Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/CWjWI1KElycGegFoxqel6BzyPu8.roa
File: CWjWI1KElycGegFoxqel6BzyPu8.roa (raw, json)
Hash identifier: x51MkWgMWV9H4yeCpFeKV1piMOfEzcOof7b5UghQrtY=
Subject key identifier: 09:68:D6:23:52:84:97:27:06:7A:01:68:C6:A7:A5:E8:1C:F2:3E:EF
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 01941F8C62C09ACAEB14E58F87C6E227C8AD
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/CWjWI1KElycGegFoxqel6BzyPu8.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3549
IP address blocks: 2a06:6540:2041::/48 maxlen: 48
2a06:6540:3002::/48 maxlen: 48
2a06:6540:3041::/48 maxlen: 48
2a06:6540:3081::/48 maxlen: 48
2a06:6540:30c1::/48 maxlen: 48
2a06:6540:3101::/48 maxlen: 48
2a06:6541:2041::/48 maxlen: 48
2a06:6541:3002::/48 maxlen: 48
2a06:6541:3041::/48 maxlen: 48
2a06:6541:3081::/48 maxlen: 48
2a06:6541:30c1::/48 maxlen: 48
2a06:6541:3101::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:62:c0:9a:ca:eb:14:e5:8f:87:c6:e2:27:c8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0968d62352849727067a0168c6a7a5e81cf23eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9a:9b:69:09:92:9d:30:65:e3:aa:43:77:ef:
a7:67:6d:d5:11:32:fa:62:b7:53:8c:cc:3f:fa:a0:
cf:26:35:02:e3:ad:1b:1c:79:e4:d8:9d:01:47:e2:
b3:bb:6f:87:75:7c:f3:fd:b6:31:c7:2b:73:5f:e2:
10:64:c8:70:90:ea:01:0c:f6:66:d9:9c:c7:41:99:
09:6d:b5:ed:7d:82:73:c5:79:a3:60:5f:46:91:29:
8d:01:13:96:f8:0a:dc:6a:c3:48:4b:ae:fd:4f:df:
6a:81:c6:6c:c9:40:fe:ee:0b:b3:7f:45:07:dd:02:
84:ea:b6:22:48:bf:77:1c:15:99:cb:b7:60:16:39:
fe:eb:6b:c6:83:c4:36:ae:e5:fe:22:3f:dc:cc:6d:
e7:1f:1a:86:d1:46:99:37:b9:25:f2:49:ec:de:b6:
63:57:f7:c7:1f:96:43:5f:6d:6e:a2:ed:51:81:e2:
63:b6:81:eb:c3:41:4a:d5:3b:8a:7c:14:99:c5:8a:
78:53:d7:28:c6:e6:73:5c:a5:b7:f7:c1:49:57:57:
af:fb:33:98:3d:df:f9:d1:da:5a:05:79:5d:0d:21:
a5:b6:e6:28:48:d1:f1:ec:36:ee:6c:52:0e:8e:1e:
95:a8:1a:f7:49:7c:04:19:ac:89:2b:5b:81:a6:ff:
b6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:68:D6:23:52:84:97:27:06:7A:01:68:C6:A7:A5:E8:1C:F2:3E:EF
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/CWjWI1KElycGegFoxqel6BzyPu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2041::/48
2a06:6540:3002::/48
2a06:6540:3041::/48
2a06:6540:3081::/48
2a06:6540:30c1::/48
2a06:6540:3101::/48
2a06:6541:2041::/48
2a06:6541:3002::/48
