Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/rtw5EuFYH3ySq0jw3-ZmGwFMoqo.roa
File: rtw5EuFYH3ySq0jw3-ZmGwFMoqo.roa (raw, json)
Hash identifier: Ii5lxajvlSV2gkqSCAYWVLgdyHye7gIbfTFfAGtSUlY=
Subject key identifier: AE:DC:39:12:E1:58:1F:7C:92:AB:48:F0:DF:E6:66:1B:01:4C:A2:AA
Certificate issuer: /CN=a2d37fc31efd3703bf2c4c3e88bc3c1cfb479919
Certificate serial: 019423D6DBA62C4B5E7ACB9EB6B5B496CF91
Authority key identifier: A2:D3:7F:C3:1E:FD:37:03:BF:2C:4C:3E:88:BC:3C:1C:FB:47:99:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otN_wx79NwO_LEw-iLw8HPtHmRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/rtw5EuFYH3ySq0jw3-ZmGwFMoqo.roa
Signing time: Wed 01 Jan 2025 21:47:50 +0000
ROA not before: Wed 01 Jan 2025 21:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57317
IP address blocks: 185.105.112.0/22 maxlen: 24
2a06:3700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/otN_wx79NwO_LEw-iLw8HPtHmRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/otN_wx79NwO_LEw-iLw8HPtHmRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otN_wx79NwO_LEw-iLw8HPtHmRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 18:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:db:a6:2c:4b:5e:7a:cb:9e:b6:b5:b4:96:cf:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d37fc31efd3703bf2c4c3e88bc3c1cfb479919
Validity
Not Before: Jan 1 21:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aedc3912e1581f7c92ab48f0dfe6661b014ca2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ae:48:58:8d:44:41:88:a8:10:ca:9d:b6:a4:
52:d3:1d:a8:40:05:a4:0f:51:9d:3f:95:bd:60:f6:
3f:7c:dc:f6:0a:89:47:a9:fd:18:9d:1b:24:58:10:
33:ad:2b:19:e1:d7:25:88:1e:ef:65:c4:08:03:f2:
e2:5c:83:7d:68:b3:2e:de:33:3e:19:33:67:1a:fe:
2e:70:21:c6:ac:bb:e5:1c:43:da:b5:48:7c:aa:e3:
2d:20:d7:f4:b2:8f:f0:ab:77:53:39:a2:69:70:bd:
5b:bb:6b:2f:f7:16:99:a2:da:9f:f9:12:93:67:56:
0f:23:cd:98:d6:6f:3c:6c:8c:15:7a:9b:53:f1:fb:
c9:12:eb:24:ff:f8:45:9a:40:69:28:57:01:8d:02:
38:71:5d:0d:55:9c:81:f3:c5:01:e7:43:a7:32:80:
85:64:fb:5e:f7:00:e6:2d:5e:18:a7:40:93:22:67:
95:0c:e1:5b:72:7f:bb:40:05:92:d8:3d:c8:82:ee:
02:e5:6b:d5:c1:95:e4:26:b3:e6:d9:06:6d:09:99:
e2:92:6f:16:a4:58:af:fc:3f:f9:dd:c6:65:12:9b:
b0:1f:53:41:d9:ef:78:9b:ee:2f:17:f9:01:37:d0:
35:bc:b0:cf:11:00:10:37:31:3f:cf:00:99:53:10:
25:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:39:12:E1:58:1F:7C:92:AB:48:F0:DF:E6:66:1B:01:4C:A2:AA
X509v3 Authority Key Identifier:
keyid:A2:D3:7F:C3:1E:FD:37:03:BF:2C:4C:3E:88:BC:3C:1C:FB:47:99:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otN_wx79NwO_LEw-iLw8HPtHmRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/rtw5EuFYH3ySq0jw3-ZmGwFMoqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/otN_wx79NwO_LEw-iLw8HPtHmRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.112.0/22
