Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WJoZ3Cyd9hGNWW7azIwgdgzOVS4.roa
File: WJoZ3Cyd9hGNWW7azIwgdgzOVS4.roa (raw, json)
Hash identifier: 4VZTAKZBwZm9hthBlF7ANdxLjE6ybka+xW9+Dectll0=
Subject key identifier: 58:9A:19:DC:2C:9D:F6:11:8D:59:6E:DA:CC:8C:20:76:0C:CE:55:2E
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 019421442FC181D6FDC34E94348BF5454DE7
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WJoZ3Cyd9hGNWW7azIwgdgzOVS4.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 375
IP address blocks: 131.207.0.0/17 maxlen: 17
192.49.0.0/21 maxlen: 21
192.49.9.0/24 maxlen: 24
192.49.10.0/24 maxlen: 24
192.49.19.0/24 maxlen: 24
192.49.20.0/24 maxlen: 24
192.49.22.0/24 maxlen: 24
192.49.36.0/22 maxlen: 22
192.49.40.0/23 maxlen: 23
192.49.52.0/23 maxlen: 23
192.49.55.0/24 maxlen: 24
192.49.56.0/21 maxlen: 21
192.49.64.0/22 maxlen: 22
192.49.68.0/24 maxlen: 24
192.49.70.0/23 maxlen: 23
192.49.72.0/23 maxlen: 23
192.49.86.0/23 maxlen: 23
192.49.90.0/24 maxlen: 24
192.49.91.0/24 maxlen: 24
192.49.92.0/22 maxlen: 22
192.49.96.0/24 maxlen: 24
192.49.98.0/23 maxlen: 23
192.49.100.0/23 maxlen: 23
192.49.103.0/24 maxlen: 24
192.49.104.0/24 maxlen: 24
192.49.106.0/23 maxlen: 23
192.49.108.0/22 maxlen: 22
192.49.112.0/23 maxlen: 23
192.49.114.0/23 maxlen: 23
192.49.119.0/24 maxlen: 24
192.49.120.0/22 maxlen: 22
192.49.124.0/23 maxlen: 23
192.49.126.0/24 maxlen: 24
192.49.131.0/24 maxlen: 24
192.49.134.0/24 maxlen: 24
192.49.136.0/23 maxlen: 23
192.49.139.0/24 maxlen: 24
192.49.140.0/23 maxlen: 23
192.49.144.0/24 maxlen: 24
192.49.146.0/24 maxlen: 24
192.49.148.0/22 maxlen: 22
192.49.152.0/21 maxlen: 21
192.49.160.0/23 maxlen: 23
192.49.163.0/24 maxlen: 24
192.49.164.0/22 maxlen: 22
192.49.168.0/23 maxlen: 23
192.49.170.0/24 maxlen: 24
192.49.173.0/24 maxlen: 24
192.49.174.0/23 maxlen: 23
192.49.176.0/20 maxlen: 20
192.49.192.0/18 maxlen: 18
2a03:9b80::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2f:c1:81:d6:fd:c3:4e:94:34:8b:f5:45:4d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=589a19dc2c9df6118d596edacc8c20760cce552e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:62:b3:46:b1:52:be:d9:e8:90:60:b9:81:
48:de:e0:55:d1:80:3c:a4:f0:fd:cc:1a:55:ca:8a:
e1:41:6a:49:af:df:95:80:71:31:47:7a:26:e4:e1:
65:82:8c:a3:7e:ee:6d:4f:c6:1a:85:66:3e:ce:8b:
25:03:6f:e4:0c:eb:3c:8a:0e:01:80:bf:32:58:e5:
8c:0d:9f:cc:42:43:b3:0c:6b:9f:42:ac:33:a3:96:
21:32:f0:da:9e:92:9f:47:4c:ef:ed:35:d5:5f:23:
a1:1d:91:25:fd:ed:0d:5e:67:8a:08:b8:a3:3f:db:
3d:a5:ea:12:af:41:b9:d8:bf:f2:a8:56:7a:60:50:
ce:06:a5:ec:cf:cb:a7:99:b1:70:f1:8c:49:8f:0a:
ac:b7:58:74:ad:c1:4b:61:68:41:41:f5:37:3a:30:
a2:6d:0c:67:e7:c1:f6:42:c9:14:48:0d:e7:37:9d:
11:e3:59:9c:dc:ae:49:74:84:da:2d:f2:dd:e6:b3:
6b:59:b8:f2:53:13:f9:f9:83:df:75:c5:13:da:24:
20:d8:dc:39:c2:73:c8:a0:55:22:bc:fb:52:ad:dc:
9b:a6:93:0c:8a:75:d7:f9:93:7f:a1:21:fe:08:55:
02:cc:6e:a3:b5:33:77:61:dd:78:81:c7:08:28:35:
86:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9A:19:DC:2C:9D:F6:11:8D:59:6E:DA:CC:8C:20:76:0C:CE:55:2E
