Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/w1Jkwc30Zm1-u5PRd54_RLWNBBE.roa
File: w1Jkwc30Zm1-u5PRd54_RLWNBBE.roa (raw, json)
Hash identifier: b//DfWhivHZOy3olewCUbwfnWte1KqYiB/RE4sezwI0=
Subject key identifier: C3:52:64:C1:CD:F4:66:6D:7E:BB:93:D1:77:9E:3F:44:B5:8D:04:11
Certificate issuer: /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial: 019421B1EDA873261E9B106C5614482A79BE
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/w1Jkwc30Zm1-u5PRd54_RLWNBBE.roa
Signing time: Wed 01 Jan 2025 11:48:16 +0000
ROA not before: Wed 01 Jan 2025 11:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29551
IP address blocks: 46.253.112.0/20 maxlen: 20
80.66.204.0/22 maxlen: 22
82.149.224.0/19 maxlen: 19
82.149.232.0/24 maxlen: 24
82.149.233.0/24 maxlen: 24
82.149.234.0/24 maxlen: 24
82.149.235.0/24 maxlen: 24
83.141.0.0/18 maxlen: 18
83.141.10.0/24 maxlen: 24
83.141.15.0/24 maxlen: 24
83.141.16.0/24 maxlen: 24
83.141.26.0/24 maxlen: 24
83.141.27.0/24 maxlen: 24
83.141.28.0/24 maxlen: 24
83.141.29.0/24 maxlen: 24
83.141.57.0/24 maxlen: 24
83.141.60.0/22 maxlen: 22
83.141.60.0/24 maxlen: 24
83.141.62.0/24 maxlen: 24
83.141.63.0/24 maxlen: 24
109.71.24.0/21 maxlen: 21
109.71.31.0/24 maxlen: 24
178.19.64.0/20 maxlen: 20
195.225.196.0/22 maxlen: 22
2a01:440::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ed:a8:73:26:1e:9b:10:6c:56:14:48:2a:79:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Validity
Not Before: Jan 1 11:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c35264c1cdf4666d7ebb93d1779e3f44b58d0411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a7:2a:81:c8:f7:2b:5c:a2:3b:d4:66:09:f4:
7c:3e:61:63:4b:c8:ab:91:c1:b0:06:82:cd:5c:b1:
16:7b:86:b9:cf:e3:4d:31:e1:8d:d7:11:86:e7:d2:
a1:17:6d:19:42:4e:2e:ff:db:8b:c6:78:8c:c7:15:
bf:19:65:b0:ec:6f:73:ff:b2:05:26:b7:94:e3:ca:
2b:b9:73:53:77:12:63:e7:94:62:2d:33:09:28:82:
87:63:c8:98:f1:0e:8b:c7:bd:b6:05:45:1c:fa:8d:
15:02:c9:3f:fd:9d:0e:aa:7c:f1:26:15:1a:54:de:
a0:cb:6f:01:07:a8:0b:02:06:af:d0:2b:c8:14:06:
43:17:8f:bf:01:d2:74:85:b5:e9:70:84:fa:39:59:
4a:5a:39:3d:12:eb:c3:6b:98:d9:2f:98:c0:18:f3:
f9:5a:93:6d:3f:75:10:e6:cb:a7:02:59:70:5e:63:
c7:32:82:32:18:96:71:06:4d:72:9c:e4:c3:e1:2b:
3a:17:95:cb:7a:b5:e6:51:a2:ae:5e:50:63:3f:39:
2d:d3:e4:a6:9d:7e:95:1b:1d:5f:19:5a:f0:32:29:
f7:f8:5c:11:1d:09:0b:89:7a:d2:1f:0e:c4:43:0f:
f4:05:0b:ec:bc:55:61:27:6b:50:04:a7:38:ec:05:
28:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:52:64:C1:CD:F4:66:6D:7E:BB:93:D1:77:9E:3F:44:B5:8D:04:11
X509v3 Authority Key Identifier:
keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/w1Jkwc30Zm1-u5PRd54_RLWNBBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.112.0/20
