Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/bW1NhmGBTwYgPPg4roDWhoM3_yw.roa
File: bW1NhmGBTwYgPPg4roDWhoM3_yw.roa (raw, json)
Hash identifier: JPmmBhJ0tN9Tg+cz1OMedHqMeYz4nB4Qc7iEbdz/1O8=
Subject key identifier: 6D:6D:4D:86:61:81:4F:06:20:3C:F8:38:AE:80:D6:86:83:37:FF:2C
Certificate issuer: /CN=5b06f746e549ec9763e07cd766fea14e2866d341
Certificate serial: 019421B20F447D5ACA03DBE7B0B7CB7598A6
Authority key identifier: 5B:06:F7:46:E5:49:EC:97:63:E0:7C:D7:66:FE:A1:4E:28:66:D3:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/bW1NhmGBTwYgPPg4roDWhoM3_yw.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211909
IP address blocks: 77.83.58.0/24 maxlen: 24
138.124.148.0/23 maxlen: 23
178.212.89.0/24 maxlen: 24
185.252.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0f:44:7d:5a:ca:03:db:e7:b0:b7:cb:75:98:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b06f746e549ec9763e07cd766fea14e2866d341
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d6d4d8661814f06203cf838ae80d6868337ff2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3e:cf:ad:61:2f:6c:39:80:a9:88:27:ca:03:
ba:fe:8d:91:39:fd:34:27:7a:97:07:e5:a9:49:88:
c1:a4:60:27:c1:da:81:4a:f5:88:a5:c3:b1:d5:b5:
e4:7c:bb:d1:16:c5:12:05:ae:45:a3:c4:2a:0a:6b:
17:f2:b0:cf:b4:25:38:af:a5:bb:a7:0f:e3:47:c3:
d9:69:9d:9f:69:8f:8f:b0:b1:03:11:1c:b8:17:2d:
0d:c5:67:ea:7f:4e:4f:d8:d8:51:07:ed:c8:7a:15:
2c:81:17:0f:7f:18:43:a5:d5:a9:af:86:e8:16:a3:
05:29:d7:9a:05:0c:ae:0b:ea:a7:60:13:0d:51:76:
63:3f:b5:c0:34:7f:9c:0d:f0:ce:88:d6:2d:09:d6:
2a:31:0c:15:e6:9c:c6:d4:78:11:2d:4b:c3:cb:8d:
47:dc:bb:a3:2f:03:28:87:d7:bd:e3:61:54:21:a1:
4f:73:4d:b6:13:b5:f6:d4:ef:cc:21:f9:e1:47:79:
db:0f:21:b5:7b:78:8f:9b:96:80:74:d6:78:ea:48:
d3:2a:31:4b:cf:49:6e:94:13:4c:b0:40:f6:61:d0:
70:81:33:dc:e9:1e:a3:e9:8a:0d:35:9a:22:25:53:
54:aa:2a:77:c2:61:25:e9:0a:7c:c1:4c:fe:c0:cc:
52:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6D:4D:86:61:81:4F:06:20:3C:F8:38:AE:80:D6:86:83:37:FF:2C
X509v3 Authority Key Identifier:
keyid:5B:06:F7:46:E5:49:EC:97:63:E0:7C:D7:66:FE:A1:4E:28:66:D3:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/bW1NhmGBTwYgPPg4roDWhoM3_yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ac9dab-e91b-4541-b595-be4117e2319c/1/Wwb3RuVJ7Jdj4HzXZv6hTihm00E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.58.0/24
138.124.148.0/23
178.212.89.0/24
185.252.202.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b3:ec:9e:64:c5:7b:9b:4f:e8:fe:5c:6a:07:62:a9:2d:9b:
