
AgACMBIDBwAqCtbAIVcDBwAqCtbA7/QwDQYJKoZIhvcNAQELBQADggEBAKuYz38p
u0Q0YqXUsJrOAI7nub8HBHxvafsmZGJceLXrMchyiVAar1ue7aeoJck2Wkb6h1l2
2MPMpsKK14B6mZxf+6yfAF45O3EExcY9hr3ds7ptqflMfhvRqRfbbI1PTEQ0ia9w
TGUBUyM8OOR3stYnvP0c5RMjQpxO0qcThLCMrMu8WiCaqEIxhThWZQIy3vvO4xtT
Qth0cu1DlydYCgTLkZdeSkmdBpxnOvjCjywrVXHUsxuv775OsPMinF9nkndGqYuU
hc819IHSQi5uVTgvmKHy3ebhXMAUBp4ERRrPBroEuYBG9MSC47ND1A4ggWTdpzjy
rt8viPmCwQq5uGA=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:02:24 2025 by rpki-client