Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/W0RL3-3bhOeniIj5p0qySfhYOR8.roa
File: W0RL3-3bhOeniIj5p0qySfhYOR8.roa (raw, json)
Hash identifier: OTfjb27wcix+//CnFh7Ku1fY+7YDPctm8NDBO3dLcC8=
Subject key identifier: 5B:44:4B:DF:ED:DB:84:E7:A7:88:88:F9:A7:4A:B2:49:F8:58:39:1F
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01950740815181597D7EBF9B134FAA547FCC
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/W0RL3-3bhOeniIj5p0qySfhYOR8.roa
Signing time: Sat 15 Feb 2025 01:37:02 +0000
ROA not before: Sat 15 Feb 2025 01:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 91.147.116.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:07:40:81:51:81:59:7d:7e:bf:9b:13:4f:aa:54:7f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Feb 15 01:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b444bdfeddb84e7a78888f9a74ab249f858391f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:18:ca:39:4c:65:3a:3d:e3:3b:8f:39:db:
99:41:83:03:c5:e9:cb:ac:74:f3:ec:af:c6:ce:e8:
71:69:b0:56:db:3a:7d:71:4b:85:96:92:79:2c:ce:
59:3b:2a:85:d8:da:1e:c0:b7:87:fb:28:5f:ae:55:
3b:a0:ed:f8:61:ca:18:21:44:82:f6:71:21:26:1b:
a7:7b:6b:5c:9d:eb:69:59:6d:1c:c4:63:36:8e:83:
c8:a3:f9:ff:05:97:e1:1c:8c:85:2d:7d:f7:36:b4:
22:99:0c:46:ed:26:3b:7d:dd:80:fe:52:90:cb:65:
08:cd:7a:88:f7:09:46:41:3f:9b:a8:77:5d:d1:6c:
a7:f4:7a:96:48:76:7e:83:d1:85:57:78:0f:73:83:
3e:1d:42:e3:fb:1d:c4:86:1a:7f:50:0f:d7:73:49:
83:db:44:0e:a0:58:13:2d:88:a1:f4:7a:f4:86:77:
64:53:52:91:d3:42:95:71:b2:a6:67:69:98:a1:6b:
99:a2:4a:e8:ed:e7:0a:15:18:4c:ba:ff:a9:67:2a:
71:db:d0:83:84:ca:19:1f:ff:77:63:b1:c3:b2:8b:
6f:15:98:74:0e:73:58:57:83:2c:fc:1f:49:39:a5:
27:b2:be:8c:3c:f3:0a:a7:93:e1:1a:80:fb:57:95:
dd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:44:4B:DF:ED:DB:84:E7:A7:88:88:F9:A7:4A:B2:49:F8:58:39:1F
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/W0RL3-3bhOeniIj5p0qySfhYOR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/22
91.147.122.0/23
91.147.126.0/23
212.116.244.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:76:a1:46:c8:48:52:be:52:cf:bc:78:f1:c2:b6:2a:71:bd:
5d:58:a7:66:1d:06:ab:33:b1:a1:12:0e:a6:68:05:6c:c3:9d:
93:3f:25:74:1f:37:12:00:c7:3b:2c:e8:26:a6:0b:88:cf:4d:
f6:91:bd:40:7a:2f:7c:7a:99:94:fe:e4:2a:22:7f:9a:97:ed:
ad:15:b5:60:39:ad:fd:46:1c:60:3a:c1:1d:05:43:76:8d:d9:
ce:ae:66:7d:5e:2e:e3:34:df:68:33:63:7a:a2:98:11:10:a7:
3a:ec:9f:01:f4:71:18:f6:b9:e6:3b:52:b8:06:87:94:94:9c:
1c:d0:0c:bc:2d:c8:b9:2b:a0:6b:2b:45:ca:a8:32:22:13:32:
36:b6:7b:a9:a5:3b:e9:53:5c:b7:64:95:df:88:5a:20:91:44:
2c:34:3b:5c:aa:20:89:cf:60:5e:07:bc:d7:ed:e0:f8:81:ec:
32:a9:db:1b:fb:af:3b:c5:43:df:71:b4:0f:99:d3:6c:69:fe:
2b:42:2d:20:12:51:9c:d8:5f:23:47:79:56:ce:2a:12:6e:2f:
7f:e8:9e:f8:9c:9f:a8:08:4c:e6:20:f1:09:23:5f:23:08:19:
48:84:56:5d:26:6c:19:64:b5:01:08:2c:55:71:a4:17:8f:14:
0b:5a:0e:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUHQIFRgVl9fr+bE0+qVH/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMjE1MDEzNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ0NGJkZmVkZGI4NGU3YTc4ODg4ZjlhNzRhYjI0OWY4NTgzOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVMYyjlMZTo94zuPOduZQYMDxenL
rHTz7K/GzuhxabBW2zp9cUuFlpJ5LM5ZOyqF2NoewLeH+yhfrlU7oO34YcoYIUSC
9nEhJhune2tcnetpWW0cxGM2joPIo/n/BZfhHIyFLX33NrQimQxG7SY7fd2A/lKQ
y2UIzXqI9wlGQT+bqHdd0Wyn9HqWSHZ+g9GFV3gPc4M+HULj+x3Ehhp/UA/Xc0mD
20QOoFgTLYih9Hr0hndkU1KR00KVcbKmZ2mYoWuZokro7ecKFRhMuv+pZypx29CD
hMoZH/93Y7HDsotvFZh0DnNYV4Ms/B9JOaUnsr6MPPMKp5PhGoD7V5XdBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFtES9/t24Tnp4iI+adKskn4WDkfMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvVzBSTDMtM2JoT2VuaUlqNXAwcXlTZmhZT1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW5N0AwQB
W5N6AwQBW5N+AwQA1HT0MA0GCSqGSIb3DQEBCwUAA4IBAQBqdqFGyEhSvlLPvHjx
wrYqcb1dWKdmHQarM7GhEg6maAVsw52TPyV0HzcSAMc7LOgmpguIz032kb1Aei98
epmU/uQqIn+al+2tFbVgOa39RhxgOsEdBUN2jdnOrmZ9Xi7jNN9oM2N6opgREKc6
7J8B9HEY9rnmO1K4BoeUlJwc0Ay8Lci5K6BrK0XKqDIiEzI2tnuppTvpU1y3ZJXf
iFogkUQsNDtcqiCJz2BeB7zX7eD4gewyqdsb+687xUPfcbQPmdNsaf4rQi0gElGc
2F8jR3lWzioSbi9/6J74nJ+oCEzmIPEJI18jCBlIhFZdJmwZZLUBCCxVcaQXjxQL
Wg6a
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:13 2025 by rpki-client