Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/WD7cwf6HLxZKq0IMG8YbMTooJt0.roa
File: WD7cwf6HLxZKq0IMG8YbMTooJt0.roa (raw, json)
Hash identifier: JexN5Bcs7RxXPWQCAkKPWPwbZPwuEud7FpPGiuV9xSU=
Subject key identifier: 58:3E:DC:C1:FE:87:2F:16:4A:AB:42:0C:1B:C6:1B:31:3A:28:26:DD
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 01941FFA4682C415AC841349AB7D0E0B8B37
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/WD7cwf6HLxZKq0IMG8YbMTooJt0.roa
Signing time: Wed 01 Jan 2025 03:48:03 +0000
ROA not before: Wed 01 Jan 2025 03:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200478
IP address blocks: 93.114.168.0/24 maxlen: 24
141.226.124.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.224.0/23 maxlen: 24
141.226.224.0/24 maxlen: 24
141.226.225.0/24 maxlen: 24
141.226.226.0/24 maxlen: 24
141.226.227.0/24 maxlen: 24
141.226.228.0/24 maxlen: 24
141.226.229.0/24 maxlen: 24
141.226.230.0/24 maxlen: 24
141.226.231.0/24 maxlen: 24
185.106.32.0/22 maxlen: 24
185.106.32.0/24 maxlen: 24
185.106.33.0/24 maxlen: 24
185.106.34.0/24 maxlen: 24
185.106.35.0/24 maxlen: 24
2a06:3b80:30::/48 maxlen: 48
2a06:3b80:110::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:46:82:c4:15:ac:84:13:49:ab:7d:0e:0b:8b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Jan 1 03:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=583edcc1fe872f164aab420c1bc61b313a2826dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8a:e6:cd:86:63:4b:c9:26:a4:b3:ef:35:47:
0d:e4:44:42:96:6e:a7:b0:2e:4d:8c:fc:63:fc:a0:
4a:73:c2:38:ef:58:c1:a2:94:a3:fd:1c:67:d6:07:
93:87:30:0f:9f:04:d4:4c:46:84:c6:dc:42:f3:0a:
64:07:95:98:87:b9:bc:af:d6:be:a5:5c:b0:50:ad:
dd:9f:50:ea:8f:27:b3:2d:e4:22:68:ff:02:cf:5c:
57:df:29:20:fa:54:32:2c:e9:f4:38:97:d6:f7:a9:
0e:43:70:74:8d:01:10:5b:af:b1:5e:08:ff:d8:ab:
f1:d1:ef:2c:d8:06:f5:a3:8e:0f:d4:8e:09:31:31:
69:f2:36:45:c7:34:7f:e8:8b:7a:9b:f9:58:b1:e2:
1c:4c:d2:f5:5d:a4:bd:39:62:20:ca:44:fb:f4:fb:
e4:5f:94:6b:01:93:41:b4:3d:b8:20:c0:ef:e0:a1:
31:36:66:68:73:d6:91:bd:80:c7:20:39:95:0c:a8:
b8:0d:0a:7a:ce:9a:ab:a1:93:df:99:b7:ae:65:57:
c5:02:8b:f4:72:1c:25:a8:a7:3f:05:8c:88:54:ff:
06:5b:9e:24:0b:23:8a:c7:a7:80:00:46:21:ce:3a:
41:e8:3a:9f:64:30:21:04:64:f2:e3:fd:5b:d5:63:
3b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3E:DC:C1:FE:87:2F:16:4A:AB:42:0C:1B:C6:1B:31:3A:28:26:DD
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/WD7cwf6HLxZKq0IMG8YbMTooJt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.168.0/24
141.226.124.0/24
141.226.127.0/24
