Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/WezcbaDCWCglJVxlkqENoVQ5GlY.roa
File: WezcbaDCWCglJVxlkqENoVQ5GlY.roa (raw, json)
Hash identifier: kXoxzzMiFtQKZOeEaMcNXCC2S+tWWgxtkN6qKdf+Gxc=
Subject key identifier: 59:EC:DC:6D:A0:C2:58:28:25:25:5C:65:92:A1:0D:A1:54:39:1A:56
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01941FFA425BEC71A09E97E29FD6B687B278
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/WezcbaDCWCglJVxlkqENoVQ5GlY.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51295
IP address blocks: 45.153.88.0/24 maxlen: 24
45.153.91.0/24 maxlen: 24
185.165.184.0/22 maxlen: 22
185.179.156.0/22 maxlen: 22
185.248.196.0/22 maxlen: 22
194.165.26.0/24 maxlen: 24
2a0a:8880::/48 maxlen: 48
2a0a:8880:1::/48 maxlen: 48
2a0a:8880:2::/48 maxlen: 48
2a0a:8880:aaaa::/48 maxlen: 48
2a0f:4440:aaaa::/48 maxlen: 48
2a0f:4440:abcd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:42:5b:ec:71:a0:9e:97:e2:9f:d6:b6:87:b2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59ecdc6da0c2582825255c6592a10da154391a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:3e:5a:ca:15:8c:f6:9f:49:e5:19:c3:cf:
0b:ea:e2:90:4b:ff:91:5c:92:43:c8:20:5b:c3:db:
43:b8:c4:a8:06:b9:03:f9:e3:f1:46:0e:ae:f8:39:
6d:c5:f1:9f:b5:61:10:85:e5:a1:13:bb:df:43:59:
a5:1b:29:fa:ae:fb:c3:4d:ab:03:bd:77:a5:c3:5d:
4a:e3:0c:bb:5c:20:af:41:8c:f9:f8:39:fb:08:f1:
e5:17:40:ea:1d:bb:27:36:ea:1d:fc:23:e5:e8:af:
05:78:8f:a0:5a:82:22:b5:15:57:5b:e4:49:08:4e:
b5:2e:05:fb:72:c1:14:b0:14:ad:93:26:8c:46:73:
7a:27:54:d0:67:00:4d:68:24:25:bb:c3:14:2f:e0:
e8:7f:17:2e:ef:fc:c0:84:87:45:dc:77:0a:e8:cd:
7d:1b:e6:bf:db:7a:93:3e:3f:2e:06:70:93:35:1f:
35:f7:8c:fb:ed:e7:e1:27:68:28:06:4f:7e:b9:8f:
1b:9f:94:46:e6:1f:63:12:e0:b5:ab:07:f9:52:d0:
f7:75:3d:b3:57:20:c8:e8:13:70:03:bd:ba:7d:a0:
b2:c0:41:b6:06:10:0b:26:0a:e1:5e:7f:53:6c:c9:
1c:dc:24:e3:5e:9a:1c:a1:b8:eb:3f:37:6e:be:96:
e7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EC:DC:6D:A0:C2:58:28:25:25:5C:65:92:A1:0D:A1:54:39:1A:56
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/WezcbaDCWCglJVxlkqENoVQ5GlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.88.0/24
45.153.91.0/24
185.165.184.0/22
185.179.156.0/22
185.248.196.0/22
194.165.26.0/24
IPv6:
2a0a:8880::-2a0a:8880:2:ffff:ffff:ffff:ffff:ffff
2a0a:8880:aaaa::/48
2a0f:4440:aaaa::/48
2a0f:4440:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
50:54:c8:56:0f:a7:33:09:b6:ab:e1:3d:e4:f4:40:6a:5c:61:
f9:75:af:c1:eb:e2:db:df:97:8d:ad:a9:52:ea:59:1a:f6:74:
21:17:e3:52:41:8b:af:be:41:61:4b:f6:e1:ba:61:7d:42:fd:
cf:47:89:f1:ff:cf:b2:e0:35:51:a7:a6:4c:d6:d6:42:3f:6f:
58:ab:26:68:c6:e7:d1:23:70:21:8c:07:c6:ab:d2:c3:46:ff:
44:ce:27:80:e8:a0:7b:8f:3b:02:22:4f:85:08:91:a9:e1:0f:
fc:e7:35:05:cc:eb:79:ca:39:78:10:dd:cb:e5:db:81:8d:45:
51:8c:d5:44:5d:51:d9:78:6b:48:76:30:64:4f:37:56:8f:d6:
63:e9:8c:35:6c:f4:cd:a3:6e:96:3b:0d:31:2b:13:02:fb:50:
a4:d5:8e:1b:93:29:5f:81:51:39:77:f5:db:82:3c:83:ab:ad:
b1:ce:78:c3:9e:db:86:57:c1:b4:3a:c1:d5:8b:5a:b5:f5:01:
c4:3b:19:59:9b:a7:d4:9d:67:8c:25:da:9e:a3:a2:07:7e:cd:
06:69:6b:9a:8f:da:47:b8:7d:81:68:c6:8b:4b:b6:f9:4f:b3:
36:71:51:38:18:12:c2:3f:32:0d:77:2e:c6:7e:1d:16:12:67:
4a:9a:3e:0e
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQf+kJb7HGgnpfin9a2h7J4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWVjZGM2ZGEwYzI1ODI4MjUyNTVjNjU5MmExMGRhMTU0MzkxYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQQ+WsoVjPafSeUZw88L6uKQS/+R
XJJDyCBbw9tDuMSoBrkD+ePxRg6u+DltxfGftWEQheWhE7vfQ1mlGyn6rvvDTasD
vXelw11K4wy7XCCvQYz5+Dn7CPHlF0DqHbsnNuod/CPl6K8FeI+gWoIitRVXW+RJ
CE61LgX7csEUsBStkyaMRnN6J1TQZwBNaCQlu8MUL+Dofxcu7/zAhIdF3HcK6M19
G+a/23qTPj8uBnCTNR8194z77efhJ2goBk9+uY8bn5RG5h9jEuC1qwf5UtD3dT2z
VyDI6BNwA726faCywEG2BhALJgrhXn9TbMkc3CTjXpocobjrPzduvpbnIQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFFns3G2gwlgoJSVcZZKhDaFUORpWMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvV2V6Y2JhRENXQ2dsSlZ4bGtxRU5vVlE1R2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTAqBAIAATAkAwQALZlYAwQA
LZlbAwQCuaW4AwQCubOcAwQCufjEAwQAwqUaMDMEAgACMC0wEAMFByoKiIADBwAq
CoiAAAIDBwAqCoiAqqoDBwAqD0RAqqoDBwAqD0RAq80wDQYJKoZIhvcNAQELBQAD
ggEBAFBUyFYPpzMJtqvhPeT0QGpcYfl1r8Hr4tvfl42tqVLqWRr2dCEX41JBi6++
QWFL9uG6YX1C/c9HifH/z7LgNVGnpkzW1kI/b1irJmjG59EjcCGMB8ar0sNG/0TO
J4DooHuPOwIiT4UIkanhD/znNQXM63nKOXgQ3cvl24GNRVGM1URdUdl4a0h2MGRP
N1aP1mPpjDVs9M2jbpY7DTErEwL7UKTVjhuTKV+BUTl39duCPIOrrbHOeMOe24ZX
wbQ6wdWLWrX1AcQ7GVmbp9SdZ4wl2p6jogd+zQZpa5qP2ke4fYFoxotLtvlPszZx
UTgYEsI/Mg13LsZ+HRYSZ0qaPg4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:51:10 2025 by rpki-client