Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Wa5j5jUmUSd1vG30ktnaqL3uHDI.roa
File: Wa5j5jUmUSd1vG30ktnaqL3uHDI.roa (raw, json)
Hash identifier: MKz77Ewok0vz5vQRzaJNzC9kTJYYYuPm776x717x2z4=
Subject key identifier: 59:AE:63:E6:35:26:51:27:75:BC:6D:F4:92:D9:DA:A8:BD:EE:1C:32
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C2529FCED45AB4EF1970767B9D8DD
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Wa5j5jUmUSd1vG30ktnaqL3uHDI.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207369
IP address blocks: 45.140.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 19:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:25:29:fc:ed:45:ab:4e:f1:97:07:67:b9:d8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59ae63e63526512775bc6df492d9daa8bdee1c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:7a:cc:7e:63:20:5c:3c:d9:09:90:a8:0f:
01:d8:77:bc:21:4e:17:20:e7:60:74:26:20:9a:a6:
fe:82:5b:f7:8b:9c:a7:fc:41:ee:27:9d:7d:15:b6:
6d:93:02:24:29:21:13:77:2b:32:32:8b:08:4d:07:
c5:f4:be:f4:fc:a3:7b:74:ad:6e:51:1d:a9:ba:e5:
7a:55:4e:ee:1f:29:1c:07:31:6c:1b:92:de:f5:ac:
82:b5:87:21:46:a0:4a:a9:cb:f1:f4:8a:c8:25:33:
14:30:2e:e4:80:94:df:0a:3c:c0:a7:86:d3:59:a6:
ce:cd:de:ac:40:4d:a2:f7:b5:9d:b2:24:a7:96:7f:
a9:80:ed:6c:46:6b:bd:37:c1:33:3a:18:56:08:ae:
a4:ae:0c:01:66:0d:60:e3:22:25:de:37:03:83:dd:
28:4a:8f:8a:c9:ad:1f:d8:01:e9:c9:58:54:64:c9:
9b:b3:8f:76:a2:79:7c:47:60:99:10:a8:62:bc:1f:
e3:a4:1f:c6:7e:45:c9:ec:a3:e2:96:18:17:10:6f:
5a:29:6e:6e:03:cf:ef:30:a8:43:bc:8b:66:3a:8d:
8c:35:2b:3c:9b:07:8c:49:de:8f:f2:9c:64:32:07:
24:3e:e6:1e:20:bc:05:fe:74:eb:a8:c8:48:bc:1e:
dc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AE:63:E6:35:26:51:27:75:BC:6D:F4:92:D9:DA:A8:BD:EE:1C:32
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Wa5j5jUmUSd1vG30ktnaqL3uHDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.26.0/23
Signature Algorithm: sha256WithRSAEncryption
87:61:da:76:fb:4a:c6:02:b1:65:9c:8e:5f:36:5c:42:f5:3d:
c0:2e:57:43:5c:a2:cc:1b:2b:f2:ac:91:ee:e0:6e:90:26:83:
22:48:56:33:fa:62:5b:de:e8:b5:d8:d7:10:b5:1e:c4:aa:d5:
28:fb:df:10:0d:44:03:cb:e2:c2:ce:21:17:50:42:d4:c0:62:
55:0e:bb:72:60:ba:e2:ca:46:ec:f8:83:79:5e:10:e2:ef:58:
39:b0:c9:95:05:26:9c:66:93:4d:e8:cb:fb:6c:b1:43:d1:9e:
7e:d8:70:f1:fa:80:cf:b4:1e:3b:80:51:f0:02:11:ff:9d:87:
ae:a0:16:cc:0e:8b:b1:14:c2:84:e1:b9:bc:80:e9:14:f4:28:
b7:d4:02:da:9c:27:2e:10:c8:f1:46:24:74:0b:c2:9a:6e:52:
a0:54:f4:be:23:9b:c7:7b:61:ee:80:7a:64:e7:6f:f2:8d:15:
e2:fd:60:85:ab:4b:fe:7a:5f:ca:88:b4:ec:7d:c8:d2:bb:c0:
c3:8a:5f:9c:ce:53:f2:17:88:ce:df:f3:33:c5:c1:35:33:1b:
5d:ba:62:01:4b:9a:4a:a7:e8:64:19:32:c6:ea:2e:69:01:5e:
90:04:ab:b7:4e:1b:72:5e:00:95:29:3a:76:e8:f0:ee:79:5a:
55:a0:af:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCUp/O1Fq07xlwdnudjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFlNjNlNjM1MjY1MTI3NzViYzZkZjQ5MmQ5ZGFhOGJkZWUxYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeR6zH5jIFw82QmQqA8B2He8IU4X
IOdgdCYgmqb+glv3i5yn/EHuJ519FbZtkwIkKSETdysyMosITQfF9L70/KN7dK1u
UR2puuV6VU7uHykcBzFsG5Le9ayCtYchRqBKqcvx9IrIJTMUMC7kgJTfCjzAp4bT
WabOzd6sQE2i97WdsiSnln+pgO1sRmu9N8EzOhhWCK6krgwBZg1g4yIl3jcDg90o
So+Kya0f2AHpyVhUZMmbs492onl8R2CZEKhivB/jpB/GfkXJ7KPilhgXEG9aKW5u
A8/vMKhDvItmOo2MNSs8mweMSd6P8pxkMgckPuYeILwF/nTrqMhIvB7csQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmuY+Y1JlEndbxt9JLZ2qi97hwyMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvV2E1ajVqVW1VU2QxdkczMGt0bmFxTDN1SERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYwaMA0G
CSqGSIb3DQEBCwUAA4IBAQCHYdp2+0rGArFlnI5fNlxC9T3ALldDXKLMGyvyrJHu
4G6QJoMiSFYz+mJb3ui12NcQtR7EqtUo+98QDUQDy+LCziEXUELUwGJVDrtyYLri
ykbs+IN5XhDi71g5sMmVBSacZpNN6Mv7bLFD0Z5+2HDx+oDPtB47gFHwAhH/nYeu
oBbMDouxFMKE4bm8gOkU9Ci31ALanCcuEMjxRiR0C8KablKgVPS+I5vHe2HugHpk
52/yjRXi/WCFq0v+el/KiLTsfcjSu8DDil+czlPyF4jO3/MzxcE1MxtdumIBS5pK
p+hkGTLG6i5pAV6QBKu3ThtyXgCVKTp26PDueVpVoK8Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 02:23:15 2025 by rpki-client