Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WjXiOPfv4uGAwR5BI6A1tRRTDVc.roa
File: WjXiOPfv4uGAwR5BI6A1tRRTDVc.roa (raw, json)
Hash identifier: L/XRv6LVY4HIRmeMRXyHEL+O2bAs0KfexcOko34uJ6w=
Subject key identifier: 5A:35:E2:38:F7:EF:E2:E1:80:C1:1E:41:23:A0:35:B5:14:53:0D:57
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0196AB0EB7799F10C2A754AC50540A92FA68
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WjXiOPfv4uGAwR5BI6A1tRRTDVc.roa
Signing time: Wed 07 May 2025 14:03:10 +0000
ROA not before: Wed 07 May 2025 14:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 45.8.178.0/24 maxlen: 24
45.12.32.0/24 maxlen: 24
45.12.33.0/24 maxlen: 24
45.142.0.0/24 maxlen: 24
45.142.3.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
185.224.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.mft
rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:0e:b7:79:9f:10:c2:a7:54:ac:50:54:0a:92:fa:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: May 7 14:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a35e238f7efe2e180c11e4123a035b514530d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:54:ce:9b:16:a2:3f:5f:8f:cf:99:43:ac:1e:
44:90:b9:3a:0b:61:66:eb:53:3b:23:ea:bc:61:69:
84:12:85:61:6d:37:a9:ae:10:6c:d3:b4:e8:80:0b:
5e:3b:d2:7e:5e:85:14:0e:36:7b:37:57:b7:50:36:
28:83:50:a6:3a:48:38:ee:35:2b:54:b1:00:27:75:
a3:f5:b8:fa:29:f5:1b:a3:18:5f:b9:06:97:5a:b9:
c8:02:de:12:b4:bb:5a:3a:fc:3b:b7:c6:36:70:a8:
69:56:eb:43:4d:86:ed:4f:42:a2:d9:e5:95:d5:fc:
f5:4a:88:2b:84:cd:5b:c1:c7:b2:b0:fe:85:3d:dc:
85:23:97:b9:eb:d1:e4:5b:dc:75:51:a2:1e:9d:7d:
ea:67:6d:af:2b:d2:4e:20:a3:aa:e4:e1:47:c1:a5:
b9:94:7f:48:b4:63:60:30:15:5a:f3:21:0d:be:92:
28:d7:e7:f4:08:e1:65:c7:9c:f8:1f:6f:5c:56:b3:
08:f0:7b:26:4f:2f:54:2a:8c:4e:3e:f2:12:03:a4:
b2:51:86:62:dc:a9:75:b4:98:35:8f:fa:83:cd:da:
1e:3e:fb:70:84:6b:a5:17:1b:51:fa:1e:db:e8:d8:
3b:47:74:ee:c2:df:de:60:c6:41:69:49:16:24:81:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:35:E2:38:F7:EF:E2:E1:80:C1:1E:41:23:A0:35:B5:14:53:0D:57
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WjXiOPfv4uGAwR5BI6A1tRRTDVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.178.0/24
45.12.32.0/23
45.142.0.0/24
45.142.3.0/24
45.148.147.0/24
185.224.217.0/24
Signature Algorithm: sha256WithRSAEncryption
79:3c:21:ac:a5:56:5c:92:56:a1:8b:0f:7b:04:01:9b:5b:be:
01:67:cf:7a:bf:5a:3a:78:17:05:56:7f:7e:ae:ab:99:80:5b:
89:48:b9:b7:ef:91:eb:6d:19:86:d9:86:8a:a7:33:cc:72:cb:
e4:6a:17:3b:77:c8:26:94:26:90:33:ac:54:1f:f2:21:20:f9:
a2:63:28:51:dd:65:12:dd:a2:71:61:8c:31:03:f7:5e:a4:3b:
78:3f:92:0d:d2:22:72:66:0f:68:9e:20:d7:30:50:06:e2:03:
5e:95:95:88:ce:c4:d8:01:23:8a:f2:d0:0a:58:b0:a2:25:0f:
69:94:e8:b3:f5:1b:79:41:e6:38:b8:9d:51:2c:00:1a:be:e9:
58:e4:52:df:e4:66:f6:53:d6:3a:c4:59:ea:9c:53:a7:49:3e:
95:d4:80:ae:1d:c3:19:cd:c0:fc:31:c2:07:d9:04:fb:d1:c3:
cf:62:de:df:98:c3:a7:76:46:7f:b6:a2:0f:99:0b:8e:99:b8:
83:b5:3b:d1:c8:f8:7e:1c:2b:06:c1:cb:95:35:a8:8c:08:b5:
4d:b6:32:26:2c:5a:49:3b:20:b8:ce:80:96:e4:bd:79:8a:87:
e0:33:27:85:4c:2e:41:1c:84:d3:58:ca:27:27:8c:54:50:b1:
bb:ee:5a:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZarDrd5nxDCp1SsUFQKkvpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwNTA3MTQwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM1ZTIzOGY3ZWZlMmUxODBjMTFlNDEyM2EwMzViNTE0NTMwZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1TOmxaiP1+Pz5lDrB5EkLk6C2Fm
61M7I+q8YWmEEoVhbTeprhBs07TogAteO9J+XoUUDjZ7N1e3UDYog1CmOkg47jUr
VLEAJ3Wj9bj6KfUboxhfuQaXWrnIAt4StLtaOvw7t8Y2cKhpVutDTYbtT0Ki2eWV
1fz1SogrhM1bwceysP6FPdyFI5e569HkW9x1UaIenX3qZ22vK9JOIKOq5OFHwaW5
lH9ItGNgMBVa8yENvpIo1+f0COFlx5z4H29cVrMI8HsmTy9UKoxOPvISA6SyUYZi
3Kl1tJg1j/qDzdoePvtwhGulFxtR+h7b6Ng7R3Tuwt/eYMZBaUkWJIFYhQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFo14jj37+LhgMEeQSOgNbUUUw1XMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvV2pYaU9QZnY0dUdBd1I1Qkk2QTF0UlJURFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQiyAwQB
LQwgAwQALY4AAwQALY4DAwQALZSTAwQAueDZMA0GCSqGSIb3DQEBCwUAA4IBAQB5
PCGspVZcklahiw97BAGbW74BZ896v1o6eBcFVn9+rquZgFuJSLm375HrbRmG2YaK
pzPMcsvkahc7d8gmlCaQM6xUH/IhIPmiYyhR3WUS3aJxYYwxA/depDt4P5IN0iJy
Zg9oniDXMFAG4gNelZWIzsTYASOK8tAKWLCiJQ9plOiz9Rt5QeY4uJ1RLAAavulY
5FLf5Gb2U9Y6xFnqnFOnST6V1ICuHcMZzcD8McIH2QT70cPPYt7fmMOndkZ/tqIP
mQuOmbiDtTvRyPh+HCsGwcuVNaiMCLVNtjImLFpJOyC4zoCW5L15iofgMyeFTC5B
HITTWMonJ4xUULG77lqu
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:23:36 2025 by rpki-client