Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/wr0uj1SbyF4a3afbyHifWHkLV18.roa
File: wr0uj1SbyF4a3afbyHifWHkLV18.roa (raw, json)
Hash identifier: whbGKVVedV+YGL/Rez8V9NgGyEYM+j686HKrZpVv8SA=
Subject key identifier: C2:BD:2E:8F:54:9B:C8:5E:1A:DD:A7:DB:C8:78:9F:58:79:0B:57:5F
Certificate issuer: /CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Certificate serial: 01942368CF56960396E2000B695B999B3B98
Authority key identifier: E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/wr0uj1SbyF4a3afbyHifWHkLV18.roa
Signing time: Wed 01 Jan 2025 19:47:38 +0000
ROA not before: Wed 01 Jan 2025 19:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204456
IP address blocks: 185.222.232.0/22 maxlen: 22
185.222.232.0/24 maxlen: 24
185.222.233.0/24 maxlen: 24
185.222.234.0/24 maxlen: 24
185.222.235.0/24 maxlen: 24
2a0d:800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:cf:56:96:03:96:e2:00:0b:69:5b:99:9b:3b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Validity
Not Before: Jan 1 19:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2bd2e8f549bc85e1adda7dbc8789f58790b575f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5c:e8:a0:05:1d:b3:6b:7d:95:be:7a:6d:b6:
c0:e6:28:aa:58:a9:0b:ed:1f:90:a8:32:07:4b:f3:
26:04:94:0b:ec:8a:fb:97:1f:32:f5:d7:70:6c:ba:
2b:6e:fe:81:97:0a:5e:37:ce:26:21:a0:4e:54:b8:
b8:0d:61:8e:8e:83:ee:a1:b5:47:7a:45:72:97:be:
ba:ab:e3:d8:f7:7d:80:8a:1c:7a:ab:d3:8b:5a:45:
2a:cb:c0:71:c7:fd:7b:e4:d6:42:56:da:0a:0e:7e:
ed:7f:1b:04:22:02:3f:61:7b:87:43:93:b6:b2:65:
dd:f4:79:22:bc:38:76:8c:8f:2f:f0:e0:a8:13:71:
d1:45:f3:b6:8a:c9:c7:21:45:b7:70:82:e6:60:2e:
40:4c:23:8a:fb:d4:3e:eb:d6:a4:27:6f:43:94:77:
e4:73:36:14:80:9f:a6:bc:89:fe:e5:13:aa:74:c5:
41:2e:51:85:3f:82:ce:3e:ba:68:d6:41:e1:e0:85:
fd:94:fa:14:3e:d5:9f:b5:5a:a2:96:49:f0:65:04:
91:ad:f4:44:d8:23:51:69:8a:86:0a:8e:ae:cc:bb:
13:b4:15:72:e5:a5:90:29:c6:f3:73:ef:ce:5b:f5:
2f:dc:e6:b4:90:71:fc:94:ea:e0:e8:ee:d5:91:b5:
f5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BD:2E:8F:54:9B:C8:5E:1A:DD:A7:DB:C8:78:9F:58:79:0B:57:5F
X509v3 Authority Key Identifier:
keyid:E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/wr0uj1SbyF4a3afbyHifWHkLV18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.232.0/22
IPv6:
2a0d:800::/29
Signature Algorithm: sha256WithRSAEncryption
57:5a:78:e0:4a:ae:00:95:87:4a:3c:80:a8:22:9d:0f:b9:f1:
11:35:7a:67:32:b6:63:74:fe:70:bc:ec:7e:b5:5f:a6:84:6e:
32:e3:5d:c3:01:ba:4b:d3:f4:27:2d:9c:6f:b3:4b:d6:7f:02:
6f:8c:b1:a1:63:6a:3a:bf:70:b4:a2:80:0a:b1:74:9b:69:c6:
86:6b:25:a2:15:08:da:3f:00:93:54:2a:51:38:00:44:e9:31:
34:b7:a6:03:dd:7f:6f:4e:e0:7d:30:91:07:ee:4e:86:ba:58:
78:75:03:b1:16:e4:6b:88:d5:44:b5:5e:a4:8c:b0:9e:f5:06:
76:f8:65:b8:4b:94:dc:e7:e8:73:2d:2f:9c:5f:69:ae:7d:5d:
a1:2c:e0:6e:19:fa:a5:04:93:3f:15:1f:43:f5:8e:79:21:bd:
b0:62:68:80:9c:e6:b3:6e:f4:86:43:3e:5a:0b:cc:19:fa:dc:
a6:dc:5e:fd:17:0f:c8:fd:e0:24:0c:e6:a0:0e:3a:a3:d1:27:
ef:3e:5b:9d:98:1b:f5:03:83:c3:e5:69:12:a7:51:05:9b:57:
95:80:a0:ca:2e:56:89:4f:16:04:2d:63:bc:12:e4:4a:6c:56:
28:f8:a1:14:9f:33:22:c0:4a:dc:44:17:78:a0:70:54:02:dd:
d1:a6:6f:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaM9WlgOW4gALaVuZmzuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzEzNzEwNmMxYTQ2YWVhMDdjMjRiMTE3MjlmZDdkMjE2
YTI0ZjUwHhcNMjUwMTAxMTk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJkMmU4ZjU0OWJjODVlMWFkZGE3ZGJjODc4OWY1ODc5MGI1NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVzooAUds2t9lb56bbbA5iiqWKkL
7R+QqDIHS/MmBJQL7Ir7lx8y9ddwbLorbv6BlwpeN84mIaBOVLi4DWGOjoPuobVH
ekVyl766q+PY932Aihx6q9OLWkUqy8Bxx/175NZCVtoKDn7tfxsEIgI/YXuHQ5O2
smXd9HkivDh2jI8v8OCoE3HRRfO2isnHIUW3cILmYC5ATCOK+9Q+69akJ29DlHfk
czYUgJ+mvIn+5ROqdMVBLlGFP4LOPrpo1kHh4IX9lPoUPtWftVqilknwZQSRrfRE
2CNRaYqGCo6uzLsTtBVy5aWQKcbzc+/OW/Uv3Oa0kHH8lOrg6O7VkbX1HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMK9Lo9Um8heGt2n28h4n1h5C1dfMB8GA1UdIwQY
MBaAFOLBNxBsGkauoHwksRcp/X0haiT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODIt
OWNhZjI1YTQ5OWQ3LzEvd3IwdWoxU2J5RjRhM2FmYnlIaWZXSGtMVjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODItOWNhZjI1YTQ5OWQ3
LzEvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud7oMA0E
AgACMAcDBQMqDQgAMA0GCSqGSIb3DQEBCwUAA4IBAQBXWnjgSq4AlYdKPICoIp0P
ufERNXpnMrZjdP5wvOx+tV+mhG4y413DAbpL0/QnLZxvs0vWfwJvjLGhY2o6v3C0
ooAKsXSbacaGayWiFQjaPwCTVCpROABE6TE0t6YD3X9vTuB9MJEH7k6Gulh4dQOx
FuRriNVEtV6kjLCe9QZ2+GW4S5Tc5+hzLS+cX2mufV2hLOBuGfqlBJM/FR9D9Y55
Ib2wYmiAnOazbvSGQz5aC8wZ+tym3F79Fw/I/eAkDOagDjqj0SfvPludmBv1A4PD
5WkSp1EFm1eVgKDKLlaJTxYELWO8EuRKbFYo+KEUnzMiwErcRBd4oHBUAt3Rpm9s
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:42 2025 by rpki-client