141.226.224.0/21
185.106.32.0/22
IPv6:
2a06:3b80:30::/48
2a06:3b80:110::/48
Signature Algorithm: sha256WithRSAEncryption
52:41:c0:f3:7d:48:b0:d6:e8:77:52:27:42:4f:11:3b:6a:e8:
1b:1e:0b:6c:1a:02:1a:f9:c7:29:9a:54:46:f4:0a:3f:15:06:
de:38:a4:49:43:89:e0:d9:ce:65:fc:9a:b7:a1:83:39:0e:53:
06:4c:c8:45:8a:8d:2a:95:9c:5a:9d:97:e7:20:12:81:94:e5:
c8:fe:42:da:0e:a9:08:86:eb:0c:66:3c:4e:74:ab:82:b4:16:
97:96:a2:26:82:06:27:69:dd:b4:c6:a5:4c:b0:ae:5d:61:e4:
e9:77:91:25:d6:b4:c7:12:ba:30:98:de:03:fe:23:b2:96:80:
9c:aa:3d:69:77:79:83:a0:55:5f:d2:fc:3a:73:cb:c1:fc:e0:
5d:99:fd:b8:eb:ce:ec:4c:fd:b0:a6:97:67:8a:12:1a:b0:83:
aa:5e:6f:a2:43:ef:ab:6e:66:6b:05:2a:cb:9f:19:5a:8d:00:
97:0a:25:39:c8:78:16:a4:73:13:2c:9b:fc:72:e3:86:d6:b0:
8f:57:c1:89:50:f3:59:fb:7e:49:da:3a:29:fa:04:b2:5a:cd:
ba:b4:07:4f:55:c2:ac:55:7f:91:99:29:a6:dc:eb:ac:96:d5:
06:6a:b1:5c:fe:34:e2:f2:09:44:23:8b:a2:34:7e:f7:43:ed:
69:34:01:bd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQf+kaCxBWshBNJq30OC4s3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjc0Y2Q4NDY0OTMxMzhmNTIyYzU3YzAwNjViNWM2MDUx
MmRkMDkwHhcNMjUwMTAxMDM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODNlZGNjMWZlODcyZjE2NGFhYjQyMGMxYmM2MWIzMTNhMjgyNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ormzYZjS8kmpLPvNUcN5ERClm6n
sC5NjPxj/KBKc8I471jBopSj/Rxn1geThzAPnwTUTEaExtxC8wpkB5WYh7m8r9a+
pVywUK3dn1DqjyezLeQiaP8Cz1xX3ykg+lQyLOn0OJfW96kOQ3B0jQEQW6+xXgj/
2Kvx0e8s2Ab1o44P1I4JMTFp8jZFxzR/6It6m/lYseIcTNL1XaS9OWIgykT79Pvk
X5RrAZNBtD24IMDv4KExNmZoc9aRvYDHIDmVDKi4DQp6zpqroZPfmbeuZVfFAov0
chwlqKc/BYyIVP8GW54kCyOKx6eAAEYhzjpB6DqfZDAhBGTy4/1b1WM7nQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFg+3MH+hy8WSqtCDBvGGzE6KCbdMB8GA1UdIwQY
MBaAFMv3TNhGSTE49SLFfABltcYFEt0JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2Yt
OTgyZDFmMjFhMzJiLzEvV0Q3Y3dmNkhMeFpLcTBJTUc4WWJNVG9vSnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2YtOTgyZDFmMjFhMzJi
LzEveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAXXKoAwQA
jeJ8AwQAjeJ/AwQDjeLgAwQCuWogMBgEAgACMBIDBwAqBjuAADADBwAqBjuAARAw
DQYJKoZIhvcNAQELBQADggEBAFJBwPN9SLDW6HdSJ0JPETtq6BseC2waAhr5xyma
VEb0Cj8VBt44pElDieDZzmX8mrehgzkOUwZMyEWKjSqVnFqdl+cgEoGU5cj+QtoO
qQiG6wxmPE50q4K0FpeWoiaCBidp3bTGpUywrl1h5Ol3kSXWtMcSujCY3gP+I7KW
gJyqPWl3eYOgVV/S/Dpzy8H84F2Z/bjrzuxM/bCml2eKEhqwg6peb6JD76tuZmsF
KsufGVqNAJcKJTnIeBakcxMsm/xy44bWsI9XwYlQ81n7fknaOin6BLJazbq0B09V
wqxVf5GZKabc66yW1QZqsVz+NOLyCUQji6I0fvdD7Wk0Ab0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:57:54 2025 by rpki-client