Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wuZCf9xMYiiuPfbzRMhY8beLsNw.roa
File: wuZCf9xMYiiuPfbzRMhY8beLsNw.roa (raw, json)
Hash identifier: ln7tscnHGeuW+aHvH7CHKGHs/cY1dWdO5Mc5cYkl8eI=
Subject key identifier: C2:E6:42:7F:DC:4C:62:28:AE:3D:F6:F3:44:C8:58:F1:B7:8B:B0:DC
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019427483B0D621D9A82151BF104315BB489
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wuZCf9xMYiiuPfbzRMhY8beLsNw.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43419
IP address blocks: 185.229.218.0/24 maxlen: 24
2a04:3a40:8000::/33 maxlen: 33
2a0a:e9c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3b:0d:62:1d:9a:82:15:1b:f1:04:31:5b:b4:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2e6427fdc4c6228ae3df6f344c858f1b78bb0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:28:79:00:cf:78:8a:c8:31:fa:19:68:c4:7f:
44:a4:7e:a6:aa:63:26:d1:4d:fe:68:56:1f:f1:9b:
64:a8:f0:eb:77:ba:fa:8f:eb:dd:2e:84:dd:30:35:
64:5c:a3:ee:83:62:48:63:18:81:12:53:2c:55:cb:
04:ef:4b:09:f1:22:e0:3b:a1:30:54:d7:ea:b8:74:
53:cd:34:5e:9d:4f:f0:d1:22:0d:08:9b:47:1a:d0:
f2:d9:6b:b3:46:e5:5c:0c:b4:7a:8f:11:00:7d:08:
54:62:46:a3:7b:45:b9:cd:ab:dc:56:86:89:a7:da:
2a:c5:f4:00:ab:fd:19:52:bc:b2:45:e4:33:6d:b8:
73:2f:7d:79:c5:34:7e:3d:75:04:90:9d:14:50:bf:
53:54:72:2d:6d:57:10:f9:05:a0:75:d9:58:83:6b:
9f:ad:2c:d9:eb:93:0e:14:ef:46:63:e2:58:2c:59:
09:d3:4d:bd:96:24:27:ef:5a:20:b7:2a:ff:58:ef:
7c:17:68:e3:34:0f:31:2a:ab:d6:48:e0:11:2c:29:
be:f3:cf:7f:21:6b:f2:7d:7e:4e:d5:f8:fa:d1:f8:
09:03:04:bf:cb:e7:6f:c2:c8:7d:40:a1:aa:ad:e5:
bf:59:ca:27:8d:ff:73:b5:47:d8:29:77:3a:0e:36:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E6:42:7F:DC:4C:62:28:AE:3D:F6:F3:44:C8:58:F1:B7:8B:B0:DC
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wuZCf9xMYiiuPfbzRMhY8beLsNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.218.0/24
IPv6:
2a04:3a40:8000::/33
2a0a:e9c4::/32
Signature Algorithm: sha256WithRSAEncryption
bf:c0:ea:37:5c:61:c3:19:33:09:63:d8:5f:7a:f1:39:d4:1b:
8b:8d:33:99:77:a5:33:25:9f:28:d5:f1:5b:69:57:aa:37:0f:
a3:b8:34:24:88:00:a0:02:59:b9:89:72:b7:5d:b3:5c:38:98:
68:1c:79:b8:60:04:91:79:fa:6d:18:c3:7a:df:d1:57:c6:ff:
ff:62:b6:aa:70:d9:8a:54:5c:b3:aa:40:b8:6e:f9:90:cf:51:
ef:cc:7a:14:24:cd:57:35:6b:aa:92:86:c7:a2:f8:ed:46:94:
4d:20:5b:7a:27:5d:28:88:da:41:bb:4e:22:b0:d9:4c:10:40:
f4:8f:7c:8a:0b:66:72:2b:81:39:86:ca:10:02:09:be:43:e4:
c2:74:54:de:74:99:7b:82:8b:fb:90:e5:d6:e8:31:b0:ce:5f:
36:44:11:cc:f3:a6:43:f1:1a:89:3f:87:7f:de:c7:f1:1a:52:
e1:e6:4e:57:a3:00:c0:82:a5:48:b9:09:70:12:d1:61:e0:73:
35:4e:42:37:03:27:76:fe:94:91:73:c4:a3:ee:5f:05:8d:7c:
18:f2:cc:2c:03:75:b9:95:df:41:33:fe:f5:44:64:ea:97:46:
22:4a:0e:2a:3b:3a:4b:51:01:03:a3:68:ac:99:70:5a:64:26:
3f:a2:05:d3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnSDsNYh2aghUb8QQxW7SJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmU2NDI3ZmRjNGM2MjI4YWUzZGY2ZjM0NGM4NThmMWI3OGJiMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yh5AM94isgx+hloxH9EpH6mqmMm
0U3+aFYf8ZtkqPDrd7r6j+vdLoTdMDVkXKPug2JIYxiBElMsVcsE70sJ8SLgO6Ew
VNfquHRTzTRenU/w0SINCJtHGtDy2WuzRuVcDLR6jxEAfQhUYkaje0W5zavcVoaJ
p9oqxfQAq/0ZUryyReQzbbhzL315xTR+PXUEkJ0UUL9TVHItbVcQ+QWgddlYg2uf
rSzZ65MOFO9GY+JYLFkJ0029liQn71ogtyr/WO98F2jjNA8xKqvWSOARLCm+889/
IWvyfX5O1fj60fgJAwS/y+dvwsh9QKGqreW/Wconjf9ztUfYKXc6DjZ8xQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMLmQn/cTGIorj3280TIWPG3i7DcMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvd3VaQ2Y5eE1ZaWl1UGZielJNaFk4YmVMc053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAueXaMBUE
AgACMA8DBgcqBDpAgAMFACoK6cQwDQYJKoZIhvcNAQELBQADggEBAL/A6jdcYcMZ
Mwlj2F968TnUG4uNM5l3pTMlnyjV8VtpV6o3D6O4NCSIAKACWbmJcrdds1w4mGgc
ebhgBJF5+m0Yw3rf0VfG//9itqpw2YpUXLOqQLhu+ZDPUe/MehQkzVc1a6qShsei
+O1GlE0gW3onXSiI2kG7TiKw2UwQQPSPfIoLZnIrgTmGyhACCb5D5MJ0VN50mXuC
i/uQ5dboMbDOXzZEEczzpkPxGok/h3/ex/EaUuHmTlejAMCCpUi5CXAS0WHgczVO
QjcDJ3b+lJFzxKPuXwWNfBjyzCwDdbmV30Ez/vVEZOqXRiJKDio7OktRAQOjaKyZ
cFpkJj+iBdM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:12:34 2025 by rpki-client