Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dHYWEJSWET067N4qclUpm0XFJ7o.roa
File: dHYWEJSWET067N4qclUpm0XFJ7o.roa (raw, json)
Hash identifier: S4EKIPK+IYCyvgM4xfHGDmmF/Oz7ejFlhnvB8trqAd8=
Subject key identifier: 74:76:16:10:94:96:11:3D:3A:EC:DE:2A:72:55:29:9B:45:C5:27:BA
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747C7E5DD3124F9EA83D4FCC7D805CC
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dHYWEJSWET067N4qclUpm0XFJ7o.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208753
IP address blocks: 2a05:b0c6:200a::/48 maxlen: 48
2a05:b0c6:200b::/48 maxlen: 48
2a05:b0c6:200c::/48 maxlen: 48
2a05:b0c6:200d::/48 maxlen: 48
2a05:b0c6:200e::/48 maxlen: 48
2a05:b0c6:200f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Mar 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c7:e5:dd:31:24:f9:ea:83:d4:fc:c7:d8:05:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747616109496113d3aecde2a7255299b45c527ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4d:13:c6:91:49:76:55:8d:25:ec:6b:b4:31:
91:08:0a:45:16:4a:6d:2c:06:81:c9:47:7b:8d:bf:
3b:d7:77:48:37:0e:d1:46:15:bf:d5:7d:9b:e5:a9:
bb:79:df:5e:dc:b3:64:bf:b2:97:10:44:7b:14:66:
ae:ca:78:da:df:c5:7c:26:b8:26:c0:14:28:fe:d5:
38:41:49:0e:47:f2:3f:be:a1:f7:3c:61:8d:4a:b1:
c0:40:4e:6a:6e:0f:23:55:1e:de:fc:1b:83:de:03:
ef:26:e3:60:e7:99:fb:14:42:34:06:f5:7c:53:82:
82:14:73:69:41:7a:ab:0b:15:80:69:d2:a2:b5:65:
0c:5f:bf:83:60:2f:e3:94:8c:6e:5d:7d:70:68:98:
b8:e1:34:de:5b:e2:f7:88:67:40:84:dc:2c:3a:0b:
37:e4:1c:01:84:2c:81:94:35:a5:17:ea:a3:39:e2:
6f:50:25:6a:ae:01:8e:3d:7d:03:8f:97:d1:8a:cb:
91:08:8f:75:73:09:73:31:6b:05:3f:c8:d1:af:09:
51:e5:84:ec:12:4f:cc:53:14:2c:05:bb:93:4f:eb:
53:7b:30:b2:ed:78:c0:a2:fa:00:d9:49:ee:66:8b:
c9:63:1f:06:40:ff:1a:1b:ca:80:59:69:3b:f1:31:
26:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:76:16:10:94:96:11:3D:3A:EC:DE:2A:72:55:29:9B:45:C5:27:BA
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dHYWEJSWET067N4qclUpm0XFJ7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:200a::-2a05:b0c6:200f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:d9:cd:b6:30:54:41:f4:fa:82:b8:25:ce:e2:ba:24:4b:3c:
0a:7c:49:b3:08:aa:0f:bd:62:56:81:1f:c1:6b:22:a7:c9:c1:
c7:72:7a:ca:7f:d7:b7:ff:cd:c9:85:67:27:47:6e:42:27:07:
a5:fe:a8:52:3c:06:7c:d6:db:6a:ab:14:4c:b8:a5:20:7b:0c:
50:80:c0:5a:11:03:f9:8d:95:c4:b8:69:32:87:d2:b1:2c:17:
e9:b0:36:d0:bf:0e:f2:d8:f6:70:4f:4d:01:43:15:f2:90:e8:
09:54:e7:75:cd:03:ee:64:7e:83:eb:a7:63:6b:b2:1e:2f:90:
b6:11:7c:bb:89:d1:34:97:82:ef:58:81:e7:ea:56:e4:54:58:
29:45:7b:b5:c1:d0:24:b9:2e:1c:b1:71:d1:c8:bd:04:8b:37:
79:95:ca:12:6e:1a:4c:c1:f9:78:61:1e:d0:89:14:d6:23:49:
02:d2:89:f4:34:af:ba:4e:ff:7b:f0:19:c7:63:24:9b:ab:56:
a1:22:da:92:4f:b5:88:97:4f:c8:9b:f3:1d:f4:3e:91:01:de:
c3:ea:c7:70:5c:78:f6:71:5a:ac:da:8f:e9:82:9e:80:6f:2b:
2c:3e:f8:ed:75:ab:1c:22:2a:12:f3:9a:d3:c3:1f:25:d2:d2:
ab:e5:53:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnR8fl3TEk+eqD1PzH2AXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDc2MTYxMDk0OTYxMTNkM2FlY2RlMmE3MjU1Mjk5YjQ1YzUyN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE0TxpFJdlWNJexrtDGRCApFFkpt
LAaByUd7jb8713dINw7RRhW/1X2b5am7ed9e3LNkv7KXEER7FGauynja38V8Jrgm
wBQo/tU4QUkOR/I/vqH3PGGNSrHAQE5qbg8jVR7e/BuD3gPvJuNg55n7FEI0BvV8
U4KCFHNpQXqrCxWAadKitWUMX7+DYC/jlIxuXX1waJi44TTeW+L3iGdAhNwsOgs3
5BwBhCyBlDWlF+qjOeJvUCVqrgGOPX0Dj5fRisuRCI91cwlzMWsFP8jRrwlR5YTs
Ek/MUxQsBbuTT+tTezCy7XjAovoA2UnuZovJYx8GQP8aG8qAWWk78TEm9QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHR2FhCUlhE9OuzeKnJVKZtFxSe6MB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvZEhZV0VKU1dFVDA2N040cWNsVXBtMFhGSjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqBbDG
IAoDBwQqBbDGIAAwDQYJKoZIhvcNAQELBQADggEBAELZzbYwVEH0+oK4Jc7iuiRL
PAp8SbMIqg+9YlaBH8FrIqfJwcdyesp/17f/zcmFZydHbkInB6X+qFI8BnzW22qr
FEy4pSB7DFCAwFoRA/mNlcS4aTKH0rEsF+mwNtC/DvLY9nBPTQFDFfKQ6AlU53XN
A+5kfoPrp2Nrsh4vkLYRfLuJ0TSXgu9YgefqVuRUWClFe7XB0CS5LhyxcdHIvQSL
N3mVyhJuGkzB+XhhHtCJFNYjSQLSifQ0r7pO/3vwGcdjJJurVqEi2pJPtYiXT8ib
8x30PpEB3sPqx3BcePZxWqzaj+mCnoBvKyw++O11qxwiKhLzmtPDHyXS0qvlUzI=
-----END CERTIFICATE-----
Generated at Sat Mar 15 09:05:45 2025 by rpki-client