Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Wm7N1iu-cr7TCQIUPcboZUXDLaU.roa
File: Wm7N1iu-cr7TCQIUPcboZUXDLaU.roa (raw, json)
Hash identifier: uwsiudVh3mXRKeOF3sFr3TgCf6ONEeFQgGn8IQKESik=
Subject key identifier: 5A:6E:CD:D6:2B:BE:72:BE:D3:09:02:14:3D:C6:E8:65:45:C3:2D:A5
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067D09DDDDF0B74CFCE43FBD4C405B8
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Wm7N1iu-cr7TCQIUPcboZUXDLaU.roa
Signing time: Wed 01 Jan 2025 05:47:42 +0000
ROA not before: Wed 01 Jan 2025 05:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60633
IP address blocks: 193.246.32.0/21 maxlen: 21
193.246.40.0/21 maxlen: 21
193.246.208.0/20 maxlen: 20
2a02:a90:c405::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d0:9d:dd:df:0b:74:cf:ce:43:fb:d4:c4:05:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a6ecdd62bbe72bed30902143dc6e86545c32da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8d:9a:fe:89:c4:2a:16:74:0b:42:9f:84:7b:
d0:a5:a9:01:ba:78:33:60:4d:91:9e:ab:6e:f1:a3:
5f:2e:9b:05:4a:a8:3a:de:f3:97:42:f5:bb:83:e8:
fa:7c:69:53:cd:1a:23:a2:ef:9e:32:b1:52:9d:c0:
54:bf:21:b5:07:9f:6b:c2:ce:54:fc:83:bb:22:08:
3e:23:27:f3:65:4c:cf:a9:78:23:ff:6d:cd:56:ac:
4c:82:dc:75:3b:2d:6e:cb:49:af:1f:68:bf:36:c8:
84:e5:f0:9b:90:71:f3:6a:d0:cd:ae:f8:01:da:7f:
c0:86:6f:84:67:55:f8:5e:1d:41:b3:f5:f6:b7:58:
90:c9:f7:27:3c:a6:f6:43:8b:be:95:36:1b:b0:e7:
2a:fd:e1:8d:bf:a7:51:85:7e:8c:ac:59:77:bf:14:
b6:a7:90:27:4d:4d:f1:25:a2:c6:6b:79:94:8a:af:
de:ae:64:85:81:5a:70:09:59:de:1a:7b:aa:e0:40:
e4:15:f8:42:08:90:49:27:04:c2:2c:a8:38:78:72:
2d:33:80:b6:8c:8c:e3:66:bf:5a:0e:82:5e:2e:3c:
54:05:c0:56:db:86:65:6f:78:13:d6:5b:4a:e4:91:
fd:25:19:65:ce:9e:8e:d1:67:d2:98:56:42:fa:2a:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6E:CD:D6:2B:BE:72:BE:D3:09:02:14:3D:C6:E8:65:45:C3:2D:A5
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Wm7N1iu-cr7TCQIUPcboZUXDLaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.32.0/20
193.246.208.0/20
IPv6:
2a02:a90:c405::/48
Signature Algorithm: sha256WithRSAEncryption
9d:6f:ce:ce:98:1f:a0:c8:f2:c3:bd:5e:a9:ff:91:7f:82:b0:
49:a8:96:34:e6:b7:bb:cf:d3:cd:c5:ac:d1:11:e8:4b:9c:d7:
14:c3:bb:bf:89:92:b8:7b:49:be:5c:a1:41:da:d7:6c:d6:f6:
85:5d:d8:4c:85:5b:53:4e:bf:08:f4:64:1a:6e:ff:55:07:61:
25:8d:d2:81:b2:3d:00:01:25:8b:96:e5:2a:17:8e:85:b7:4c:
91:97:e9:57:ca:70:f4:4a:e6:b0:1d:f3:a7:bd:be:84:bb:b1:
6f:68:3e:cd:01:a7:5a:3d:f2:78:6e:bd:09:65:9a:7e:34:09:
69:e1:e0:0b:66:0d:24:4e:9f:d3:26:4e:a3:d6:65:f5:2c:e2:
84:d2:be:9b:14:a4:d6:6e:0d:65:45:1a:9e:11:04:0a:64:3d:
23:11:3c:e8:83:b6:ca:1a:fc:9b:c2:03:d0:a8:e6:92:e9:af:
76:0a:63:80:27:95:7b:bc:55:9e:79:01:b1:2a:7a:51:39:29:
29:fd:b4:04:06:1b:74:40:f3:6d:cd:e4:9f:7a:40:23:74:a5:
16:73:3e:47:26:e6:ce:80:0a:1e:84:fc:1e:83:bd:d0:36:46:
7e:02:df:d9:f1:2d:d4:cd:a3:18:b0:34:34:f0:1d:f9:85:8b:
4d:79:97:82
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQgZ9Cd3d8LdM/OQ/vUxAW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZlY2RkNjJiYmU3MmJlZDMwOTAyMTQzZGM2ZTg2NTQ1YzMyZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI2a/onEKhZ0C0KfhHvQpakBungz
YE2Rnqtu8aNfLpsFSqg63vOXQvW7g+j6fGlTzRojou+eMrFSncBUvyG1B59rws5U
/IO7Igg+IyfzZUzPqXgj/23NVqxMgtx1Oy1uy0mvH2i/NsiE5fCbkHHzatDNrvgB
2n/Ahm+EZ1X4Xh1Bs/X2t1iQyfcnPKb2Q4u+lTYbsOcq/eGNv6dRhX6MrFl3vxS2
p5AnTU3xJaLGa3mUiq/ermSFgVpwCVneGnuq4EDkFfhCCJBJJwTCLKg4eHItM4C2
jIzjZr9aDoJeLjxUBcBW24Zlb3gT1ltK5JH9JRllzp6O0WfSmFZC+ipbXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFpuzdYrvnK+0wkCFD3G6GVFwy2lMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvV203TjFpdS1jcjdUQ1FJVVBjYm9aVVhETGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQEwfYgAwQE
wfbQMA8EAgACMAkDBwAqAgqQxAUwDQYJKoZIhvcNAQELBQADggEBAJ1vzs6YH6DI
8sO9Xqn/kX+CsEmoljTmt7vP083FrNER6Euc1xTDu7+Jkrh7Sb5coUHa12zW9oVd
2EyFW1NOvwj0ZBpu/1UHYSWN0oGyPQABJYuW5SoXjoW3TJGX6VfKcPRK5rAd86e9
voS7sW9oPs0Bp1o98nhuvQllmn40CWnh4AtmDSROn9MmTqPWZfUs4oTSvpsUpNZu
DWVFGp4RBApkPSMRPOiDtsoa/JvCA9Co5pLpr3YKY4AnlXu8VZ55AbEqelE5KSn9
tAQGG3RA823N5J96QCN0pRZzPkcm5s6ACh6E/B6DvdA2Rn4C39nxLdTNoxiwNDTw
HfmFi015l4I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:34:36 2025 by rpki-client