Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/WZKLhLcb_14f65w-Gxi0P7Y4PGI.roa
File: WZKLhLcb_14f65w-Gxi0P7Y4PGI.roa (raw, json)
Hash identifier: rd8mwsH5vvMfna/I2W08kC0v/oG9b9ll9tJk/Yl4I2o=
Subject key identifier: 59:92:8B:84:B7:1B:FF:5E:1F:EB:9C:3E:1B:18:B4:3F:B6:38:3C:62
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B42DD5EB6E0382CB7E21AC1A04B8B9
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/WZKLhLcb_14f65w-Gxi0P7Y4PGI.roa
Signing time: Thu 02 Jan 2025 15:48:27 +0000
ROA not before: Thu 02 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 217.9.247.0/24 maxlen: 24
217.9.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:2d:d5:eb:6e:03:82:cb:7e:21:ac:1a:04:b8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59928b84b71bff5e1feb9c3e1b18b43fb6383c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:31:2c:0e:ec:be:ea:a9:1f:ad:6f:b1:b5:92:
7e:4d:c9:40:bb:e4:37:6d:4b:51:3a:cb:a3:bd:72:
a6:4b:17:7f:f4:fa:f6:ac:11:6f:d6:32:cf:52:78:
9a:07:ea:4b:2a:29:7c:79:05:58:4f:ca:74:cc:97:
1f:38:89:1c:51:78:49:59:41:90:00:0b:a1:bf:98:
30:40:be:f1:c6:c8:e8:2e:34:f0:e9:25:1d:c3:a8:
ca:7a:93:d5:ad:2f:e6:18:5b:6b:8f:1b:3d:be:f6:
db:aa:b4:7e:79:5d:99:d6:a8:2e:8d:81:b0:3e:2f:
63:d9:91:d1:7a:24:7e:6a:59:3b:1c:3b:75:7a:bd:
17:dd:d4:67:fc:06:e4:42:b2:e2:77:2c:5d:26:cc:
52:b7:31:9e:31:f1:ea:a1:1b:4d:80:ff:b6:e5:ac:
f6:e8:7f:29:9d:8c:cd:5b:ae:43:34:5e:6b:b3:b7:
c2:76:9b:ee:02:7d:49:cc:55:7c:20:9e:84:5b:29:
fb:00:f9:81:57:e9:f7:14:aa:e2:70:3c:35:03:22:
bb:95:c9:d4:58:06:39:80:2a:2e:3b:3f:08:af:f1:
08:95:3a:ce:ed:86:9a:2f:bd:21:3b:24:9c:72:0a:
15:20:49:84:38:9f:de:0a:ec:9d:21:b7:2b:df:0c:
fe:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:92:8B:84:B7:1B:FF:5E:1F:EB:9C:3E:1B:18:B4:3F:B6:38:3C:62
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/WZKLhLcb_14f65w-Gxi0P7Y4PGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.247.0/24
217.9.250.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:6d:b7:d0:c4:49:b0:36:f4:d9:ad:9d:3d:b8:ab:15:d0:d2:
bc:c0:9d:12:f0:36:b5:c8:03:54:d3:39:bb:80:2f:60:7a:1e:
f0:10:a3:90:73:14:bd:4a:7d:57:c3:6f:1e:ea:d4:f6:30:48:
a4:2e:3b:f7:5c:e4:9f:5b:5f:42:05:7c:0b:81:2e:a7:6a:21:
30:dc:da:b2:01:37:1a:7f:5e:09:d7:d2:a6:6d:bc:de:48:d2:
7c:0e:04:ef:37:cb:14:0e:50:d9:fa:69:f7:88:36:5a:bb:7e:
5f:1f:a2:fe:ef:7c:0e:cc:ff:7e:ed:9a:be:18:53:94:19:d4:
6b:3f:da:16:d1:5a:f8:a6:fb:de:47:ff:fd:43:7c:31:9c:2d:
76:49:c4:78:e4:fa:1a:ec:d3:68:9f:ae:57:07:73:0e:1d:69:
d7:bd:cc:90:ac:8f:62:20:5c:56:29:85:e9:87:97:82:c2:09:
41:3d:06:d6:16:17:28:36:54:f0:b8:8b:c6:f9:5e:34:cf:d7:
e2:a7:87:da:48:f0:c4:ba:d8:ec:b1:0a:bf:f1:d0:da:86:e5:
eb:6b:4a:72:c3:a1:30:ea:77:b2:ab:4a:8d:db:a4:3d:6c:c7:
f7:fa:90:dc:bf:8f:d7:64:27:e0:1e:38:86:73:88:b7:69:d0:
e7:77:4b:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntC3V624Dgst+IawaBLi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTkyOGI4NGI3MWJmZjVlMWZlYjljM2UxYjE4YjQzZmI2MzgzYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zEsDuy+6qkfrW+xtZJ+TclAu+Q3
bUtROsujvXKmSxd/9Pr2rBFv1jLPUniaB+pLKil8eQVYT8p0zJcfOIkcUXhJWUGQ
AAuhv5gwQL7xxsjoLjTw6SUdw6jKepPVrS/mGFtrjxs9vvbbqrR+eV2Z1qgujYGw
Pi9j2ZHReiR+alk7HDt1er0X3dRn/AbkQrLidyxdJsxStzGeMfHqoRtNgP+25az2
6H8pnYzNW65DNF5rs7fCdpvuAn1JzFV8IJ6EWyn7APmBV+n3FKricDw1AyK7lcnU
WAY5gCouOz8Ir/EIlTrO7YaaL70hOySccgoVIEmEOJ/eCuydIbcr3wz+/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFmSi4S3G/9eH+ucPhsYtD+2ODxiMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvV1pLTGhMY2JfMTRmNjV3LUd4aTBQN1k0UEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2Qn3AwQA
2Qn6MA0GCSqGSIb3DQEBCwUAA4IBAQBrbbfQxEmwNvTZrZ09uKsV0NK8wJ0S8Da1
yANU0zm7gC9geh7wEKOQcxS9Sn1Xw28e6tT2MEikLjv3XOSfW19CBXwLgS6naiEw
3NqyATcaf14J19KmbbzeSNJ8DgTvN8sUDlDZ+mn3iDZau35fH6L+73wOzP9+7Zq+
GFOUGdRrP9oW0Vr4pvveR//9Q3wxnC12ScR45Poa7NNon65XB3MOHWnXvcyQrI9i
IFxWKYXph5eCwglBPQbWFhcoNlTwuIvG+V40z9fip4faSPDEutjssQq/8dDahuXr
a0pyw6Ew6neyq0qN26Q9bMf3+pDcv4/XZCfgHjiGc4i3adDnd0sb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:29 2025 by rpki-client