Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/wAiYG69Hz1DYtkZJtFhqB5euCvs.roa
File: wAiYG69Hz1DYtkZJtFhqB5euCvs.roa (raw, json)
Hash identifier: 0rW78YPWF8/Ix9D/G22sK2jrzqc2KZ+zGeQnY4xrMiI=
Subject key identifier: C0:08:98:1B:AF:47:CF:50:D8:B6:46:49:B4:58:6A:07:97:AE:0A:FB
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B61B47409A512E85FFE9FC6FD5E683
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/wAiYG69Hz1DYtkZJtFhqB5euCvs.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204831
IP address blocks: 147.234.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1b:47:40:9a:51:2e:85:ff:e9:fc:6f:d5:e6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c008981baf47cf50d8b64649b4586a0797ae0afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:b6:b4:34:b3:8d:02:4e:36:1d:5e:8e:d2:
44:49:45:5d:7c:0d:8f:6c:21:59:7e:be:3a:57:47:
78:b3:9b:7a:09:66:2d:e6:4e:e8:5a:22:67:9a:eb:
73:11:9d:86:5b:b5:0a:3e:01:65:8e:0b:96:d9:d4:
e6:a9:7f:99:bd:41:5d:07:40:04:d2:43:ad:94:6e:
b1:4c:04:fc:57:f8:1f:46:a9:5a:f5:f1:eb:08:89:
ae:ba:51:de:43:c2:f6:15:8b:e5:2b:36:8a:ba:85:
40:14:b4:55:fe:d2:41:50:cf:6b:7e:d2:bc:52:75:
9f:b0:ac:f6:05:75:a1:de:f4:f2:b6:60:06:41:7f:
11:ec:3c:d0:52:20:88:2a:b3:16:58:4b:67:f1:17:
08:88:4c:6d:58:a9:ad:bd:b2:13:d4:8f:7b:e8:58:
ae:64:d2:65:00:4a:f1:df:98:b5:a1:6f:e1:98:a3:
44:e2:6a:a3:26:73:21:3b:d9:fb:19:bb:1f:dd:d7:
6c:2c:2a:2c:6c:59:4a:a0:2a:9c:e1:50:98:d5:c5:
bc:b2:ec:60:6c:b9:c6:3e:a8:62:17:b4:7b:fb:b0:
7c:2e:07:f8:74:69:fd:63:37:65:fd:bd:0e:dd:f2:
3b:7a:18:64:a2:4b:aa:f2:41:81:e6:4e:39:f6:aa:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:08:98:1B:AF:47:CF:50:D8:B6:46:49:B4:58:6A:07:97:AE:0A:FB
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/wAiYG69Hz1DYtkZJtFhqB5euCvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f4:2a:f1:d6:98:04:77:a7:e2:57:79:9d:58:64:55:5c:49:
2d:b2:a6:21:b6:6b:3e:6e:76:27:46:1d:7d:de:94:31:b2:37:
cb:31:ae:77:c5:fa:dd:2a:db:89:4c:e4:12:42:d3:95:9e:ca:
a4:c0:82:00:75:16:e6:48:8e:99:fb:73:5c:f6:b6:50:bd:46:
d6:8a:9f:a1:89:16:20:a1:a6:57:82:98:f7:b3:0a:c5:58:d0:
bf:3a:0e:8b:e8:a4:d3:c4:3b:6f:ba:9e:6c:34:2a:0d:dd:16:
57:45:2b:94:55:68:c8:8c:06:1c:c4:64:e0:57:59:97:d9:44:
c6:d8:8d:92:1e:25:0d:e8:c0:0f:94:1f:30:86:6f:07:cc:53:
b7:c4:6b:e1:46:c2:80:62:d7:ee:ab:73:04:1d:c9:86:4f:79:
3e:1b:0b:3a:76:b9:66:16:1c:a3:9a:33:71:fb:0d:00:2e:c8:
c4:9d:2b:ca:e3:ae:51:2b:c3:b6:8f:75:21:42:bd:a4:b7:d5:
43:c6:b6:65:b5:fc:24:3e:af:6e:24:17:a8:90:57:00:8a:a3:
d5:c2:9f:92:ee:8c:43:ea:df:4e:1c:29:c8:d1:39:69:02:2f:
17:35:83:a1:f9:ef:a8:1d:01:30:03:9a:41:4d:3f:b6:bc:57:
4e:ed:63:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthtHQJpRLoX/6fxv1eaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA4OTgxYmFmNDdjZjUwZDhiNjQ2NDliNDU4NmEwNzk3YWUwYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9C2tDSzjQJONh1ejtJESUVdfA2P
bCFZfr46V0d4s5t6CWYt5k7oWiJnmutzEZ2GW7UKPgFljguW2dTmqX+ZvUFdB0AE
0kOtlG6xTAT8V/gfRqla9fHrCImuulHeQ8L2FYvlKzaKuoVAFLRV/tJBUM9rftK8
UnWfsKz2BXWh3vTytmAGQX8R7DzQUiCIKrMWWEtn8RcIiExtWKmtvbIT1I976Fiu
ZNJlAErx35i1oW/hmKNE4mqjJnMhO9n7Gbsf3ddsLCosbFlKoCqc4VCY1cW8suxg
bLnGPqhiF7R7+7B8Lgf4dGn9Yzdl/b0O3fI7ehhkokuq8kGB5k459qrGewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAImBuvR89Q2LZGSbRYageXrgr7MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvd0FpWUc2OUh6MURZdGtaSnRGaHFCNWV1Q3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oZMA0G
CSqGSIb3DQEBCwUAA4IBAQAM9Crx1pgEd6fiV3mdWGRVXEktsqYhtms+bnYnRh19
3pQxsjfLMa53xfrdKtuJTOQSQtOVnsqkwIIAdRbmSI6Z+3Nc9rZQvUbWip+hiRYg
oaZXgpj3swrFWNC/Og6L6KTTxDtvup5sNCoN3RZXRSuUVWjIjAYcxGTgV1mX2UTG
2I2SHiUN6MAPlB8whm8HzFO3xGvhRsKAYtfuq3MEHcmGT3k+Gws6drlmFhyjmjNx
+w0ALsjEnSvK465RK8O2j3UhQr2kt9VDxrZltfwkPq9uJBeokFcAiqPVwp+S7oxD
6t9OHCnI0TlpAi8XNYOh+e+oHQEwA5pBTT+2vFdO7WMu
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:14:19 2025 by rpki-client