IPv6:
2a06:3700::/29
Signature Algorithm: sha256WithRSAEncryption
6b:5a:8d:c0:d7:1a:0d:17:1f:ac:79:3e:67:9f:23:b6:71:c1:
95:2f:a7:1d:b0:73:7f:30:e6:05:d4:61:00:89:76:2f:da:af:
d1:ae:3c:97:ab:26:ca:b1:73:c7:cb:62:16:1d:3e:15:8a:69:
13:64:d2:68:c8:36:fb:7f:5f:9a:71:cd:ba:dd:f1:bf:dd:ea:
07:9b:df:cf:fa:d1:da:e1:d0:94:93:2b:5e:05:aa:53:d8:9b:
3c:1c:7e:0c:4b:e5:71:f1:f7:71:33:f2:85:46:e9:f6:cc:17:
1f:cd:dc:5e:58:d9:6c:0e:80:29:26:fc:4b:e8:11:12:74:78:
80:63:9a:43:7d:6f:e4:ef:9b:52:08:66:6c:8c:6c:b2:6f:c2:
5c:cd:47:85:e5:61:69:da:e2:40:af:fa:0f:e8:0e:71:d7:65:
7c:96:79:2f:d3:26:a7:5c:9c:9d:b0:7e:0e:b3:8f:81:96:96:
de:f4:0b:ae:73:99:9b:82:4e:8b:53:21:c0:42:d7:29:04:46:
9f:0a:de:01:31:ea:a8:09:30:0c:b8:50:05:0f:46:71:3a:5e:
72:d0:38:65:87:bb:7d:72:d5:ee:e7:5c:be:a5:ca:6a:0b:7b:
06:73:6f:fc:24:fc:1d:3e:a5:d6:6c:dd:2c:b7:ec:bb:73:c4:
0f:fc:e6:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1tumLEteesuetrW0ls+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDM3ZmMzMWVmZDM3MDNiZjJjNGMzZTg4YmMzYzFjZmI0
Nzk5MTkwHhcNMjUwMTAxMjE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRjMzkxMmUxNTgxZjdjOTJhYjQ4ZjBkZmU2NjYxYjAxNGNhMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy65IWI1EQYioEMqdtqRS0x2oQAWk
D1GdP5W9YPY/fNz2ColHqf0YnRskWBAzrSsZ4dcliB7vZcQIA/LiXIN9aLMu3jM+
GTNnGv4ucCHGrLvlHEPatUh8quMtINf0so/wq3dTOaJpcL1bu2sv9xaZotqf+RKT
Z1YPI82Y1m88bIwVeptT8fvJEusk//hFmkBpKFcBjQI4cV0NVZyB88UB50OnMoCF
ZPte9wDmLV4Yp0CTImeVDOFbcn+7QAWS2D3Igu4C5WvVwZXkJrPm2QZtCZnikm8W
pFiv/D/53cZlEpuwH1NB2e94m+4vF/kBN9A1vLDPEQAQNzE/zwCZUxAleQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK7cORLhWB98kqtI8N/mZhsBTKKqMB8GA1UdIwQY
MBaAFKLTf8Me/TcDvyxMPoi8PBz7R5kZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ROX3d4NzlOd09fTEV3LWlMdzhIUHRIbVJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNjMyZjUtODllNy00ZDIyLThiYzEt
MzMzOTkwODAyNzBmLzEvcnR3NUV1RllIM3lTcTBqdzMtWm1Hd0ZNb3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNjMyZjUtODllNy00ZDIyLThiYzEtMzMzOTkwODAyNzBm
LzEvb3ROX3d4NzlOd09fTEV3LWlMdzhIUHRIbVJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWlwMA0E
AgACMAcDBQMqBjcAMA0GCSqGSIb3DQEBCwUAA4IBAQBrWo3A1xoNFx+seT5nnyO2
ccGVL6cdsHN/MOYF1GEAiXYv2q/RrjyXqybKsXPHy2IWHT4VimkTZNJoyDb7f1+a
cc263fG/3eoHm9/P+tHa4dCUkyteBapT2Js8HH4MS+Vx8fdxM/KFRun2zBcfzdxe
WNlsDoApJvxL6BESdHiAY5pDfW/k75tSCGZsjGyyb8JczUeF5WFp2uJAr/oP6A5x
12V8lnkv0yanXJydsH4Os4+Blpbe9Auuc5mbgk6LUyHAQtcpBEafCt4BMeqoCTAM
uFAFD0ZxOl5y0Dhlh7t9ctXu51y+pcpqC3sGc2/8JPwdPqXWbN0st+y7c8QP/OZR
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:08:45 2025 by rpki-client