Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/W09Hs7YV_rlCMmFfP5OjxUCv0DQ.roa
File: W09Hs7YV_rlCMmFfP5OjxUCv0DQ.roa (raw, json)
Hash identifier: zUsXUKlv5KVQErO/W3pmAzbRpm0hLO9n4LhnJ2Df8ps=
Subject key identifier: 5B:4F:47:B3:B6:15:FE:B9:42:32:61:5F:3F:93:A3:C5:40:AF:D0:34
Certificate issuer: /CN=374bb6a9fb245a4fafcb8d621d1c75f59d6eca19
Certificate serial: 01942369D1DCF48535E77AE876C8CD12CB7F
Authority key identifier: 37:4B:B6:A9:FB:24:5A:4F:AF:CB:8D:62:1D:1C:75:F5:9D:6E:CA:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0u2qfskWk-vy41iHRx19Z1uyhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/W09Hs7YV_rlCMmFfP5OjxUCv0DQ.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205755
IP address blocks: 185.207.192.0/24 maxlen: 24
185.207.193.0/24 maxlen: 24
185.207.194.0/24 maxlen: 24
185.207.195.0/24 maxlen: 24
2a0b:2740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/N0u2qfskWk-vy41iHRx19Z1uyhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/N0u2qfskWk-vy41iHRx19Z1uyhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/N0u2qfskWk-vy41iHRx19Z1uyhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d1:dc:f4:85:35:e7:7a:e8:76:c8:cd:12:cb:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374bb6a9fb245a4fafcb8d621d1c75f59d6eca19
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b4f47b3b615feb94232615f3f93a3c540afd034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3f:eb:50:8b:65:f1:be:06:31:66:94:b9:f8:
d6:b1:21:04:a9:b4:19:0f:a7:a4:b8:25:83:68:70:
bc:ce:6d:9b:dd:21:91:eb:81:b5:ff:a4:cf:ca:9c:
de:38:dd:6e:01:bc:6a:b3:56:47:f5:5b:4c:6b:ab:
b3:4e:2b:e9:f6:ca:e6:51:2c:58:78:81:ca:b5:70:
bc:2c:7e:b8:8b:0d:ee:81:36:88:66:ee:a1:b0:aa:
85:d0:31:64:71:92:e4:4e:f2:07:67:42:e2:a1:0b:
5d:b8:48:c2:cd:b1:9d:28:35:36:cd:b0:92:f2:3e:
0c:12:70:e7:28:56:ba:38:e6:07:26:1a:da:4c:37:
3b:31:22:f5:bb:3d:3a:54:6c:65:5b:ae:71:02:b3:
ed:75:6c:ee:2e:b3:75:42:28:26:7d:fc:57:64:90:
77:11:9f:84:ad:6e:77:39:61:6a:0a:95:5f:80:dd:
b3:5d:a5:1c:30:2b:7e:51:d5:a4:92:ec:7b:c7:5b:
e4:e6:13:7a:42:22:bb:38:bc:db:28:82:f2:bd:23:
9e:20:f0:bc:dc:aa:4c:1a:4f:f4:fa:55:ec:d8:45:
0c:89:ad:60:43:b0:39:a5:1f:91:b8:45:bc:64:75:
2d:14:9c:fb:00:dd:46:65:83:81:20:e1:73:de:14:
9a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4F:47:B3:B6:15:FE:B9:42:32:61:5F:3F:93:A3:C5:40:AF:D0:34
X509v3 Authority Key Identifier:
keyid:37:4B:B6:A9:FB:24:5A:4F:AF:CB:8D:62:1D:1C:75:F5:9D:6E:CA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0u2qfskWk-vy41iHRx19Z1uyhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/W09Hs7YV_rlCMmFfP5OjxUCv0DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b5dfcc-cd35-4837-b892-f226b144a89a/1/N0u2qfskWk-vy41iHRx19Z1uyhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.192.0/22
