Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/1-wEZKS5ROln113VYj-rYIVv3HMw.roa
File: 1-wEZKS5ROln113VYj-rYIVv3HMw.roa (raw, json)
Hash identifier: zd3NK5lHmlo7IZCKvHCkj4ue/ewdTG041qEpUCwPhSg=
Subject key identifier: FB:01:19:29:2E:51:3A:59:F5:D7:75:58:8F:EA:D8:21:5B:F7:1C:CC
Certificate issuer: /CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Certificate serial: 019424B38F21FB3BDF411D575EEA894A1CFE
Authority key identifier: 68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/1-wEZKS5ROln113VYj-rYIVv3HMw.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8643
IP address blocks: 87.239.232.0/21 maxlen: 21
88.197.0.0/17 maxlen: 24
195.134.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8f:21:fb:3b:df:41:1d:57:5e:ea:89:4a:1c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb0119292e513a59f5d775588fead8215bf71ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:15:d1:94:79:09:92:61:b7:9e:bd:6a:a5:
70:a9:bc:15:5f:b7:03:8e:8b:53:be:f9:63:0b:5e:
6a:86:1e:bc:f9:15:2f:6b:01:1c:52:aa:95:7a:21:
42:de:aa:6c:33:1c:23:8d:8e:49:ba:b4:ff:6b:98:
c8:82:1d:36:4e:fc:ec:4e:f9:a2:eb:b4:1b:bf:08:
5a:99:1d:11:95:5e:43:72:bc:46:3e:d1:29:72:f9:
db:35:6c:a0:15:32:3a:95:89:ee:79:ae:60:04:ff:
13:fc:c6:dc:0a:8e:19:4d:3a:dd:95:a3:69:95:6f:
75:7d:7b:16:ce:34:b9:11:9a:9e:dc:da:be:80:83:
66:39:41:c7:ff:43:0b:a2:c3:ab:f4:88:fb:b4:66:
73:2e:b7:d2:57:9c:cf:e8:d6:e0:d3:49:e6:fa:7d:
ce:18:55:11:e8:e5:3b:cf:a4:c5:da:1a:c7:bc:1a:
2f:df:da:14:96:3d:b3:51:6f:5f:1e:66:77:44:61:
c0:02:6c:a8:d6:eb:a6:e9:b3:7b:93:48:39:35:8e:
00:17:3f:ea:49:08:7e:dd:43:4f:cf:b3:7c:52:10:
96:a0:71:f1:8c:fa:9d:e5:ba:ff:3f:76:88:cb:6e:
52:8d:53:da:69:ec:20:ab:77:59:aa:d7:72:ee:89:
40:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:01:19:29:2E:51:3A:59:F5:D7:75:58:8F:EA:D8:21:5B:F7:1C:CC
X509v3 Authority Key Identifier:
keyid:68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/1-wEZKS5ROln113VYj-rYIVv3HMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.232.0/21
88.197.0.0/17
195.134.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:5b:c7:21:f0:c1:da:e8:66:2a:f6:35:8e:5d:75:9d:cc:1e:
d9:bf:be:b7:5b:c3:30:5c:08:15:00:0c:31:2e:70:e0:7a:14:
d1:74:2e:bd:6e:ff:b2:3c:b0:bf:ed:6a:a6:b6:a3:ae:30:99:
06:60:48:31:50:22:e2:74:aa:29:b6:33:a2:e3:9e:1b:eb:32:
93:ae:27:e1:df:2f:93:1d:46:09:14:a2:51:72:82:e0:fc:3c:
67:c5:8d:02:69:e9:f2:09:19:9f:35:0a:9d:36:9e:d9:d5:b0:
3c:03:5e:71:b0:d0:e4:d8:86:b9:d6:c7:7b:82:67:75:eb:6a:
b6:d9:29:ba:5f:02:e9:75:2b:05:b1:e8:4c:48:e3:13:54:3f:
ba:12:7c:96:9d:60:cd:56:8a:e9:ef:31:6f:9f:e7:be:68:62:
e3:58:32:da:79:0c:45:74:f8:0c:00:0f:98:8d:79:a3:76:bf:
4c:4b:85:18:7e:90:bd:50:c4:43:ee:30:b9:28:26:11:f2:7c:
2c:bd:9e:be:62:aa:d1:e3:64:83:78:e3:33:3b:3b:0e:56:8f:
62:e6:0e:b9:4f:57:47:c1:97:13:40:a1:c1:5c:9b:32:c3:8f:
53:df:6e:2f:fb:a1:19:bd:40:94:98:38:59:fc:3f:02:a2:03:
95:4e:46:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQks48h+zvfQR1XXuqJShz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YjdmODE3YWI1MTQxYjVlMTM4MjgwY2RmNjE5MDE2NmJi
OWNiODcwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjAxMTkyOTJlNTEzYTU5ZjVkNzc1NTg4ZmVhZDgyMTViZjcxY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxoV0ZR5CZJht569aqVwqbwVX7cD
jotTvvljC15qhh68+RUvawEcUqqVeiFC3qpsMxwjjY5JurT/a5jIgh02TvzsTvmi
67QbvwhamR0RlV5DcrxGPtEpcvnbNWygFTI6lYnuea5gBP8T/MbcCo4ZTTrdlaNp
lW91fXsWzjS5EZqe3Nq+gINmOUHH/0MLosOr9Ij7tGZzLrfSV5zP6Nbg00nm+n3O
GFUR6OU7z6TF2hrHvBov39oUlj2zUW9fHmZ3RGHAAmyo1uum6bN7k0g5NY4AFz/q
SQh+3UNPz7N8UhCWoHHxjPqd5br/P3aIy25SjVPaaewgq3dZqtdy7olAuwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPsBGSkuUTpZ9dd1WI/q2CFb9xzMMB8GA1UdIwQY
MBaAFGi3+BerUUG14TgoDN9hkBZrucuHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMt
MTY1MTcxMjZjMTMyLzEvMS13RVpLUzVST2xuMTEzVllqLXJZSVZ2M0hNdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmYvNzQyYzE0LTdiNGQtNDI3OS1iODIzLTE2NTE3MTI2YzEz
Mi8xL2FMZjRGNnRSUWJYaE9DZ00zMkdRRm11NXk0Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1fv6AME
B1jFAAMEBsOGQDANBgkqhkiG9w0BAQsFAAOCAQEANlvHIfDB2uhmKvY1jl11ncwe
2b++t1vDMFwIFQAMMS5w4HoU0XQuvW7/sjywv+1qprajrjCZBmBIMVAi4nSqKbYz
ouOeG+syk64n4d8vkx1GCRSiUXKC4Pw8Z8WNAmnp8gkZnzUKnTae2dWwPANecbDQ
5NiGudbHe4Jndetqttkpul8C6XUrBbHoTEjjE1Q/uhJ8lp1gzVaK6e8xb5/nvmhi
41gy2nkMRXT4DAAPmI15o3a/TEuFGH6QvVDEQ+4wuSgmEfJ8LL2evmKq0eNkg3jj
Mzs7DlaPYuYOuU9XR8GXE0ChwVybMsOPU99uL/uhGb1AlJg4Wfw/AqIDlU5GTA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:03:33 2025 by rpki-client