Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/WToItz8al9Sw1IRtEOUm1ku1TzY.roa
File: WToItz8al9Sw1IRtEOUm1ku1TzY.roa (raw, json)
Hash identifier: cD3Nf3okXGtPiYuFOkPnzfMJHgIYmW52aVmaOwxOEN0=
Subject key identifier: 59:3A:08:B7:3F:1A:97:D4:B0:D4:84:6D:10:E5:26:D6:4B:B5:4F:36
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F84DF2563B1E9ECC1133C6D806DF4
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/WToItz8al9Sw1IRtEOUm1ku1TzY.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44391
IP address blocks: 81.19.128.0/23 maxlen: 23
81.19.130.0/24 maxlen: 24
81.19.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:84:df:25:63:b1:e9:ec:c1:13:3c:6d:80:6d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=593a08b73f1a97d4b0d4846d10e526d64bb54f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:43:7d:1b:13:31:08:d1:61:60:e1:5b:83:7d:
07:19:af:1c:bd:81:58:32:81:62:9b:9b:0e:76:f4:
d1:c2:ac:1d:d9:06:4e:ef:47:bc:d4:4e:6e:b2:29:
31:8e:d7:fc:53:a6:ac:c5:82:83:4c:56:09:03:6c:
07:63:7c:29:77:3b:15:91:fc:3c:6e:22:aa:b8:5f:
4b:ab:3c:54:c7:45:a0:db:36:e1:df:c4:d3:c6:c1:
05:a6:60:8a:f8:04:5b:fa:07:cc:6b:bd:3b:2e:07:
e7:9f:b1:cf:2e:3e:a1:7a:ab:23:52:d1:2b:4d:f5:
da:07:a4:3d:b6:67:43:48:da:ad:55:a9:d9:6c:a7:
45:6c:2d:2a:66:90:4b:87:20:69:10:89:81:bb:77:
10:79:d2:f3:d8:38:e3:17:d8:01:43:0b:3e:68:42:
e7:f5:25:d0:ce:5a:ad:d2:ac:07:ba:da:a7:89:3b:
d7:22:33:f6:b8:cb:07:e2:7e:21:0a:91:5d:5f:05:
83:13:c6:1f:11:aa:19:c9:e3:75:cc:e8:7c:d9:86:
bf:a9:15:56:d3:48:18:6c:73:19:ae:73:6d:db:fb:
3f:48:03:a5:17:fc:f8:51:84:67:3a:f1:18:61:86:
60:a8:e5:f4:39:8e:08:dd:21:b0:55:0b:b5:3a:14:
b6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3A:08:B7:3F:1A:97:D4:B0:D4:84:6D:10:E5:26:D6:4B:B5:4F:36
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/WToItz8al9Sw1IRtEOUm1ku1TzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.128.0-81.19.130.255
81.19.142.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:32:06:a0:83:44:6b:88:5d:e2:0c:d6:a7:27:09:a9:04:66:
57:b3:48:e9:c2:6c:ea:f3:d0:51:e9:7a:60:b6:9d:d8:1d:cd:
46:fb:b7:e6:23:e3:bd:35:0e:73:2e:6c:36:20:b4:d2:3c:68:
22:5b:63:fc:ed:94:26:09:d5:95:56:b8:cd:f5:4d:a2:49:41:
9e:b7:e9:05:1e:c9:c4:ea:f2:4a:7f:95:b3:3b:c9:09:cb:be:
59:67:e5:b2:53:49:a6:66:47:74:5e:ef:54:18:d2:88:7b:4a:
e8:34:77:45:cf:2b:df:f3:ac:e6:5a:59:54:2f:89:97:3e:0a:
71:75:7b:51:70:c8:22:c2:6f:e9:56:b3:30:6f:ec:a0:da:ac:
8c:44:de:1b:36:cb:be:1e:66:e3:ca:c1:dc:00:56:d2:40:32:
00:fa:18:6b:d9:83:55:3e:3d:f2:c2:e3:85:0c:e4:84:d6:53:
86:60:64:62:f7:7d:36:37:74:65:8e:91:be:d2:5d:b4:bc:8e:
e2:8f:3d:0e:6a:2b:c9:05:27:09:d3:08:cd:98:b5:a2:f1:3a:
2f:e4:c9:e2:0d:e1:af:8d:45:76:3b:1c:2c:e1:e7:9d:3d:1f:
a2:b1:39:cb:6e:e5:c5:0d:5e:5b:4e:75:3e:b0:a8:d5:00:b0:
df:52:aa:bb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiH4TfJWOx6ezBEzxtgG30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNhMDhiNzNmMWE5N2Q0YjBkNDg0NmQxMGU1MjZkNjRiYjU0ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0N9GxMxCNFhYOFbg30HGa8cvYFY
MoFim5sOdvTRwqwd2QZO70e81E5usikxjtf8U6asxYKDTFYJA2wHY3wpdzsVkfw8
biKquF9LqzxUx0Wg2zbh38TTxsEFpmCK+ARb+gfMa707Lgfnn7HPLj6heqsjUtEr
TfXaB6Q9tmdDSNqtVanZbKdFbC0qZpBLhyBpEImBu3cQedLz2DjjF9gBQws+aELn
9SXQzlqt0qwHutqniTvXIjP2uMsH4n4hCpFdXwWDE8YfEaoZyeN1zOh82Ya/qRVW
00gYbHMZrnNt2/s/SAOlF/z4UYRnOvEYYYZgqOX0OY4I3SGwVQu1OhS2HQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFk6CLc/GpfUsNSEbRDlJtZLtU82MB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvV1RvSXR6OGFsOVN3MUlSdEVPVW0xa3UxVHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAdRE4AD
BABRE4IDBAFRE44wDQYJKoZIhvcNAQELBQADggEBAL8yBqCDRGuIXeIM1qcnCakE
ZlezSOnCbOrz0FHpemC2ndgdzUb7t+Yj4701DnMubDYgtNI8aCJbY/ztlCYJ1ZVW
uM31TaJJQZ636QUeycTq8kp/lbM7yQnLvlln5bJTSaZmR3Re71QY0oh7Sug0d0XP
K9/zrOZaWVQviZc+CnF1e1FwyCLCb+lWszBv7KDarIxE3hs2y74eZuPKwdwAVtJA
MgD6GGvZg1U+PfLC44UM5ITWU4ZgZGL3fTY3dGWOkb7SXbS8juKPPQ5qK8kFJwnT
CM2YtaLxOi/kyeIN4a+NRXY7HCzh5509H6KxOctu5cUNXltOdT6wqNUAsN9Sqrs=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:14:25 2025 by rpki-client