IPv6:
2a0b:2740::/48
Signature Algorithm: sha256WithRSAEncryption
a1:61:a6:07:55:a8:29:f7:13:a4:a9:78:89:71:c0:c8:1f:93:
00:7a:fe:25:29:ed:fe:da:f2:0b:4b:9e:bc:8d:7f:ec:01:f9:
30:9d:1e:db:94:b1:84:e2:12:98:79:da:1b:b9:6e:c9:8a:ef:
0c:04:39:4e:da:83:f8:82:41:b5:ae:6a:f7:8d:1c:10:da:91:
13:3e:42:cb:da:a2:29:16:90:61:91:5e:2b:59:f5:06:a9:e1:
8c:8b:08:2d:71:a4:91:c3:51:7f:64:c9:14:30:f1:82:78:9f:
50:df:5b:da:1d:b7:2a:42:1d:e7:e2:80:37:e3:7c:26:a6:cc:
98:b2:bd:51:58:17:15:25:3c:a4:37:21:3e:c1:5e:e9:64:98:
c5:7a:49:e7:05:77:f2:eb:cb:5f:92:a7:85:34:46:27:18:03:
de:ac:da:b2:0d:fa:40:0c:21:8d:e4:d9:03:ab:a7:81:5a:95:
ea:e1:92:17:78:ab:58:78:e6:32:69:30:a2:4c:05:0f:79:7f:
3f:73:94:9e:37:3f:8c:48:4c:96:9f:8a:f4:3a:ac:56:46:f6:
7e:7b:0a:8f:c7:3a:92:bb:e2:80:36:db:e8:38:7e:1a:3a:57:
a5:b0:c4:58:ae:b4:9f:15:f3:ec:5d:1d:33:7c:7b:31:13:c1:
cd:94:66:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjadHc9IU153rodsjNEst/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGJiNmE5ZmIyNDVhNGZhZmNiOGQ2MjFkMWM3NWY1OWQ2
ZWNhMTkwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjRmNDdiM2I2MTVmZWI5NDIzMjYxNWYzZjkzYTNjNTQwYWZkMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz/rUItl8b4GMWaUufjWsSEEqbQZ
D6ekuCWDaHC8zm2b3SGR64G1/6TPypzeON1uAbxqs1ZH9VtMa6uzTivp9srmUSxY
eIHKtXC8LH64iw3ugTaIZu6hsKqF0DFkcZLkTvIHZ0LioQtduEjCzbGdKDU2zbCS
8j4MEnDnKFa6OOYHJhraTDc7MSL1uz06VGxlW65xArPtdWzuLrN1QigmffxXZJB3
EZ+ErW53OWFqCpVfgN2zXaUcMCt+UdWkkux7x1vk5hN6QiK7OLzbKILyvSOeIPC8
3KpMGk/0+lXs2EUMia1gQ7A5pR+RuEW8ZHUtFJz7AN1GZYOBIOFz3hSaOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFtPR7O2Ff65QjJhXz+To8VAr9A0MB8GA1UdIwQY
MBaAFDdLtqn7JFpPr8uNYh0cdfWdbsoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB1MnFmc2tXay12eTQxaUhSeDE5WjF1eWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iNWRmY2MtY2QzNS00ODM3LWI4OTIt
ZjIyNmIxNDRhODlhLzEvVzA5SHM3WVZfcmxDTW1GZlA1T2p4VUN2MERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iNWRmY2MtY2QzNS00ODM3LWI4OTItZjIyNmIxNDRhODlh
LzEvTjB1MnFmc2tXay12eTQxaUhSeDE5WjF1eWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuc/AMA8E
AgACMAkDBwAqCydAAAAwDQYJKoZIhvcNAQELBQADggEBAKFhpgdVqCn3E6SpeIlx
wMgfkwB6/iUp7f7a8gtLnryNf+wB+TCdHtuUsYTiEph52hu5bsmK7wwEOU7ag/iC
QbWuaveNHBDakRM+QsvaoikWkGGRXitZ9Qap4YyLCC1xpJHDUX9kyRQw8YJ4n1Df
W9odtypCHefigDfjfCamzJiyvVFYFxUlPKQ3IT7BXulkmMV6SecFd/Lry1+Sp4U0
RicYA96s2rIN+kAMIY3k2QOrp4Falerhkhd4q1h45jJpMKJMBQ95fz9zlJ43P4xI
TJafivQ6rFZG9n57Co/HOpK74oA22+g4fho6V6WwxFiutJ8V8+xdHTN8ezETwc2U
ZuE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:07:06 2025 by rpki-client