Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/woal0JSD05J3-HE_srcu4HZklsQ.roa
File: woal0JSD05J3-HE_srcu4HZklsQ.roa (raw, json)
Hash identifier: K5meebvZSg84nTxN3gUNn0hvuS4tbvBQ0f3EUj0mZV8=
Subject key identifier: C2:86:A5:D0:94:83:D3:92:77:F8:71:3F:B2:B7:2E:E0:76:64:96:C4
Certificate issuer: /CN=03e85fa4be66942e5909fd3a1fd4a0c26e36a0d2
Certificate serial: 01941FFA5218A39E4E1892A667F0455A73AD
Authority key identifier: 03:E8:5F:A4:BE:66:94:2E:59:09:FD:3A:1F:D4:A0:C2:6E:36:A0:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/woal0JSD05J3-HE_srcu4HZklsQ.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39543
IP address blocks: 194.150.84.0/22 maxlen: 22
194.150.84.0/23 maxlen: 23
194.150.84.0/24 maxlen: 24
194.150.85.0/24 maxlen: 24
194.150.86.0/23 maxlen: 23
194.150.86.0/24 maxlen: 24
194.150.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 18:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:52:18:a3:9e:4e:18:92:a6:67:f0:45:5a:73:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03e85fa4be66942e5909fd3a1fd4a0c26e36a0d2
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c286a5d09483d39277f8713fb2b72ee0766496c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:b2:8c:34:3e:e6:b4:52:e3:0d:66:7b:7f:
53:19:56:2a:fe:27:e3:7a:6d:a2:cb:f9:88:64:d1:
2a:09:c9:a4:6c:64:8f:b9:bf:ab:17:f1:8f:06:53:
bb:a0:41:de:c7:91:17:3b:ac:cb:c2:77:6e:30:1c:
00:25:4c:13:6e:a1:6d:40:2a:90:ba:c3:27:60:aa:
6c:a6:6d:be:20:38:1e:1f:29:54:63:63:4f:55:e9:
47:f4:e5:02:09:e9:97:62:2c:0f:39:06:8b:1e:a5:
f7:c9:b4:6b:5f:e6:37:1d:74:fd:70:90:f1:31:7c:
75:ee:88:bd:47:10:74:2c:49:a3:0e:89:8a:97:7a:
1a:9e:5b:f5:a2:70:5d:bd:2f:7d:5a:a2:6c:2a:68:
a1:3b:c3:9b:86:fe:57:21:75:06:fd:38:33:e7:85:
ed:80:3c:3e:1b:61:f4:4f:4d:ea:49:1d:2e:5e:c9:
62:59:1d:cd:f9:ad:dc:b8:07:c4:90:87:6c:37:90:
38:dd:3c:10:7c:95:9d:10:2f:35:bc:d1:86:d8:fc:
f3:60:c9:70:58:43:b4:78:80:34:6e:0d:d9:3b:49:
62:e5:02:fa:9c:b9:aa:68:0a:0c:a9:0b:30:c6:11:
83:6b:2f:8e:e1:9e:57:dd:34:17:96:1e:32:7c:d0:
c4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:86:A5:D0:94:83:D3:92:77:F8:71:3F:B2:B7:2E:E0:76:64:96:C4
X509v3 Authority Key Identifier:
keyid:03:E8:5F:A4:BE:66:94:2E:59:09:FD:3A:1F:D4:A0:C2:6E:36:A0:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/woal0JSD05J3-HE_srcu4HZklsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.84.0/22
Signature Algorithm: sha256WithRSAEncryption
69:ff:02:c6:3f:7d:bb:80:af:f2:e2:ca:86:d3:f6:e8:6e:7c:
57:5e:9a:bb:8d:d1:b0:01:0f:5f:e1:9d:93:bd:60:e4:8c:be:
e2:e4:1b:63:8c:50:a1:2e:41:7a:ae:76:78:b5:2f:9c:04:37:
2c:c1:20:65:5b:64:72:3b:9d:cf:6b:f9:94:48:79:70:0a:3c:
4b:e2:34:7c:65:c0:d6:fe:b4:73:28:56:bc:e7:42:ea:9c:92:
73:39:85:49:20:5c:4e:60:5d:5d:0f:68:2b:a4:e0:4c:42:d4:
f5:ed:a0:55:8e:33:ea:56:33:3f:95:fc:e4:70:2f:a7:9b:a9:
02:e9:a6:1f:d9:ac:4a:07:cb:52:2b:9e:d8:02:fa:8e:46:0a:
3b:41:f7:c0:0d:ed:6d:51:ab:af:74:72:33:89:78:fd:b5:63:
7d:23:33:17:97:2f:04:69:55:6b:24:99:d1:ed:5b:80:8d:32:
3e:f8:46:97:23:b8:6b:b2:da:7d:c9:51:d9:eb:00:e8:3a:9f:
de:eb:12:cc:0b:d0:ac:15:31:e5:73:96:f8:22:1c:4f:3c:41:
b0:e7:27:87:50:d8:9e:c8:77:06:fd:9c:43:14:e8:1f:69:79:
5c:61:8f:04:bb:28:04:43:74:5c:b5:54:95:b9:67:c8:21:a1:
ec:47:1e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lIYo55OGJKmZ/BFWnOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZTg1ZmE0YmU2Njk0MmU1OTA5ZmQzYTFmZDRhMGMyNmUz
NmEwZDIwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjg2YTVkMDk0ODNkMzkyNzdmODcxM2ZiMmI3MmVlMDc2NjQ5NmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCyjDQ+5rRS4w1me39TGVYq/ifj
em2iy/mIZNEqCcmkbGSPub+rF/GPBlO7oEHex5EXO6zLwnduMBwAJUwTbqFtQCqQ
usMnYKpspm2+IDgeHylUY2NPVelH9OUCCemXYiwPOQaLHqX3ybRrX+Y3HXT9cJDx
MXx17oi9RxB0LEmjDomKl3oanlv1onBdvS99WqJsKmihO8Obhv5XIXUG/Tgz54Xt
gDw+G2H0T03qSR0uXsliWR3N+a3cuAfEkIdsN5A43TwQfJWdEC81vNGG2PzzYMlw
WEO0eIA0bg3ZO0li5QL6nLmqaAoMqQswxhGDay+O4Z5X3TQXlh4yfNDEKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKGpdCUg9OSd/hxP7K3LuB2ZJbEMB8GA1UdIwQY
MBaAFAPoX6S+ZpQuWQn9Oh/UoMJuNqDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1oZnBMNW1sQzVaQ2YwNkg5U2d3bTQyb05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMjczMjktM2VjZi00ODg1LWE3NzMt
NThlNWI3NmJlYmI3LzEvd29hbDBKU0QwNUozLUhFX3NyY3U0SFprbHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMjczMjktM2VjZi00ODg1LWE3NzMtNThlNWI3NmJlYmI3
LzEvQS1oZnBMNW1sQzVaQ2YwNkg5U2d3bTQyb05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpZUMA0G
CSqGSIb3DQEBCwUAA4IBAQBp/wLGP327gK/y4sqG0/bobnxXXpq7jdGwAQ9f4Z2T
vWDkjL7i5BtjjFChLkF6rnZ4tS+cBDcswSBlW2RyO53Pa/mUSHlwCjxL4jR8ZcDW
/rRzKFa850LqnJJzOYVJIFxOYF1dD2grpOBMQtT17aBVjjPqVjM/lfzkcC+nm6kC
6aYf2axKB8tSK57YAvqORgo7QffADe1tUauvdHIziXj9tWN9IzMXly8EaVVrJJnR
7VuAjTI++EaXI7hrstp9yVHZ6wDoOp/e6xLMC9CsFTHlc5b4IhxPPEGw5yeHUNie
yHcG/ZxDFOgfaXlcYY8EuygEQ3RctVSVuWfIIaHsRx4T
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:55:49 2025 by rpki-client