Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/w_oxaJYBSRv6YGnAjIebPG-6n6g.roa
File: w_oxaJYBSRv6YGnAjIebPG-6n6g.roa (raw, json)
Hash identifier: sU92Ri+ayKRIGTYAdjVvh3Xj8xCFrEDz6vd3EC74pJ0=
Subject key identifier: C3:FA:31:68:96:01:49:1B:FA:60:69:C0:8C:87:9B:3C:6F:BA:9F:A8
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F80A18CC60F92A654E1DFB034B814
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/w_oxaJYBSRv6YGnAjIebPG-6n6g.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31477
IP address blocks: 82.150.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:80:a1:8c:c6:0f:92:a6:54:e1:df:b0:34:b8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3fa31689601491bfa6069c08c879b3c6fba9fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:05:8a:c4:9b:16:35:7c:0b:42:b0:0d:1c:d9:
b7:54:0d:ab:e5:6b:81:66:21:63:c9:76:9d:82:55:
49:f2:58:5d:67:dc:5e:fa:a3:54:2a:fb:7a:74:b1:
75:ad:67:9a:c9:41:c8:c8:52:4c:9a:d9:6d:c4:e7:
55:02:27:d2:55:6d:45:ba:af:7c:a5:6b:33:22:02:
85:23:74:cb:63:b7:8d:e5:30:6d:9d:41:9f:7a:20:
5b:27:59:e9:cb:c1:7b:a6:65:f2:d4:44:99:bd:2f:
12:5a:26:b1:83:c7:2d:04:53:df:7a:3d:35:2d:f7:
2c:e0:0f:72:e0:94:85:92:c2:ed:06:34:4a:6c:b6:
38:ae:fd:de:2d:64:c7:25:a3:6f:ae:4a:fd:5d:71:
c0:04:bd:e8:17:31:2b:ba:c0:d3:25:cb:a2:ae:6c:
ec:06:2b:0d:6b:a1:a5:e6:49:02:08:9e:8e:81:2a:
5b:1c:2b:e6:e7:86:83:be:dc:1f:a1:67:90:92:10:
a4:52:33:1f:1b:67:ac:d7:91:e2:73:1d:85:9a:91:
61:db:67:b5:45:eb:ae:3b:40:bb:0b:33:b8:a2:d7:
83:86:d2:5c:a3:9d:5c:1b:a9:00:91:f9:2b:aa:0d:
31:0a:54:92:37:f7:05:5a:df:c1:63:c9:22:1e:66:
16:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FA:31:68:96:01:49:1B:FA:60:69:C0:8C:87:9B:3C:6F:BA:9F:A8
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/w_oxaJYBSRv6YGnAjIebPG-6n6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.139.0/24
Signature Algorithm: sha256WithRSAEncryption
59:63:3e:1f:f8:b0:0b:8f:13:6a:ac:74:46:87:05:48:b7:d9:
98:3c:c7:88:f4:0d:4b:c8:23:7f:5b:4f:08:03:d4:b7:67:ca:
9e:8b:ac:e4:2b:4f:4c:7c:46:a9:d7:60:c9:9f:03:0a:cd:a4:
85:a8:79:22:e7:a8:df:1b:a2:05:52:9b:f5:dd:cc:69:6f:86:
60:86:b7:d5:2e:95:6a:7d:af:e6:b5:be:84:5d:9a:81:56:f7:
e6:d3:cc:c6:43:04:2b:d9:32:7c:e1:a6:79:38:08:0c:c3:02:
16:ac:13:59:d0:7e:51:38:d9:e0:ff:69:c1:62:7d:55:06:5d:
eb:0c:20:10:78:70:8f:47:98:b0:9e:71:82:bf:df:c4:25:c4:
01:07:dd:4b:34:69:a9:52:55:5e:b4:20:5a:0c:de:cc:02:95:
93:e1:42:17:9e:1e:fd:85:41:38:e3:77:aa:e1:03:54:53:b3:
cc:fe:8d:03:4b:6d:33:6b:e6:74:2f:63:a9:02:d1:eb:48:20:
19:f0:e3:8a:a3:58:44:7c:7e:64:c8:de:55:2a:46:17:71:b5:
2f:b0:2d:d5:26:06:13:d6:62:f2:e8:6c:aa:16:e1:44:4c:b9:
02:3d:1d:ab:e2:5b:1d:03:bc:54:99:bd:12:f3:99:ad:55:8f:
a2:84:56:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4ChjMYPkqZU4d+wNLgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ZhMzE2ODk2MDE0OTFiZmE2MDY5YzA4Yzg3OWIzYzZmYmE5ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywWKxJsWNXwLQrANHNm3VA2r5WuB
ZiFjyXadglVJ8lhdZ9xe+qNUKvt6dLF1rWeayUHIyFJMmtltxOdVAifSVW1Fuq98
pWszIgKFI3TLY7eN5TBtnUGfeiBbJ1npy8F7pmXy1ESZvS8SWiaxg8ctBFPfej01
Lfcs4A9y4JSFksLtBjRKbLY4rv3eLWTHJaNvrkr9XXHABL3oFzErusDTJcuirmzs
BisNa6Gl5kkCCJ6OgSpbHCvm54aDvtwfoWeQkhCkUjMfG2es15Hicx2FmpFh22e1
ReuuO0C7CzO4oteDhtJco51cG6kAkfkrqg0xClSSN/cFWt/BY8kiHmYWIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMP6MWiWAUkb+mBpwIyHmzxvup+oMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvd19veGFKWUJTUnY2WUduQWpJZWJQRy02bjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpaLMA0G
CSqGSIb3DQEBCwUAA4IBAQBZYz4f+LALjxNqrHRGhwVIt9mYPMeI9A1LyCN/W08I
A9S3Z8qei6zkK09MfEap12DJnwMKzaSFqHki56jfG6IFUpv13cxpb4ZghrfVLpVq
fa/mtb6EXZqBVvfm08zGQwQr2TJ84aZ5OAgMwwIWrBNZ0H5RONng/2nBYn1VBl3r
DCAQeHCPR5iwnnGCv9/EJcQBB91LNGmpUlVetCBaDN7MApWT4UIXnh79hUE443eq
4QNUU7PM/o0DS20za+Z0L2OpAtHrSCAZ8OOKo1hEfH5kyN5VKkYXcbUvsC3VJgYT
1mLy6GyqFuFETLkCPR2r4lsdA7xUmb0S85mtVY+ihFZ2
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:00:44 2025 by rpki-client