Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/W08HMn4p6kVqze5MDixmPqgVV3Q.roa
File: W08HMn4p6kVqze5MDixmPqgVV3Q.roa (raw, json)
Hash identifier: jlOVPZJCuEAwn3iEzzJNLFkpo/PRQpHf+dW9CA2qsug=
Subject key identifier: 5B:4F:07:32:7E:29:EA:45:6A:CD:EE:4C:0E:2C:66:3E:A8:15:57:74
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 019427B5735964A526BEF913B5A0642A48FC
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/W08HMn4p6kVqze5MDixmPqgVV3Q.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204064
IP address blocks: 185.115.180.0/22 maxlen: 22
185.116.48.0/22 maxlen: 22
185.116.51.0/24 maxlen: 24
185.151.172.0/22 maxlen: 22
185.201.12.0/22 maxlen: 32
2a07:7a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:73:59:64:a5:26:be:f9:13:b5:a0:64:2a:48:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b4f07327e29ea456acdee4c0e2c663ea8155774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d7:90:ce:94:10:ea:71:8f:0a:de:c7:48:98:
24:07:00:1a:4d:ad:27:1e:d6:44:ca:bd:7c:0c:0a:
80:0c:03:14:3a:ca:ab:d9:1d:3a:7b:b3:69:c4:74:
b3:f9:77:dd:83:76:94:6c:64:38:7b:8a:ff:81:f3:
bd:1c:f2:f5:4c:ba:ea:65:90:44:8b:62:20:74:21:
6a:25:8c:55:8f:03:3d:40:a4:9f:15:92:bb:c8:b4:
d6:26:5e:b9:6e:0f:16:af:a2:a0:60:e6:df:af:05:
7d:60:32:5c:63:5d:1f:5f:05:7f:e3:97:e0:bb:f8:
42:b4:dc:6e:87:85:0b:bd:61:91:ac:9b:f3:3a:6c:
f4:2f:e2:e0:88:3a:ec:d2:d3:02:bc:bf:37:96:1f:
3d:b8:50:7f:c5:59:dd:67:f2:66:ef:20:94:91:f5:
ef:3a:f4:98:6b:fb:e1:1d:34:47:ee:03:30:77:cd:
4e:81:e7:01:8e:18:15:e6:c2:1d:67:28:48:fe:8a:
1c:99:e9:79:cd:d8:04:08:64:ae:5a:56:69:73:e0:
89:b5:14:90:5b:d1:99:9a:e6:1c:a5:48:e2:2a:86:
ef:7a:20:2a:e9:74:ce:7f:53:d7:15:d1:49:fc:7f:
5d:c0:25:32:03:e1:3c:52:9f:aa:7f:31:dd:d1:21:
f4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4F:07:32:7E:29:EA:45:6A:CD:EE:4C:0E:2C:66:3E:A8:15:57:74
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/W08HMn4p6kVqze5MDixmPqgVV3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.180.0/22
185.116.48.0/22
185.151.172.0/22
185.201.12.0/22
IPv6:
2a07:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
59:a4:53:93:2e:4b:92:14:8e:09:58:21:43:a4:30:27:cf:7f:
e1:39:aa:fa:f0:7e:67:df:c0:0e:e9:03:f2:5d:8a:ff:8e:c8:
f0:0c:7b:d2:67:2c:9b:05:c4:97:13:95:55:df:0e:06:db:b5:
50:04:2a:67:66:8e:5c:05:50:38:3d:b1:8d:87:77:aa:4b:a5:
5d:e8:9a:7f:2c:70:40:e7:d5:e1:32:9a:6d:ce:ad:13:9d:5e:
91:52:35:21:1e:33:4f:cf:37:53:f6:66:dd:bc:1b:ee:c2:5b:
f3:76:f9:78:91:2b:f7:fa:39:11:57:a5:71:9e:5d:ed:ae:d2:
3c:37:c3:1e:59:55:e7:1e:a0:7c:ca:53:f2:8a:f0:85:4c:99:
b6:8a:a9:4a:90:ae:ea:b5:ac:60:78:09:93:28:97:1c:eb:7b:
be:72:16:de:74:c3:26:58:01:b0:78:ed:a2:15:14:08:75:ba:
82:df:c9:ed:cf:91:1e:c3:95:40:84:be:17:d6:f1:e5:08:20:
12:ea:11:d8:0e:95:e0:70:14:52:fe:17:9e:4d:5d:0d:df:83:
a8:9d:4c:6a:a6:3c:48:8c:9e:c6:07:eb:cf:04:e1:c6:82:1e:
36:57:92:03:85:1d:aa:dd:db:0a:92:70:11:0c:d8:db:c6:4d:
9b:48:68:60
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQntXNZZKUmvvkTtaBkKkj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjRmMDczMjdlMjllYTQ1NmFjZGVlNGMwZTJjNjYzZWE4MTU1Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9eQzpQQ6nGPCt7HSJgkBwAaTa0n
HtZEyr18DAqADAMUOsqr2R06e7NpxHSz+Xfdg3aUbGQ4e4r/gfO9HPL1TLrqZZBE
i2IgdCFqJYxVjwM9QKSfFZK7yLTWJl65bg8Wr6KgYObfrwV9YDJcY10fXwV/45fg
u/hCtNxuh4ULvWGRrJvzOmz0L+LgiDrs0tMCvL83lh89uFB/xVndZ/Jm7yCUkfXv
OvSYa/vhHTRH7gMwd81OgecBjhgV5sIdZyhI/oocmel5zdgECGSuWlZpc+CJtRSQ
W9GZmuYcpUjiKobveiAq6XTOf1PXFdFJ/H9dwCUyA+E8Up+qfzHd0SH06QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFtPBzJ+KepFas3uTA4sZj6oFVd0MB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvVzA4SE1uNHA2a1ZxemU1TURpeG1QcWdWVjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuXO0AwQC
uXQwAwQCuZesAwQCuckMMA0EAgACMAcDBQMqB3oAMA0GCSqGSIb3DQEBCwUAA4IB
AQBZpFOTLkuSFI4JWCFDpDAnz3/hOar68H5n38AO6QPyXYr/jsjwDHvSZyybBcSX
E5VV3w4G27VQBCpnZo5cBVA4PbGNh3eqS6Vd6Jp/LHBA59XhMpptzq0TnV6RUjUh
HjNPzzdT9mbdvBvuwlvzdvl4kSv3+jkRV6Vxnl3trtI8N8MeWVXnHqB8ylPyivCF
TJm2iqlKkK7qtaxgeAmTKJcc63u+chbedMMmWAGweO2iFRQIdbqC38ntz5Eew5VA
hL4X1vHlCCAS6hHYDpXgcBRS/heeTV0N34OonUxqpjxIjJ7GB+vPBOHGgh42V5ID
hR2q3dsKknARDNjbxk2bSGhg
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:49 2025 by rpki-client