Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/wW0am_Aqxc8qtKWqJuBRkTx7-vg.roa
File: wW0am_Aqxc8qtKWqJuBRkTx7-vg.roa (raw, json)
Hash identifier: 3MA88INLD4dCx0oFXNeXIYeavG1gLlOTW77Nx0t2APU=
Subject key identifier: C1:6D:1A:9B:F0:2A:C5:CF:2A:B4:A5:AA:26:E0:51:91:3C:7B:FA:F8
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 01941F8C642C42EB1D58081B3ADB4C37469D
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/wW0am_Aqxc8qtKWqJuBRkTx7-vg.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34893
IP address blocks: 185.112.52.0/24 maxlen: 24
185.112.53.0/24 maxlen: 24
185.112.54.0/24 maxlen: 24
194.30.181.0/24 maxlen: 24
2a06:6540:1000::/48 maxlen: 48
2a06:6540:1003::/48 maxlen: 48
2a06:6541:1000::/48 maxlen: 48
2a06:6541:1002::/48 maxlen: 48
2a06:6541:1003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:64:2c:42:eb:1d:58:08:1b:3a:db:4c:37:46:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c16d1a9bf02ac5cf2ab4a5aa26e051913c7bfaf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b4:4f:d9:b5:d8:a3:0a:ff:7a:dd:18:13:50:
3c:5a:e2:50:b0:32:41:4e:9b:d2:ed:07:b3:bb:c1:
b0:59:3a:b2:26:d9:d5:95:86:5f:8d:27:71:19:63:
1d:85:a2:a6:c8:29:ff:99:b0:10:62:74:45:3d:88:
16:b7:f0:cd:a6:32:98:e9:9a:0e:86:f7:d5:46:51:
f2:be:9f:43:73:a2:c0:de:d8:b4:68:3c:50:28:db:
70:d1:e3:c2:5e:d2:29:9b:76:c8:f9:03:37:b6:97:
ec:66:bd:d2:0a:93:89:7b:fc:3a:5b:16:1a:7c:d7:
dc:a7:4e:e7:f8:d6:e5:f0:1f:fb:33:66:dd:07:59:
b7:b5:df:b3:d1:43:e0:8e:4f:78:c6:0e:48:14:82:
d4:ad:0b:07:a3:1c:34:2a:57:4a:c0:3c:d1:7e:e3:
ae:fb:53:59:00:16:c7:7e:2b:39:22:6a:4a:94:94:
ac:16:f6:22:41:15:b9:91:8a:8f:a4:0c:81:c6:98:
24:bc:5a:d2:79:b6:e6:58:31:f3:09:d1:f1:c6:b9:
32:4d:e1:c4:dc:9b:10:17:e5:f3:75:e0:3f:33:ca:
78:3e:d2:9a:d7:90:0b:88:c6:9d:56:c5:6e:8d:f2:
8a:a1:e7:6a:36:52:e3:a4:fa:7d:bc:0d:77:1b:3c:
19:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6D:1A:9B:F0:2A:C5:CF:2A:B4:A5:AA:26:E0:51:91:3C:7B:FA:F8
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/wW0am_Aqxc8qtKWqJuBRkTx7-vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.52.0-185.112.54.255
194.30.181.0/24
IPv6:
2a06:6540:1000::/48
2a06:6540:1003::/48
2a06:6541:1000::/48
2a06:6541:1002::/47
Signature Algorithm: sha256WithRSAEncryption
13:40:df:ee:3c:80:f0:dd:b0:d5:fe:04:22:89:8b:e0:76:dd:
39:d0:5b:12:f3:90:7b:6b:13:10:47:dd:a6:20:f4:ce:96:62:
26:1e:7a:eb:16:73:b4:52:b1:c7:4f:66:22:f6:6b:0b:de:d8:
e3:ae:3a:c0:29:1e:7b:db:bc:f2:bb:da:b1:6f:17:73:04:9b:
ef:f6:1d:91:f0:90:5f:76:2e:11:75:93:d4:bb:13:1f:0d:08:
c5:3b:b8:16:b8:2d:e9:07:76:20:12:52:87:c3:d6:4d:74:94:
bf:24:40:e2:b6:1f:90:e3:59:bc:6b:78:bd:3e:2c:db:a5:83:
20:16:d4:6f:d6:a7:37:ca:42:e6:07:ff:68:99:4a:22:b3:73:
ce:dd:81:b0:b7:ab:80:31:04:17:10:f5:86:45:82:73:3c:81:
14:81:bf:bc:64:b9:b8:99:7c:4d:8d:8e:f5:a0:68:c7:76:96:
a5:4d:0d:d2:78:1d:49:4b:5f:9f:a0:f7:f4:ed:38:a0:81:64:
b4:ca:5e:90:90:2a:ef:6a:c5:9b:fd:ee:f4:9a:24:89:9d:e1:
5b:97:11:6b:38:9a:b0:cc:a8:12:6e:46:36:8b:92:c3:c2:d3:
c3:39:68:7e:76:87:9b:3c:46:d9:e6:fb:8b:6b:b7:03:d3:01:
f7:fd:59:c8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQfjGQsQusdWAgbOttMN0adMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZkMWE5YmYwMmFjNWNmMmFiNGE1YWEyNmUwNTE5MTNjN2JmYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLRP2bXYowr/et0YE1A8WuJQsDJB
TpvS7Qezu8GwWTqyJtnVlYZfjSdxGWMdhaKmyCn/mbAQYnRFPYgWt/DNpjKY6ZoO
hvfVRlHyvp9Dc6LA3ti0aDxQKNtw0ePCXtIpm3bI+QM3tpfsZr3SCpOJe/w6WxYa
fNfcp07n+Nbl8B/7M2bdB1m3td+z0UPgjk94xg5IFILUrQsHoxw0KldKwDzRfuOu
+1NZABbHfis5ImpKlJSsFvYiQRW5kYqPpAyBxpgkvFrSebbmWDHzCdHxxrkyTeHE
3JsQF+XzdeA/M8p4PtKa15ALiMadVsVujfKKoedqNlLjpPp9vA13GzwZBwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMFtGpvwKsXPKrSlqibgUZE8e/r4MB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvd1cwYW1fQXF4YzhxdEtXcUp1QlJrVHg3LXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAaBAIAATAUMAwDBAK5cDQD
BAC5cDYDBADCHrUwKgQCAAIwJAMHACoGZUAQAAMHACoGZUAQAwMHACoGZUEQAAMH
ASoGZUEQAjANBgkqhkiG9w0BAQsFAAOCAQEAE0Df7jyA8N2w1f4EIomL4HbdOdBb
EvOQe2sTEEfdpiD0zpZiJh566xZztFKxx09mIvZrC97Y4646wCkee9u88rvasW8X
cwSb7/YdkfCQX3YuEXWT1LsTHw0IxTu4Frgt6Qd2IBJSh8PWTXSUvyRA4rYfkONZ
vGt4vT4s26WDIBbUb9anN8pC5gf/aJlKIrNzzt2BsLergDEEFxD1hkWCczyBFIG/
vGS5uJl8TY2O9aBox3aWpU0N0ngdSUtfn6D39O04oIFktMpekJAq72rFm/3u9Jok
iZ3hW5cRaziasMyoEm5GNouSw8LTwzlofnaHmzxG2eb7i2u3A9MB9/1ZyA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:57:57 2025 by rpki-client