Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/wp3kuECOmL-Xa_CvP6f2avXNhKE.roa
File: wp3kuECOmL-Xa_CvP6f2avXNhKE.roa (raw, json)
Hash identifier: M/TCrE4Hu3Cb7omMvcKliDEBNDpnBTh4puc7wgjBDtw=
Subject key identifier: C2:9D:E4:B8:40:8E:98:BF:97:6B:F0:AF:3F:A7:F6:6A:F5:CD:84:A1
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0195895FC4FC253FBCBF912B296B0CA1FD72
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/wp3kuECOmL-Xa_CvP6f2avXNhKE.roa
Signing time: Wed 12 Mar 2025 08:01:49 +0000
ROA not before: Wed 12 Mar 2025 08:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
194.33.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:5f:c4:fc:25:3f:bc:bf:91:2b:29:6b:0c:a1:fd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Mar 12 08:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c29de4b8408e98bf976bf0af3fa7f66af5cd84a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fc:9a:2e:93:d4:05:70:10:17:65:13:43:48:
af:4d:b3:a9:3c:15:3c:bf:d8:db:74:98:b2:83:86:
e8:13:d9:4d:10:f5:4c:69:01:1a:be:9d:07:18:62:
e8:78:fc:0b:08:86:d1:0c:e7:2e:15:92:e4:50:d8:
71:3e:8a:f4:73:a0:25:db:1c:3c:9b:b9:7c:47:4b:
a5:7f:32:c6:df:2f:da:96:a3:7f:27:69:d0:85:b9:
12:41:4c:a5:b0:46:1f:bc:7a:15:a5:60:ec:31:a5:
c8:88:01:b8:c0:91:77:55:c5:3c:eb:94:31:41:a1:
1d:20:3d:85:9e:89:ae:29:a5:0d:b1:f8:fb:c6:f5:
89:5a:45:be:c3:2b:15:db:8d:12:91:1c:fd:39:9f:
da:cf:43:82:e4:00:1a:de:65:9f:d0:62:ef:82:42:
c4:7a:bd:ef:51:d0:46:d2:da:76:10:6d:0d:93:ce:
02:99:9d:e9:c9:b5:df:51:bc:d5:e7:14:d9:32:12:
61:78:5f:56:af:89:53:c7:d7:61:4d:63:ff:f9:d5:
97:49:76:3c:91:44:fd:d3:c7:ba:91:65:9c:2b:6d:
15:6b:14:fa:7b:fb:9e:c3:77:81:4c:d8:e8:6b:38:
be:98:b3:9c:59:80:96:d9:78:2d:bb:3a:cb:86:4a:
9b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9D:E4:B8:40:8E:98:BF:97:6B:F0:AF:3F:A7:F6:6A:F5:CD:84:A1
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/wp3kuECOmL-Xa_CvP6f2avXNhKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
78.143.253.0/24
79.135.102.0/23
194.33.150.0/24
Signature Algorithm: sha256WithRSAEncryption
81:63:ad:41:d8:a9:f6:94:b7:12:fa:c3:c8:1d:7b:41:80:8e:
d9:1c:3b:1a:74:22:b9:dc:a3:a8:54:36:ac:76:c4:ee:9b:fb:
3f:15:81:76:52:f8:cf:18:d8:36:44:ba:00:06:63:60:5e:ac:
48:a7:09:55:44:54:ba:a5:fc:e6:4a:1a:41:d6:25:22:a9:da:
f5:6f:f3:9d:2f:9c:6b:a9:44:a4:fc:f4:dd:79:48:de:8b:f1:
a7:39:d0:57:ec:f9:4f:06:90:9d:7f:19:65:81:12:67:ac:a0:
ee:1b:2d:75:9e:58:3a:c6:45:ab:18:a5:53:30:22:ae:32:34:
73:3c:6b:25:f7:4c:ec:70:6c:49:21:d3:88:42:83:e9:b5:37:
d3:8e:64:4e:b1:20:66:97:c8:d2:d0:1b:ef:32:3c:68:49:0f:
a8:3b:c7:59:c9:56:45:34:ca:a3:42:7f:ad:71:bd:73:56:13:
24:ca:ec:67:fe:5c:27:15:b3:67:2f:7b:75:4d:7b:2d:d3:c8:
24:46:ae:ce:16:da:b6:4f:21:8f:d4:79:f1:8e:48:a6:09:c4:
bd:ea:03:12:fd:b9:e5:72:07:f0:36:48:e4:38:2c:7a:d4:8a:
8b:c7:ef:f5:02:57:09:8f:11:fb:19:b4:03:67:37:a7:5c:8b:
a1:a0:ec:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWJX8T8JT+8v5ErKWsMof1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMzEyMDgwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjlkZTRiODQwOGU5OGJmOTc2YmYwYWYzZmE3ZjY2YWY1Y2Q4NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvyaLpPUBXAQF2UTQ0ivTbOpPBU8
v9jbdJiyg4boE9lNEPVMaQEavp0HGGLoePwLCIbRDOcuFZLkUNhxPor0c6Al2xw8
m7l8R0ulfzLG3y/alqN/J2nQhbkSQUylsEYfvHoVpWDsMaXIiAG4wJF3VcU865Qx
QaEdID2FnomuKaUNsfj7xvWJWkW+wysV240SkRz9OZ/az0OC5AAa3mWf0GLvgkLE
er3vUdBG0tp2EG0Nk84CmZ3pybXfUbzV5xTZMhJheF9Wr4lTx9dhTWP/+dWXSXY8
kUT908e6kWWcK20VaxT6e/uew3eBTNjoazi+mLOcWYCW2XgtuzrLhkqbowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMKd5LhAjpi/l2vwrz+n9mr1zYShMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvd3Aza3VFQ09tTC1YYV9DdlA2ZjJhdlhOaEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZCbAwQA
To/9AwQBT4dmAwQAwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCBY61B2Kn2lLcS+sPI
HXtBgI7ZHDsadCK53KOoVDasdsTum/s/FYF2UvjPGNg2RLoABmNgXqxIpwlVRFS6
pfzmShpB1iUiqdr1b/OdL5xrqUSk/PTdeUjei/GnOdBX7PlPBpCdfxllgRJnrKDu
Gy11nlg6xkWrGKVTMCKuMjRzPGsl90zscGxJIdOIQoPptTfTjmROsSBml8jS0Bvv
MjxoSQ+oO8dZyVZFNMqjQn+tcb1zVhMkyuxn/lwnFbNnL3t1TXst08gkRq7OFtq2
TyGP1HnxjkimCcS96gMS/bnlcgfwNkjkOCx61IqLx+/1AlcJjxH7GbQDZzenXIuh
oOwa
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:23 2025 by rpki-client