Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/wmfmaFsDhu27cNgPElAJRkA9d2A.roa
File: wmfmaFsDhu27cNgPElAJRkA9d2A.roa (raw, json)
Hash identifier: jsS53vdJzXk5aLl615moQFBVWf7IQgXR2RroQvAW/zQ=
Subject key identifier: C2:67:E6:68:5B:03:86:ED:BB:70:D8:0F:12:50:09:46:40:3D:77:60
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 019420D5AAAB307AF8F8201BE3122CCCFFB6
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/wmfmaFsDhu27cNgPElAJRkA9d2A.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29576
IP address blocks: 93.157.24.0/21 maxlen: 21
194.146.132.0/22 maxlen: 22
194.146.133.0/24 maxlen: 24
194.146.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:aa:ab:30:7a:f8:f8:20:1b:e3:12:2c:cc:ff:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c267e6685b0386edbb70d80f12500946403d7760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:a0:eb:06:d4:c2:3d:57:2e:9d:68:45:85:
f9:95:84:aa:48:c1:f8:3f:fa:6c:a9:71:93:52:93:
b1:e2:bb:e1:ee:73:f2:72:e4:d7:cb:d9:0a:b3:6a:
2a:fb:c9:28:26:5f:ba:60:09:ef:f7:33:09:1b:a5:
7b:34:a3:5e:7b:10:06:c2:b7:6c:b2:65:5d:ec:37:
34:e6:91:3f:3d:8a:bb:49:46:e3:b6:9b:43:73:a2:
0e:e4:fb:c2:93:49:21:59:e4:14:3a:6d:da:a3:e8:
69:7c:70:33:ab:5c:86:6a:d5:bf:25:a0:a8:3f:e3:
4c:9f:79:02:20:d2:b4:b6:0a:2d:68:cc:97:a9:56:
63:96:af:f4:26:57:d1:8b:89:b1:36:96:1e:dd:ec:
87:91:0c:e7:7f:03:7e:29:61:e9:61:5e:ac:6d:2a:
5c:fc:00:07:72:b0:21:cb:32:3a:0e:3f:05:cb:77:
0b:8a:18:3f:61:5c:8f:8b:e1:a9:66:44:ec:e6:18:
5b:cc:c0:25:c7:8e:1e:0c:00:6b:11:29:b4:d8:9f:
75:1b:f1:d7:eb:7c:23:84:94:71:64:80:8b:87:7a:
2f:39:b9:2b:85:aa:bf:be:ea:46:6d:80:b7:16:79:
ee:99:3a:ab:05:b8:ae:5e:74:c3:a4:61:56:9f:76:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:67:E6:68:5B:03:86:ED:BB:70:D8:0F:12:50:09:46:40:3D:77:60
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/wmfmaFsDhu27cNgPElAJRkA9d2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.24.0/21
194.146.132.0/22
Signature Algorithm: sha256WithRSAEncryption
30:6e:f9:69:91:2f:f7:02:04:7b:ce:58:b2:cb:0a:17:ef:e7:
d1:27:f2:a5:28:bd:72:66:8f:52:99:6b:48:c6:2f:b3:67:04:
5a:55:fd:e5:aa:d9:8f:2c:63:05:1f:a4:76:00:52:60:0b:c1:
35:5b:5a:b1:a7:28:0e:1b:16:df:b7:47:a9:b9:28:d5:54:56:
14:f3:85:f4:ed:2b:16:60:ea:30:1c:ce:4a:69:d9:fd:89:a1:
ad:88:f5:5c:34:31:34:81:0f:6f:2d:ee:3e:d2:6f:65:6d:43:
4b:e3:1b:4d:1a:69:5d:cf:d3:e3:70:f0:3c:b3:ae:55:33:13:
9e:92:10:48:fd:9f:32:9e:c2:28:70:b4:8b:5b:02:00:df:26:
c8:e1:a9:17:06:7c:b4:03:c5:4e:c9:79:8a:96:2b:e4:5e:d6:
7f:51:c7:40:12:80:35:47:a2:9a:8e:08:21:fe:43:82:96:b3:
83:0c:ab:b6:41:3e:4e:52:42:b1:67:59:f2:8a:51:64:59:94:
d2:08:a5:1d:4c:d3:c9:ef:4a:15:d3:83:b7:35:09:e2:e9:3e:
60:ef:32:05:a2:c7:40:ad:a8:d9:e8:4c:14:04:90:0d:91:ff:
af:18:eb:c1:ab:e7:96:7c:dd:b6:f6:5c:df:e6:3c:6f:1d:37:
67:47:9d:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1aqrMHr4+CAb4xIszP+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY3ZTY2ODViMDM4NmVkYmI3MGQ4MGYxMjUwMDk0NjQwM2Q3NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqSg6wbUwj1XLp1oRYX5lYSqSMH4
P/psqXGTUpOx4rvh7nPycuTXy9kKs2oq+8koJl+6YAnv9zMJG6V7NKNeexAGwrds
smVd7Dc05pE/PYq7SUbjtptDc6IO5PvCk0khWeQUOm3ao+hpfHAzq1yGatW/JaCo
P+NMn3kCINK0tgotaMyXqVZjlq/0JlfRi4mxNpYe3eyHkQznfwN+KWHpYV6sbSpc
/AAHcrAhyzI6Dj8Fy3cLihg/YVyPi+GpZkTs5hhbzMAlx44eDABrESm02J91G/HX
63wjhJRxZICLh3ovObkrhaq/vupGbYC3FnnumTqrBbiuXnTDpGFWn3Z/bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMJn5mhbA4btu3DYDxJQCUZAPXdgMB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEvd21mbWFGc0RodTI3Y05nUEVsQUpSa0E5ZDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXZ0YAwQC
wpKEMA0GCSqGSIb3DQEBCwUAA4IBAQAwbvlpkS/3AgR7zliyywoX7+fRJ/KlKL1y
Zo9SmWtIxi+zZwRaVf3lqtmPLGMFH6R2AFJgC8E1W1qxpygOGxbft0epuSjVVFYU
84X07SsWYOowHM5Kadn9iaGtiPVcNDE0gQ9vLe4+0m9lbUNL4xtNGmldz9PjcPA8
s65VMxOekhBI/Z8ynsIocLSLWwIA3ybI4akXBny0A8VOyXmKlivkXtZ/UcdAEoA1
R6Kajggh/kOClrODDKu2QT5OUkKxZ1nyilFkWZTSCKUdTNPJ70oV04O3NQni6T5g
7zIFosdArajZ6EwUBJANkf+vGOvBq+eWfN229lzf5jxvHTdnR53y
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:04:20 2025 by rpki-client