eb:4c:6f:23:cf:8a:75:f6:81:0d:32:d3:ab:9b:13:e9:e0:7b:
44:87:73:8c:60:86:c1:79:5b:89:e6:68:22:01:0d:16:53:38:
81:bd:6e:ff:84:12:d9:1c:3e:e3:ff:06:a5:dd:e2:f1:ed:36:
ee:af:f2:f5:d8:ba:88:49:17:4f:10:ad:a7:e7:95:3b:bc:c3:
45:58:ae:53:14:ac:f9:c3:a4:7c:ed:2f:12:c7:04:6c:7a:67:
6a:69:2a:2c:c7:0b:33:8e:5a:b7:fd:d0:15:ec:00:23:1c:f0:
31:ca:4a:94:14:02:4e:0d:de:4c:41:ed:1b:b7:48:1a:5f:3c:
05:d5:65:9c:48:33:cf:8c:cb:db:97:66:37:bf:45:8c:ba:bd:
b7:d7:65:cf:bc:15:b9:e5:2b:b9:28:35:5d:6c:95:2c:05:0d:
27:65:42:22:3a:4d:c8:6d:15:3e:6c:b7:22:d1:16:02:0c:0c:
93:f6:c0:1b:dd:f0:b6:64:14:56:ac:40:30:5d:06:2c:54:cb:
0d:43:55:c8:18:19:1e:3a:cf:11:21:b1:d5:01:ea:7b:8c:c4:
ae:45:1c:a4:88:44:59:18:1f:8d:91:20:49:e7:6c:cd:2c:84:
6a:de:2f:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsg9EfVrKA9vnsLfLdZimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDZmNzQ2ZTU0OWVjOTc2M2UwN2NkNzY2ZmVhMTRlMjg2
NmQzNDEwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZkNGQ4NjYxODE0ZjA2MjAzY2Y4MzhhZTgwZDY4NjgzMzdmZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j7PrWEvbDmAqYgnygO6/o2ROf00
J3qXB+WpSYjBpGAnwdqBSvWIpcOx1bXkfLvRFsUSBa5Fo8QqCmsX8rDPtCU4r6W7
pw/jR8PZaZ2faY+PsLEDERy4Fy0NxWfqf05P2NhRB+3IehUsgRcPfxhDpdWpr4bo
FqMFKdeaBQyuC+qnYBMNUXZjP7XANH+cDfDOiNYtCdYqMQwV5pzG1HgRLUvDy41H
3LujLwMoh9e942FUIaFPc022E7X21O/MIfnhR3nbDyG1e3iPm5aAdNZ46kjTKjFL
z0lulBNMsED2YdBwgTPc6R6j6YoNNZoiJVNUqip3wmEl6Qp8wUz+wMxSnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG1tTYZhgU8GIDz4OK6A1oaDN/8sMB8GA1UdIwQY
MBaAFFsG90blSeyXY+B812b+oU4oZtNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3diM1J1Vko3SmRqNEh6WFp2NmhUaWhtMDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hYzlkYWItZTkxYi00NTQxLWI1OTUt
YmU0MTE3ZTIzMTljLzEvYlcxTmhtR0JUd1lnUFBnNHJvRFdob00zX3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hYzlkYWItZTkxYi00NTQxLWI1OTUtYmU0MTE3ZTIzMTlj
LzEvV3diM1J1Vko3SmRqNEh6WFp2NmhUaWhtMDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVM6AwQB
inyUAwQAstRZAwQAufzKMA0GCSqGSIb3DQEBCwUAA4IBAQBRs+yeZMV7m0/o/lxq
B2KpLZvrTG8jz4p19oENMtOrmxPp4HtEh3OMYIbBeVuJ5mgiAQ0WUziBvW7/hBLZ
HD7j/wal3eLx7Tbur/L12LqISRdPEK2n55U7vMNFWK5TFKz5w6R87S8SxwRsemdq
aSosxwszjlq3/dAV7AAjHPAxykqUFAJODd5MQe0bt0gaXzwF1WWcSDPPjMvbl2Y3
v0WMur2312XPvBW55Su5KDVdbJUsBQ0nZUIiOk3IbRU+bLci0RYCDAyT9sAb3fC2
ZBRWrEAwXQYsVMsNQ1XIGBkeOs8RIbHVAep7jMSuRRykiERZGB+NkSBJ52zNLIRq
3i8H
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:01 2025 by rpki-client