80.66.204.0/22
82.149.224.0/19
83.141.0.0/18
109.71.24.0/21
178.19.64.0/20
195.225.196.0/22
IPv6:
2a01:440::/29
Signature Algorithm: sha256WithRSAEncryption
16:38:9a:1b:be:b3:cf:66:9e:2c:bd:47:ba:ec:55:d5:97:79:
45:a9:50:62:13:e6:ec:a0:82:23:6e:82:35:18:6f:6e:3d:cf:
fc:e5:5c:66:40:65:25:20:0b:04:57:ed:b2:39:20:7d:63:02:
87:53:e6:96:d4:c9:37:e9:13:33:e6:ee:47:61:d8:27:49:0c:
56:0f:13:39:96:59:9e:4a:48:94:09:49:bd:5d:e6:ae:52:b8:
5d:32:99:a4:df:08:e8:4e:40:6d:71:d9:61:d6:97:c0:41:6c:
05:78:1a:4c:27:fb:bd:d4:23:96:24:f8:17:9b:18:13:0e:8a:
6f:52:1c:64:9b:af:f5:c3:3a:5f:e1:9d:ea:d0:15:5f:a8:e1:
2b:7e:dd:ac:2e:7a:3b:50:1b:fc:51:19:12:26:14:e6:e5:2f:
64:42:a3:ce:47:1f:19:6c:f8:fc:ff:65:e2:01:71:87:a0:25:
1e:9f:e6:86:1b:48:4c:c1:5d:f4:01:ed:a5:b3:4e:fb:8a:62:
e9:d0:54:b6:1c:71:a0:b0:dd:ab:57:06:80:d2:37:56:37:14:
13:2a:53:92:a3:51:ec:11:4a:e0:95:ec:5f:9d:9e:97:51:6a:
aa:a3:a2:3b:4b:2f:62:8a:46:15:59:09:96:2a:24:21:fc:2f:
8c:01:c8:a3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQhse2ocyYemxBsVhRIKnm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhODJkYmM3ZDdlMjgxOGY5NjY4MGI2NmVmY2VkYjEw
ODc5NDcwHhcNMjUwMTAxMTE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUyNjRjMWNkZjQ2NjZkN2ViYjkzZDE3NzllM2Y0NGI1OGQwNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6cqgcj3K1yiO9RmCfR8PmFjS8ir
kcGwBoLNXLEWe4a5z+NNMeGN1xGG59KhF20ZQk4u/9uLxniMxxW/GWWw7G9z/7IF
JreU48oruXNTdxJj55RiLTMJKIKHY8iY8Q6Lx722BUUc+o0VAsk//Z0OqnzxJhUa
VN6gy28BB6gLAgav0CvIFAZDF4+/AdJ0hbXpcIT6OVlKWjk9EuvDa5jZL5jAGPP5
WpNtP3UQ5sunAllwXmPHMoIyGJZxBk1ynOTD4Ss6F5XLerXmUaKuXlBjPzkt0+Sm
nX6VGx1fGVrwMin3+FwRHQkLiXrSHw7EQw/0BQvsvFVhJ2tQBKc47AUojQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMNSZMHN9GZtfruT0XeeP0S1jQQRMB8GA1UdIwQY
MBaAFO1tqC28fX4oGPlmgLZu/O2xCHlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAt
NTk5NTc3ODdiMDE1LzEvdzFKa3djMzBabTEtdTVQUmQ1NF9STFdOQkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAtNTk5NTc3ODdiMDE1
LzEvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELv1wAwQC
UELMAwQFUpXgAwQGU40AAwQDbUcYAwQEshNAAwQCw+HEMA0EAgACMAcDBQMqAQRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWOJobvrPPZp4svUe67FXVl3lFqVBiE+bsoIIj
boI1GG9uPc/85VxmQGUlIAsEV+2yOSB9YwKHU+aW1Mk36RMz5u5HYdgnSQxWDxM5
llmeSkiUCUm9XeauUrhdMpmk3wjoTkBtcdlh1pfAQWwFeBpMJ/u91COWJPgXmxgT
DopvUhxkm6/1wzpf4Z3q0BVfqOErft2sLno7UBv8URkSJhTm5S9kQqPORx8ZbPj8
/2XiAXGHoCUen+aGG0hMwV30Ae2ls077imLp0FS2HHGgsN2rVwaA0jdWNxQTKlOS
o1HsEUrglexfnZ6XUWqqo6I7Sy9iikYVWQmWKiQh/C+MAcij
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:53:46 2025 by rpki-client