Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/wKFImUWqJAZ63I73CUY6kU8vkUQ.roa
File: wKFImUWqJAZ63I73CUY6kU8vkUQ.roa (raw, json)
Hash identifier: 6TgnMHnPVKyV4LoYC0bcNEIls6efji/PtDzWQK1yR8M=
Subject key identifier: C0:A1:48:99:45:AA:24:06:7A:DC:8E:F7:09:46:3A:91:4F:2F:91:44
Certificate issuer: /CN=58e02f2ca81ab802939530156e9631b18f515840
Certificate serial: 019602F4094C52E213B7F2C969E6999B101D
Authority key identifier: 58:E0:2F:2C:A8:1A:B8:02:93:95:30:15:6E:96:31:B1:8F:51:58:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOAvLKgauAKTlTAVbpYxsY9RWEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/wKFImUWqJAZ63I73CUY6kU8vkUQ.roa
Signing time: Fri 04 Apr 2025 22:37:49 +0000
ROA not before: Fri 04 Apr 2025 22:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44925
IP address blocks: 89.147.108.0/22 maxlen: 22
93.95.224.0/21 maxlen: 21
185.112.144.0/22 maxlen: 22
195.246.230.0/23 maxlen: 23
2a00:5ee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/WOAvLKgauAKTlTAVbpYxsY9RWEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/WOAvLKgauAKTlTAVbpYxsY9RWEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WOAvLKgauAKTlTAVbpYxsY9RWEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:02:f4:09:4c:52:e2:13:b7:f2:c9:69:e6:99:9b:10:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58e02f2ca81ab802939530156e9631b18f515840
Validity
Not Before: Apr 4 22:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0a1489945aa24067adc8ef709463a914f2f9144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d5:76:97:8f:c3:f6:20:53:30:2e:9c:e3:0c:
35:ec:45:8f:98:68:12:a3:5f:21:ee:f4:4e:4d:d2:
d7:a5:e8:5b:7a:9e:16:03:d4:4b:f2:86:ba:24:14:
7e:19:84:ce:b3:5e:6c:80:ed:0b:c5:09:03:77:42:
b0:52:83:d3:7b:63:d0:64:4f:30:c2:e1:88:1d:f4:
79:24:d3:90:de:f7:a8:f0:2c:55:3c:15:e0:35:9f:
5f:f5:cc:e3:51:7b:25:a6:20:09:f5:bc:7f:be:7c:
0c:47:8b:b9:5b:fb:29:b6:14:5b:bf:b8:8f:cb:20:
ed:ac:c6:14:48:48:67:69:a2:e6:23:0d:27:fa:bf:
aa:26:b4:aa:84:c9:d0:7d:f5:91:4e:36:14:a4:52:
35:9b:6f:9a:75:26:c6:be:1b:bc:4c:4b:ba:75:b4:
d5:70:6d:00:23:7f:af:93:fe:35:f5:1d:91:9b:c9:
73:21:4c:64:8f:2e:27:ae:d6:c9:07:e7:a5:69:9c:
dc:f0:fa:2d:c4:1c:1c:b1:f0:47:c0:81:96:7c:dd:
2c:b6:6e:22:e8:d5:01:84:6e:a7:b1:5d:3e:3f:41:
ef:6c:e5:8c:86:0f:73:c2:8b:73:36:63:85:50:6b:
b9:5e:c7:e2:37:10:6a:34:6b:fd:e5:47:23:36:05:
a3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A1:48:99:45:AA:24:06:7A:DC:8E:F7:09:46:3A:91:4F:2F:91:44
X509v3 Authority Key Identifier:
keyid:58:E0:2F:2C:A8:1A:B8:02:93:95:30:15:6E:96:31:B1:8F:51:58:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOAvLKgauAKTlTAVbpYxsY9RWEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/wKFImUWqJAZ63I73CUY6kU8vkUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/WOAvLKgauAKTlTAVbpYxsY9RWEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.108.0/22
