Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/wEHyXMYvuIC-qmVrbjicZQKsZ2I.roa
File: wEHyXMYvuIC-qmVrbjicZQKsZ2I.roa (raw, json)
Hash identifier: amx36+55qLX6fzalSFu5jMxR/WTqJpTbag5RROciO1M=
Subject key identifier: C0:41:F2:5C:C6:2F:B8:80:BE:AA:65:6B:6E:38:9C:65:02:AC:67:62
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 0195B79D8A132ABAAD9BBBDB65BDF4FC727A
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/wEHyXMYvuIC-qmVrbjicZQKsZ2I.roa
Signing time: Fri 21 Mar 2025 07:31:49 +0000
ROA not before: Fri 21 Mar 2025 07:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210104
IP address blocks: 37.130.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:9d:8a:13:2a:ba:ad:9b:bb:db:65:bd:f4:fc:72:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Mar 21 07:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c041f25cc62fb880beaa656b6e389c6502ac6762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:76:4d:c6:eb:ce:4a:54:29:f8:48:2a:58:
67:e2:f0:b6:1b:83:d9:c7:a3:d8:ca:da:ff:6f:82:
ce:54:74:1a:7d:35:9d:b0:66:08:c2:3e:52:5d:5c:
56:eb:c8:ce:1d:16:6b:74:56:c1:99:45:fd:fe:45:
1c:cc:02:d7:27:bb:43:ea:8e:be:5f:6c:e5:03:63:
53:f5:32:da:31:45:35:f4:12:9d:43:54:7d:fa:70:
bb:97:d0:56:cf:d1:87:2c:61:fe:ff:c4:4d:8e:09:
22:af:6e:04:22:e5:ba:ad:05:2a:dc:10:1c:95:99:
7f:71:38:bb:f2:79:13:24:f5:89:02:2e:99:c8:0f:
3c:a3:c5:98:58:e9:81:20:e1:5d:e9:74:b1:b1:f5:
9b:a9:22:63:36:4d:2d:81:78:84:0c:7b:7f:eb:93:
d4:94:f8:94:34:30:9c:17:6e:eb:28:2a:e4:4b:94:
fb:86:48:6d:d1:b5:7b:af:32:1e:d9:f6:50:ad:f4:
ec:3f:28:5b:fb:13:3c:13:54:c0:92:90:e7:13:d4:
49:6b:ed:c1:8d:c6:8c:7a:cf:cd:b5:a4:a7:27:36:
0a:39:02:6d:3d:b7:d0:5d:d3:e7:29:e7:70:53:54:
6e:09:5b:89:1a:c4:85:61:4b:f6:56:c6:df:3b:7e:
2c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:41:F2:5C:C6:2F:B8:80:BE:AA:65:6B:6E:38:9C:65:02:AC:67:62
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/wEHyXMYvuIC-qmVrbjicZQKsZ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:c1:0b:8a:30:95:66:52:0a:b7:59:0f:fc:3e:f2:f9:9f:7b:
31:59:1c:5e:72:50:db:3a:15:eb:ad:fb:9f:c8:05:58:7d:a6:
03:25:2b:32:38:e7:1a:6b:7a:ae:c7:56:a5:b2:72:05:fb:85:
c2:f5:ca:4d:b4:2e:a8:dd:10:4b:4f:5d:92:fd:06:de:31:84:
e6:5c:27:f3:f0:c8:92:06:3d:26:c0:0c:44:e7:1c:a0:82:8f:
2c:e1:22:a4:a7:4d:d9:e7:c0:5a:c2:a3:dd:5d:5d:93:e5:4c:
7f:cf:2e:df:cf:27:92:c2:3a:62:4e:a6:31:57:fa:3f:68:ae:
6c:3e:60:c0:8a:31:00:30:38:7a:cb:6b:26:a5:9b:d8:90:8e:
8c:74:76:32:c2:c0:fa:3a:b9:bb:bd:57:b4:21:ef:b2:62:45:
3d:31:6c:24:0f:1b:b8:90:13:c7:23:fc:fe:66:3e:c9:78:4e:
47:2e:72:b9:89:19:e1:f1:06:db:09:74:f1:e3:e2:7a:f7:20:
a8:d2:04:fa:91:af:f3:a4:6a:ab:50:08:a5:43:b3:f5:67:ed:
24:01:f7:70:72:3f:68:e3:80:1c:db:86:91:29:11:64:08:94:
c5:c3:98:ed:94:d9:11:3c:4c:de:29:07:0b:6a:36:4f:30:06:
c4:01:da:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW3nYoTKrqtm7vbZb30/HJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUwMzIxMDczMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQxZjI1Y2M2MmZiODgwYmVhYTY1NmI2ZTM4OWM2NTAyYWM2NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMl2TcbrzkpUKfhIKlhn4vC2G4PZ
x6PYytr/b4LOVHQafTWdsGYIwj5SXVxW68jOHRZrdFbBmUX9/kUczALXJ7tD6o6+
X2zlA2NT9TLaMUU19BKdQ1R9+nC7l9BWz9GHLGH+/8RNjgkir24EIuW6rQUq3BAc
lZl/cTi78nkTJPWJAi6ZyA88o8WYWOmBIOFd6XSxsfWbqSJjNk0tgXiEDHt/65PU
lPiUNDCcF27rKCrkS5T7hkht0bV7rzIe2fZQrfTsPyhb+xM8E1TAkpDnE9RJa+3B
jcaMes/NtaSnJzYKOQJtPbfQXdPnKedwU1RuCVuJGsSFYUv2VsbfO34s+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBB8lzGL7iAvqpla244nGUCrGdiMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvd0VIeVhNWXZ1SUMtcW1WcmJqaWNaUUtzWjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYIOMA0G
CSqGSIb3DQEBCwUAA4IBAQAOwQuKMJVmUgq3WQ/8PvL5n3sxWRxeclDbOhXrrfuf
yAVYfaYDJSsyOOcaa3qux1alsnIF+4XC9cpNtC6o3RBLT12S/QbeMYTmXCfz8MiS
Bj0mwAxE5xyggo8s4SKkp03Z58BawqPdXV2T5Ux/zy7fzyeSwjpiTqYxV/o/aK5s
PmDAijEAMDh6y2smpZvYkI6MdHYywsD6Orm7vVe0Ie+yYkU9MWwkDxu4kBPHI/z+
Zj7JeE5HLnK5iRnh8QbbCXTx4+J69yCo0gT6ka/zpGqrUAilQ7P1Z+0kAfdwcj9o
44Ac24aRKRFkCJTFw5jtlNkRPEzeKQcLajZPMAbEAdpl
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:11:26 2025 by rpki-client