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WJoZ3Cyd9hGNWW7azIwgdgzOVS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.0.0/17
192.49.0.0/21
192.49.9.0-192.49.10.255
192.49.19.0-192.49.20.255
192.49.22.0/24
192.49.36.0-192.49.41.255
192.49.52.0/23
192.49.55.0-192.49.68.255
192.49.70.0-192.49.73.255
192.49.86.0/23
192.49.90.0-192.49.96.255
192.49.98.0-192.49.101.255
192.49.103.0-192.49.104.255
192.49.106.0-192.49.115.255
192.49.119.0-192.49.126.255
192.49.131.0/24
192.49.134.0/24
192.49.136.0/23
192.49.139.0-192.49.141.255
192.49.144.0/24
192.49.146.0/24
192.49.148.0-192.49.161.255
192.49.163.0-192.49.170.255
192.49.173.0-192.49.255.255
IPv6:
2a03:9b80::/34
Signature Algorithm: sha256WithRSAEncryption
35:97:7a:df:e7:82:dd:fa:97:97:27:78:75:48:d4:b7:8a:b5:
17:ac:87:1e:b5:26:7a:b1:75:72:73:d3:2c:09:f6:35:b3:17:
af:89:37:b6:3a:d8:39:ec:f3:72:47:ec:ab:8e:c2:5f:a0:b4:
a3:d7:4a:70:9f:ff:4b:1b:1e:10:8e:6f:5d:90:9f:f0:77:7e:
71:54:e7:19:51:00:6b:fb:2f:93:04:24:ed:cc:c8:af:58:73:
5e:bf:de:52:d3:61:02:aa:4b:67:a6:e8:f3:bd:6c:d5:8c:10:
bb:41:ea:53:39:9a:82:d0:56:00:6a:04:f9:23:90:5f:cb:e3:
ea:d9:38:7d:ad:a2:a1:51:c3:fc:dc:13:f5:83:1e:f9:58:fe:
ff:fb:4c:37:82:d4:22:ca:6b:02:ef:bc:6b:fe:7c:9c:9f:d9:
42:4a:9e:5f:a4:27:30:ed:11:27:34:bc:d5:62:69:4f:c0:33:
ad:a3:bc:9b:51:90:3d:03:ce:f0:66:54:f5:9e:f2:54:61:df:
28:d4:bf:c7:07:dd:07:34:64:9e:31:2f:98:3c:d5:36:14:de:
bf:ad:b5:2c:fb:d4:99:89:bb:ad:73:20:3c:b6:8b:fb:25:ef:
1d:54:82:c2:bf:5b:3f:2a:32:48:41:db:fc:70:03:36:69:0c:
f2:08:1b:46
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZQhRC/Bgdb9w06UNIv1RU3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODlhMTlkYzJjOWRmNjExOGQ1OTZlZGFjYzhjMjA3NjBjY2U1NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2xis0axUr7Z6JBguYFI3uBV0YA8
pPD9zBpVyorhQWpJr9+VgHExR3om5OFlgoyjfu5tT8YahWY+zoslA2/kDOs8ig4B
gL8yWOWMDZ/MQkOzDGufQqwzo5YhMvDanpKfR0zv7TXVXyOhHZEl/e0NXmeKCLij
P9s9peoSr0G52L/yqFZ6YFDOBqXsz8unmbFw8YxJjwqst1h0rcFLYWhBQfU3OjCi
bQxn58H2QskUSA3nN50R41mc3K5JdITaLfLd5rNrWbjyUxP5+YPfdcUT2iQg2Nw5
wnPIoFUivPtSrdybppMMinXX+ZN/oSH+CFUCzG6jtTN3Yd14gccIKDWGywIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFFiaGdwsnfYRjVlu2syMIHYMzlUuMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvV0pvWjNDeWQ5aEdOV1c3YXpJd2dkZ3pPVlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCAQYEAgABMIH/
AwQHg88AAwQDwDEAMAwDBADAMQkDBADAMQowDAMEAMAxEwMEAMAxFAMEAMAxFjAM
AwQCwDEkAwQBwDEoAwQBwDE0MAwDBADAMTcDBADAMUQwDAMEAcAxRgMEAcAxSAME
AcAxVjAMAwQBwDFaAwQAwDFgMAwDBAHAMWIDBAHAMWQwDAMEAMAxZwMEAMAxaDAM
AwQBwDFqAwQCwDFwMAwDBADAMXcDBADAMX4DBADAMYMDBADAMYYDBAHAMYgwDAME
AMAxiwMEAcAxjAMEAMAxkAMEAMAxkjAMAwQCwDGUAwQBwDGgMAwDBADAMaMDBADA
MaowCwMEAMAxrQMDAcAwMA4EAgACMAgDBgYqA5uAADANBgkqhkiG9w0BAQsFAAOC
AQEANZd63+eC3fqXlyd4dUjUt4q1F6yHHrUmerF1cnPTLAn2NbMXr4k3tjrYOezz
ckfsq47CX6C0o9dKcJ//SxseEI5vXZCf8Hd+cVTnGVEAa/svkwQk7czIr1hzXr/e
UtNhAqpLZ6bo871s1YwQu0HqUzmagtBWAGoE+SOQX8vj6tk4fa2ioVHD/NwT9YMe
+Vj+//tMN4LUIsprAu+8a/58nJ/ZQkqeX6QnMO0RJzS81WJpT8AzraO8m1GQPQPO
8GZU9Z7yVGHfKNS/xwfdBzRknjEvmDzVNhTev621LPvUmYm7rXMgPLaL+yXvHVSC
wr9bPyoySEHb/HADNmkM8ggbRg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:27:39 2025 by rpki-client