93.95.224.0/21
185.112.144.0/22
195.246.230.0/23
IPv6:
2a00:5ee0::/32
Signature Algorithm: sha256WithRSAEncryption
09:fd:87:22:ee:5a:54:d9:c8:9e:24:6c:d2:5d:0d:dc:cd:e6:
ed:28:c7:6d:3a:a0:f2:95:d9:26:07:82:ed:58:77:5a:d8:e0:
ce:f2:5b:d8:d6:e2:fb:5b:ea:57:0b:33:c2:44:7d:ad:22:90:
8b:51:b9:25:22:d5:f3:6a:53:ca:e6:f6:1f:1a:7f:15:60:83:
e6:e6:57:cd:4c:9c:ad:6f:28:62:cd:fe:e9:45:cd:3e:3c:a1:
5c:1f:b0:51:f0:1a:4e:27:ab:15:0d:13:7e:71:32:08:db:d8:
b6:b9:62:2c:73:88:dc:79:71:6e:50:d8:d1:69:f9:9e:52:3d:
42:01:53:e6:d7:8d:38:eb:3e:fa:36:ce:f3:5b:62:71:4d:75:
cc:90:22:f8:b7:b2:79:ee:fc:54:03:5c:be:13:cf:73:33:88:
da:8a:bf:b5:51:ce:b2:02:0c:86:77:ed:12:39:19:39:dc:75:
51:7c:4b:f7:33:20:0b:33:4d:18:5a:d7:bc:3e:20:66:49:b8:
de:4e:7c:fd:19:2d:90:8c:d8:e9:e3:fc:fe:da:3e:15:76:a7:
51:1e:c1:52:0a:3d:a1:00:5a:30:b2:95:5f:6f:5a:39:03:d4:
be:fe:97:00:82:42:4c:16:11:36:7a:9a:27:d2:da:10:7a:7b:
09:27:88:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZYC9AlMUuITt/LJaeaZmxAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZTAyZjJjYTgxYWI4MDI5Mzk1MzAxNTZlOTYzMWIxOGY1
MTU4NDAwHhcNMjUwNDA0MjIzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGExNDg5OTQ1YWEyNDA2N2FkYzhlZjcwOTQ2M2E5MTRmMmY5MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9V2l4/D9iBTMC6c4ww17EWPmGgS
o18h7vROTdLXpehbep4WA9RL8oa6JBR+GYTOs15sgO0LxQkDd0KwUoPTe2PQZE8w
wuGIHfR5JNOQ3veo8CxVPBXgNZ9f9czjUXslpiAJ9bx/vnwMR4u5W/spthRbv7iP
yyDtrMYUSEhnaaLmIw0n+r+qJrSqhMnQffWRTjYUpFI1m2+adSbGvhu8TEu6dbTV
cG0AI3+vk/419R2Rm8lzIUxkjy4nrtbJB+elaZzc8PotxBwcsfBHwIGWfN0stm4i
6NUBhG6nsV0+P0HvbOWMhg9zwotzNmOFUGu5XsfiNxBqNGv95UcjNgWjVwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMChSJlFqiQGetyO9wlGOpFPL5FEMB8GA1UdIwQY
MBaAFFjgLyyoGrgCk5UwFW6WMbGPUVhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV09BdkxLZ2F1QUtUbFRBVmJwWXhzWTlSV0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85Zjg3MjgtMzM1ZS00ZjdiLWExZGMt
ZDQ4ZDEzYTRkZTM4LzEvd0tGSW1VV3FKQVo2M0k3M0NVWTZrVTh2a1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85Zjg3MjgtMzM1ZS00ZjdiLWExZGMtZDQ4ZDEzYTRkZTM4
LzEvV09BdkxLZ2F1QUtUbFRBVmJwWXhzWTlSV0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCWZNsAwQD
XV/gAwQCuXCQAwQBw/bmMA0EAgACMAcDBQAqAF7gMA0GCSqGSIb3DQEBCwUAA4IB
AQAJ/Yci7lpU2cieJGzSXQ3czebtKMdtOqDyldkmB4LtWHda2ODO8lvY1uL7W+pX
CzPCRH2tIpCLUbklItXzalPK5vYfGn8VYIPm5lfNTJytbyhizf7pRc0+PKFcH7BR
8BpOJ6sVDRN+cTII29i2uWIsc4jceXFuUNjRafmeUj1CAVPm14046z76Ns7zW2Jx
TXXMkCL4t7J57vxUA1y+E89zM4jair+1Uc6yAgyGd+0SORk53HVRfEv3MyALM00Y
Wte8PiBmSbjeTnz9GS2QjNjp4/z+2j4VdqdRHsFSCj2hAFowspVfb1o5A9S+/pcA
gkJMFhE2epon0toQensJJ4i4
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:09 2025 by rpki-client