Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/7mW3WjVVw9eGN8jbjHf3-to5ckg.roa
File: 7mW3WjVVw9eGN8jbjHf3-to5ckg.roa (raw, json)
Hash identifier: mgTvCDtWlsTF65gNfXMneOYsagkRwGQqVAdRKNVR7wE=
Subject key identifier: EE:65:B7:5A:35:55:C3:D7:86:37:C8:DB:8C:77:F7:FA:DA:39:72:48
Certificate issuer: /CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
Certificate serial: 01942826E26CBF0CF7F7506C505AF76E9E49
Authority key identifier: 57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/7mW3WjVVw9eGN8jbjHf3-to5ckg.roa
Signing time: Thu 02 Jan 2025 17:53:44 +0000
ROA not before: Thu 02 Jan 2025 17:53:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29186
IP address blocks: 91.220.174.0/24 maxlen: 24
193.104.16.0/24 maxlen: 24
195.85.219.0/24 maxlen: 24
195.230.96.0/24 maxlen: 24
2001:678:abc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:e2:6c:bf:0c:f7:f7:50:6c:50:5a:f7:6e:9e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
Validity
Not Before: Jan 2 17:53:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee65b75a3555c3d78637c8db8c77f7fada397248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:de:d7:d5:1a:f2:13:80:5b:e9:e9:16:81:36:
8a:18:b1:7f:7e:44:0e:5a:e2:b5:2b:f4:af:8f:81:
9d:47:17:13:d5:db:c9:63:61:60:75:6a:fb:93:09:
eb:ee:c9:04:70:c2:c6:b8:f5:91:e8:57:f6:98:48:
1e:b3:a8:ea:a8:76:c6:a3:09:70:9d:5a:7e:16:6b:
99:ee:d1:82:60:fd:1d:47:77:0c:5e:16:eb:08:0e:
f4:9d:95:ba:7c:cb:22:78:ed:8e:b1:68:19:73:e9:
1f:8b:78:f2:25:72:9e:d5:32:94:50:21:f6:3e:1b:
c8:a6:7b:88:a1:f2:21:6c:8c:6e:78:60:e6:77:84:
48:c5:30:13:85:2a:f0:04:11:c7:81:d3:4b:81:8b:
e1:0d:a4:82:cf:e9:4c:81:f7:2e:8a:4c:d1:0a:1a:
df:42:dd:79:a8:14:39:70:07:65:25:15:1c:a9:45:
a2:0d:3e:3a:07:5e:8a:7f:43:0a:e4:1e:6b:b4:79:
9b:69:54:4d:2f:ad:df:c1:4a:e1:d2:1a:c1:d1:d0:
49:f3:33:c6:07:98:81:d0:4a:55:56:4f:12:cd:c1:
87:cf:e1:01:84:90:be:07:30:e9:19:eb:e2:6a:6a:
4d:8c:b1:0e:9c:13:fb:96:c0:f3:7a:c6:07:ac:c3:
65:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:65:B7:5A:35:55:C3:D7:86:37:C8:DB:8C:77:F7:FA:DA:39:72:48
X509v3 Authority Key Identifier:
keyid:57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/7mW3WjVVw9eGN8jbjHf3-to5ckg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.174.0/24
193.104.16.0/24
195.85.219.0/24
195.230.96.0/24
IPv6:
2001:678:abc::/48
Signature Algorithm: sha256WithRSAEncryption