2a06:6541:3041::/48
2a06:6541:3081::/48
2a06:6541:30c1::/48
2a06:6541:3101::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ad:b5:43:be:9b:e5:86:31:60:ad:42:20:dd:d5:72:a0:74:
82:97:4a:58:0e:d8:e2:01:93:11:4e:4c:cf:fa:27:73:c4:a2:
fc:b5:4f:3d:97:d7:3f:d6:76:08:f0:b0:af:15:ea:51:8b:38:
8d:f3:bf:3f:dd:75:f4:64:2c:99:49:8a:40:24:ad:b1:50:6a:
8d:cf:f7:63:2f:08:6e:67:1c:8a:91:76:31:24:c8:83:8e:56:
38:80:6c:fa:12:30:21:0e:6b:63:68:59:08:67:e6:2b:80:23:
c2:96:7a:e0:f8:d3:a6:39:62:48:8b:88:c9:91:03:42:4b:0e:
21:dd:7f:c2:6f:ae:95:f7:b1:6e:de:4c:16:59:1b:7b:50:c1:
39:0f:a8:81:c1:e7:49:6a:97:92:a8:57:4d:20:0f:f0:d7:b8:
52:81:e6:f0:d2:cf:b2:e8:74:62:16:7e:8e:1c:be:bf:44:93:
82:4e:25:6f:cc:86:e0:d4:ae:22:e8:fa:f6:12:a2:80:96:ab:
74:e6:ae:0f:8a:24:dd:0d:8e:4e:47:fe:89:c7:93:36:29:f2:
63:07:21:80:f9:6f:72:54:a2:7f:78:21:a4:b7:91:85:1c:bf:
c0:2b:5e:ab:b4:22:b6:24:bb:2b:ff:b0:5f:6c:7d:55:de:12:
60:b0:9d:55
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQfjGLAmsrrFOWPh8biJ8itMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTY4ZDYyMzUyODQ5NzI3MDY3YTAxNjhjNmE3YTVlODFjZjIzZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypqbaQmSnTBl46pDd++nZ23VETL6
YrdTjMw/+qDPJjUC460bHHnk2J0BR+Kzu2+HdXzz/bYxxytzX+IQZMhwkOoBDPZm
2ZzHQZkJbbXtfYJzxXmjYF9GkSmNAROW+ArcasNIS679T99qgcZsyUD+7guzf0UH
3QKE6rYiSL93HBWZy7dgFjn+62vGg8Q2ruX+Ij/czG3nHxqG0UaZN7kl8kns3rZj
V/fHH5ZDX21uou1RgeJjtoHrw0FK1TuKfBSZxYp4U9coxuZzXKW398FJV1ev+zOY
Pd/50dpaBXldDSGltuYoSNHx7DbubFIOjh6VqBr3SXwEGayJK1uBpv+2YwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAlo1iNShJcnBnoBaManpegc8j7vMB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvQ1dqV0kxS0VseWNHZWdGb3hxZWw2Qnp5UHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAIwbAMHACoGZUAg
QQMHACoGZUAwAgMHACoGZUAwQQMHACoGZUAwgQMHACoGZUAwwQMHACoGZUAxAQMH
ACoGZUEgQQMHACoGZUEwAgMHACoGZUEwQQMHACoGZUEwgQMHACoGZUEwwQMHACoG
ZUExATANBgkqhkiG9w0BAQsFAAOCAQEAP621Q76b5YYxYK1CIN3VcqB0gpdKWA7Y
4gGTEU5Mz/onc8Si/LVPPZfXP9Z2CPCwrxXqUYs4jfO/P9119GQsmUmKQCStsVBq
jc/3Yy8IbmccipF2MSTIg45WOIBs+hIwIQ5rY2hZCGfmK4AjwpZ64PjTpjliSIuI
yZEDQksOId1/wm+ulfexbt5MFlkbe1DBOQ+ogcHnSWqXkqhXTSAP8Ne4UoHm8NLP
suh0YhZ+jhy+v0STgk4lb8yG4NSuIuj69hKigJardOauD4ok3Q2OTkf+iceTNiny
YwchgPlvclSif3ghpLeRhRy/wCteq7QitiS7K/+wX2x9Vd4SYLCdVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:14:43 2025 by rpki-client