Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WeH1uxp75rjp5W_GQe18JodpK4o.roa
File: WeH1uxp75rjp5W_GQe18JodpK4o.roa (raw, json)
Hash identifier: xjiTwzkOeZheUihJ91WYcjALmLBafImc62K2WwGV4f4=
Subject key identifier: 59:E1:F5:BB:1A:7B:E6:B8:E9:E5:6F:C6:41:ED:7C:26:87:69:2B:8A
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 01963935D10B8AC847B859EE83E91C6151EC
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WeH1uxp75rjp5W_GQe18JodpK4o.roa
Signing time: Tue 15 Apr 2025 11:29:10 +0000
ROA not before: Tue 15 Apr 2025 11:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 91.207.60.0/24 maxlen: 24
91.217.91.0/24 maxlen: 24
91.226.212.0/24 maxlen: 24
176.103.48.0/20 maxlen: 20
176.103.62.0/23 maxlen: 23
193.169.86.0/23 maxlen: 23
2001:678:334::/48 maxlen: 48
2a13:f580:1::/48 maxlen: 48
2a13:f580:2::/48 maxlen: 48
2a13:f580:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:35:d1:0b:8a:c8:47:b8:59:ee:83:e9:1c:61:51:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 15 11:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59e1f5bb1a7be6b8e9e56fc641ed7c2687692b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:81:d4:77:95:15:ca:9f:e1:84:c7:50:9c:bd:
97:14:12:46:25:b8:59:e9:58:5a:5f:49:f1:4c:f7:
de:47:ad:c3:a6:d7:42:df:33:aa:f4:75:36:6d:f7:
40:49:f0:e8:1c:09:56:ef:84:39:2f:5a:4e:a7:b9:
c5:3b:c9:12:6f:df:3c:e5:64:35:1e:57:18:48:db:
b4:62:49:76:66:70:02:39:33:6d:55:04:76:c8:0b:
68:74:55:b2:3c:c5:ba:7e:61:85:71:77:3d:b9:a3:
f2:d8:97:e3:fd:47:94:38:e4:fe:74:fb:6a:de:ad:
5c:5b:54:62:6e:4e:a7:3c:42:2d:78:78:9f:32:95:
8f:99:5e:c4:73:c2:3f:3c:67:63:d1:94:8d:dd:f9:
f3:cb:0d:2a:06:69:35:b1:97:9b:2e:eb:b2:d5:b5:
f0:08:12:b4:1e:fe:fd:1a:47:95:03:01:39:a6:d9:
58:0d:a7:5b:c0:c9:2f:3b:36:c5:59:e6:42:59:c9:
21:63:76:fa:df:ef:ff:2d:9d:24:d4:07:c1:80:ca:
94:67:24:52:30:e3:32:9a:e0:6b:49:41:27:30:04:
8d:f6:01:ab:ca:95:9d:12:6a:b1:bb:a0:b2:d1:33:
c8:c4:02:d2:15:73:23:b3:f3:12:f2:a8:3b:cf:0f:
35:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E1:F5:BB:1A:7B:E6:B8:E9:E5:6F:C6:41:ED:7C:26:87:69:2B:8A
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WeH1uxp75rjp5W_GQe18JodpK4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/24
91.217.91.0/24
91.226.212.0/24
176.103.48.0/20
193.169.86.0/23
IPv6:
2001:678:334::/48
2a13:f580:1::-2a13:f580:2:ffff:ffff:ffff:ffff:ffff
2a13:f580:4::/48
Signature Algorithm: sha256WithRSAEncryption
68:8b:fc:3c:48:b3:7c:1c:37:f3:bd:fb:b6:7e:b1:35:25:dd:
ca:02:d5:11:be:b0:ac:f2:52:05:d0:f1:aa:c8:a1:2e:7a:44:
22:fa:83:03:e9:2f:e0:43:8c:27:5e:a7:f1:1d:06:99:d6:aa:
77:ec:98:7e:e8:91:e3:c6:ea:19:f2:bb:44:3c:42:70:ad:f9:
a3:2c:93:78:9d:e5:a7:b0:5a:62:75:08:0c:c7:8a:c4:d8:df:
e0:a3:45:41:14:2b:e3:4d:fe:00:e6:c4:1e:fb:ff:27:af:ca:
26:b5:d4:da:67:55:c3:b9:cb:e2:b9:57:bd:60:a2:5e:6e:96:
36:2e:7a:73:3e:c5:fc:dc:31:3a:a1:4a:bd:cc:26:0a:49:84:
a7:93:47:fc:0a:47:dd:be:21:60:a8:9d:38:f5:bc:a8:fd:a3:
3a:4a:27:ea:36:05:57:20:d4:13:6c:87:fc:c7:7d:72:89:cc:
a9:c7:99:04:a3:73:71:da:5a:28:ab:50:23:e8:41:43:fe:59:
6e:2a:cc:ce:0a:17:83:b2:27:28:bb:3b:de:72:45:5d:fb:9f:
71:5c:71:b3:fa:51:0a:c7:ed:e8:61:37:43:c0:8d:b8:b2:85:
35:69:0e:d4:ff:c2:bc:53:31:91:1f:68:7d:61:a1:8e:aa:6e:
57:72:62:1f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZY5NdELishHuFnug+kcYVHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjUwNDE1MTEyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWUxZjViYjFhN2JlNmI4ZTllNTZmYzY0MWVkN2MyNjg3NjkyYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oHUd5UVyp/hhMdQnL2XFBJGJbhZ
6VhaX0nxTPfeR63DptdC3zOq9HU2bfdASfDoHAlW74Q5L1pOp7nFO8kSb9885WQ1
HlcYSNu0Ykl2ZnACOTNtVQR2yAtodFWyPMW6fmGFcXc9uaPy2Jfj/UeUOOT+dPtq
3q1cW1Ribk6nPEIteHifMpWPmV7Ec8I/PGdj0ZSN3fnzyw0qBmk1sZebLuuy1bXw
CBK0Hv79GkeVAwE5ptlYDadbwMkvOzbFWeZCWckhY3b63+//LZ0k1AfBgMqUZyRS
MOMymuBrSUEnMASN9gGrypWdEmqxu6Cy0TPIxALSFXMjs/MS8qg7zw81JQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFnh9bsae+a46eVvxkHtfCaHaSuKMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvV2VIMXV4cDc1cmpwNVdfR1FlMThKb2RwSzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAkBAIAATAeAwQAW888AwQA
W9lbAwQAW+LUAwQEsGcwAwQBwalWMCwEAgACMCYDBwAgAQZ4AzQwEgMHACoT9YAA
AQMHACoT9YAAAgMHACoT9YAABDANBgkqhkiG9w0BAQsFAAOCAQEAaIv8PEizfBw3
8737tn6xNSXdygLVEb6wrPJSBdDxqsihLnpEIvqDA+kv4EOMJ16n8R0Gmdaqd+yY
fuiR48bqGfK7RDxCcK35oyyTeJ3lp7BaYnUIDMeKxNjf4KNFQRQr403+AObEHvv/
J6/KJrXU2mdVw7nL4rlXvWCiXm6WNi56cz7F/NwxOqFKvcwmCkmEp5NH/ApH3b4h
YKidOPW8qP2jOkon6jYFVyDUE2yH/Md9conMqceZBKNzcdpaKKtQI+hBQ/5ZbirM
zgoXg7InKLs73nJFXfufcVxxs/pRCsft6GE3Q8CNuLKFNWkO1P/CvFMxkR9ofWGh
jqpuV3JiHw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:41:14 2025 by rpki-client