0f:43:78:b2:5c:a4:b2:3f:14:e1:61:a8:fd:cb:b2:aa:d9:62:
79:5a:4b:0a:94:d1:1c:75:69:4e:40:8c:45:60:99:9d:1f:99:
cf:85:0a:a0:5f:d8:79:74:7d:f9:c9:89:4f:e2:f9:d4:ec:c8:
12:49:92:3a:77:eb:49:bb:ce:a8:c4:55:e5:03:ee:99:c1:64:
43:54:63:e8:73:f5:ef:57:4b:c0:98:2e:f9:ac:35:ff:f0:11:
b5:c6:27:c3:d8:29:a0:56:ca:4b:1e:34:99:70:b8:b1:c8:8a:
c3:6b:25:39:e8:18:7a:3b:dc:ae:d1:a0:55:61:bc:05:4d:d1:
7c:a6:93:dc:de:d8:4c:9f:a0:62:bd:01:37:64:76:0d:3e:91:
98:76:c2:3a:61:41:9a:ef:e6:63:0d:7a:a4:31:48:5a:88:ef:
21:2e:17:90:69:1c:f4:a1:f8:56:0e:92:b2:7d:ab:71:e8:b2:
2a:d9:b9:21:a3:63:62:cf:33:ed:f3:72:0d:05:4e:af:a4:ca:
09:9a:bb:65:04:26:f8:8d:3e:e6:13:32:a5:2d:37:c8:ad:09:
32:e3:8e:ec:98:14:83:6e:bb:7a:4a:9c:e3:50:57:35:b6:71:
1d:9b:ae:e2:14:37:9a:96:1b:39:f7:04:ff:bb:e3:60:de:32:
f0:77:ae:27
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQoJuJsvwz391BsUFr3bp5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzVhNzZmMjhiNzFlYThkYmY5OTlhYmFhYjdhNjU5ODM5
YWMxODIwHhcNMjUwMTAyMTc1MzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTY1Yjc1YTM1NTVjM2Q3ODYzN2M4ZGI4Yzc3ZjdmYWRhMzk3MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt7X1RryE4Bb6ekWgTaKGLF/fkQO
WuK1K/Svj4GdRxcT1dvJY2FgdWr7kwnr7skEcMLGuPWR6Ff2mEges6jqqHbGowlw
nVp+FmuZ7tGCYP0dR3cMXhbrCA70nZW6fMsieO2OsWgZc+kfi3jyJXKe1TKUUCH2
PhvIpnuIofIhbIxueGDmd4RIxTAThSrwBBHHgdNLgYvhDaSCz+lMgfcuikzRChrf
Qt15qBQ5cAdlJRUcqUWiDT46B16Kf0MK5B5rtHmbaVRNL63fwUrh0hrB0dBJ8zPG
B5iB0EpVVk8SzcGHz+EBhJC+BzDpGeviampNjLEOnBP7lsDzesYHrMNl8QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFO5lt1o1VcPXhjfI24x39/raOXJIMB8GA1UdIwQY
MBaAFFfFp28otx6o2/mZq6q3plmDmsGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEt
NmE2ODI1MWYxMzg3LzEvN21XM1dqVlZ3OWVHTjhqYmpIZjMtdG81Y2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEtNmE2ODI1MWYxMzg3
LzEvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW9yuAwQA
wWgQAwQAw1XbAwQAw+ZgMA8EAgACMAkDBwAgAQZ4CrwwDQYJKoZIhvcNAQELBQAD
ggEBAA9DeLJcpLI/FOFhqP3LsqrZYnlaSwqU0Rx1aU5AjEVgmZ0fmc+FCqBf2Hl0
ffnJiU/i+dTsyBJJkjp360m7zqjEVeUD7pnBZENUY+hz9e9XS8CYLvmsNf/wEbXG
J8PYKaBWykseNJlwuLHIisNrJTnoGHo73K7RoFVhvAVN0Xymk9ze2EyfoGK9ATdk
dg0+kZh2wjphQZrv5mMNeqQxSFqI7yEuF5BpHPSh+FYOkrJ9q3HosirZuSGjY2LP
M+3zcg0FTq+kygmau2UEJviNPuYTMqUtN8itCTLjjuyYFINuu3pKnONQVzW2cR2b
ruIUN5qWGzn3BP+742DeMvB3ric=
-----END CERTIFICATE-----
Generated at Thu Mar 13 09:42:23 2025 by rpki-client