Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WvlZiKlby6mz_WZr2UVe0cYuFc8.roa
File: WvlZiKlby6mz_WZr2UVe0cYuFc8.roa (raw, json)
Hash identifier: Y5kWltccMkWlbHWE6g816b2afq8ovZonUhJQEFz4q4A=
Subject key identifier: 5A:F9:59:88:A9:5B:CB:A9:B3:FD:66:6B:D9:45:5E:D1:C6:2E:15:CF
Certificate issuer: /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial: 019425FDD1CAE9BF651815AC1DB23D082F92
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WvlZiKlby6mz_WZr2UVe0cYuFc8.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.119.10.0/24 maxlen: 24
185.119.11.0/24 maxlen: 24
2a10:80c0::/48 maxlen: 48
2a10:80c0:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d1:ca:e9:bf:65:18:15:ac:1d:b2:3d:08:2f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5af95988a95bcba9b3fd666bd9455ed1c62e15cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8a:b0:ee:65:c9:be:fa:01:01:26:77:9d:f3:
30:8a:0b:98:72:5d:79:e9:a1:1d:8d:84:55:20:dc:
56:cc:61:30:6b:86:23:6f:59:d6:3c:de:0e:7c:45:
19:56:f1:de:5d:ac:17:51:ba:ad:e5:bd:38:32:1e:
f6:66:23:c2:14:7a:92:6b:94:77:e3:73:cf:10:3b:
36:af:0e:2d:ad:31:66:50:60:27:43:51:2a:35:05:
5f:aa:c9:86:02:9c:c4:bc:52:f7:78:49:26:86:10:
df:17:6a:e4:8b:c6:df:cb:87:d7:c3:bc:35:12:8d:
5f:fc:51:fd:28:e2:61:41:53:60:74:db:fd:30:c5:
76:2f:38:78:dc:66:47:57:ed:2a:10:80:fd:fa:c0:
14:b3:cb:1c:69:7f:84:5c:ec:4a:4e:ce:cb:93:30:
63:7f:f9:80:2d:35:55:c4:73:4a:61:e5:f6:2e:1a:
25:79:53:be:68:23:d4:2b:8d:51:15:ac:fb:e9:7e:
b4:c6:cb:0f:f8:dd:97:4c:a7:21:20:25:87:a4:d8:
3a:cd:ba:4b:d4:29:92:e0:2e:dc:41:09:17:8b:f5:
c7:ef:47:6c:78:3e:41:b4:dd:a3:c9:4a:66:e1:0b:
9c:76:92:b5:b6:41:ae:84:32:e4:a2:80:a1:51:eb:
16:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F9:59:88:A9:5B:CB:A9:B3:FD:66:6B:D9:45:5E:D1:C6:2E:15:CF
X509v3 Authority Key Identifier:
keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WvlZiKlby6mz_WZr2UVe0cYuFc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.10.0/23
IPv6:
2a10:80c0::/48
2a10:80c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
20:c6:20:7f:fa:9b:49:76:90:91:d7:f4:4a:c8:18:1b:d2:2c:
ee:9d:b4:90:4a:a7:e4:79:c6:06:c8:5e:80:8d:03:67:b6:25:
83:63:12:e8:47:1a:89:3d:be:14:70:6e:51:0a:65:35:ee:82:
54:70:0d:02:f1:af:9b:d0:44:25:a7:4a:c4:2e:0d:17:20:34:
07:69:8b:63:cc:5a:7d:a2:24:a0:85:e0:0e:ac:e9:c4:80:c7:
89:4c:1d:1d:ba:21:29:18:ff:4b:d3:07:11:e7:8e:42:47:86:
3c:88:b8:58:00:5d:77:86:b0:96:0d:8a:9d:28:7f:5f:b8:85:
14:68:63:e7:8f:d8:8b:26:9b:86:c3:54:3c:54:d1:22:d9:a4:
22:32:8e:88:c1:8b:88:e1:b8:c6:28:f4:f5:b4:bb:84:f5:cb:
8f:37:ec:5c:22:89:8d:39:f4:04:35:c4:1f:82:46:6f:08:7c:
48:cc:03:e0:08:a6:86:6e:c4:23:a6:3e:ee:c4:b9:f7:27:e8:
82:2d:f2:53:a1:b0:e1:5c:77:d0:0c:9c:03:59:5a:aa:ac:7b:
bd:09:7f:c6:3b:02:cf:22:bb:42:8f:d1:08:c2:5b:14:04:8f:
ac:0e:4f:78:c1:0e:ee:41:6c:cd:fb:2e:fb:0e:99:30:b2:12:
0a:c4:2a:0a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/dHK6b9lGBWsHbI9CC+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWY5NTk4OGE5NWJjYmE5YjNmZDY2NmJkOTQ1NWVkMWM2MmUxNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoqw7mXJvvoBASZ3nfMwiguYcl15
6aEdjYRVINxWzGEwa4Yjb1nWPN4OfEUZVvHeXawXUbqt5b04Mh72ZiPCFHqSa5R3
43PPEDs2rw4trTFmUGAnQ1EqNQVfqsmGApzEvFL3eEkmhhDfF2rki8bfy4fXw7w1
Eo1f/FH9KOJhQVNgdNv9MMV2Lzh43GZHV+0qEID9+sAUs8scaX+EXOxKTs7LkzBj
f/mALTVVxHNKYeX2LholeVO+aCPUK41RFaz76X60xssP+N2XTKchICWHpNg6zbpL
1CmS4C7cQQkXi/XH70dseD5BtN2jyUpm4QucdpK1tkGuhDLkooChUesWiQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFr5WYipW8ups/1ma9lFXtHGLhXPMB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvV3ZsWmlLbGJ5Nm16X1dacjJVVmUwY1l1RmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDctMjkzZjYxMjJhMTlk
LzEva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuXcKMBgE
AgACMBIDBwAqEIDAAAADBwAqEIDAEAAwDQYJKoZIhvcNAQELBQADggEBACDGIH/6
m0l2kJHX9ErIGBvSLO6dtJBKp+R5xgbIXoCNA2e2JYNjEuhHGok9vhRwblEKZTXu
glRwDQLxr5vQRCWnSsQuDRcgNAdpi2PMWn2iJKCF4A6s6cSAx4lMHR26ISkY/0vT
BxHnjkJHhjyIuFgAXXeGsJYNip0of1+4hRRoY+eP2Ismm4bDVDxU0SLZpCIyjojB
i4jhuMYo9PW0u4T1y4837FwiiY059AQ1xB+CRm8IfEjMA+AIpoZuxCOmPu7Eufcn
6IIt8lOhsOFcd9AMnANZWqqse70Jf8Y7As8iu0KP0QjCWxQEj6wOT3jBDu5BbM37
LvsOmTCyEgrEKgo=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:57:59 2025 by rpki-client