Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/WjBimzywiq-8Yrfcs0lYstgI3ds.roa
File: WjBimzywiq-8Yrfcs0lYstgI3ds.roa (raw, json)
Hash identifier: 4EfZBP66WNjm2OW7080n5DX6+5O4ByUCAqCUKZoTFJs=
Subject key identifier: 5A:30:62:9B:3C:B0:8A:AF:BC:62:B7:DC:B3:49:58:B2:D8:08:DD:DB
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019420D5EFF0EAD35A22C54F68D027F02937
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/WjBimzywiq-8Yrfcs0lYstgI3ds.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40980
IP address blocks: 144.208.192.0/21 maxlen: 22
144.208.200.0/22 maxlen: 22
185.50.234.0/24 maxlen: 24
2a01:aea0:dd3::/48 maxlen: 48
2a01:aea0:dd4::/48 maxlen: 48
2a01:aea0:dd5::/48 maxlen: 48
2a01:aea0:dd6::/48 maxlen: 48
2a01:aea0:df3::/48 maxlen: 48
2a01:aea0:df4::/48 maxlen: 48
2a01:aea0:df5::/48 maxlen: 48
2a01:aea0:df6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ef:f0:ea:d3:5a:22:c5:4f:68:d0:27:f0:29:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a30629b3cb08aafbc62b7dcb34958b2d808dddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:b6:bb:f3:7e:a7:ad:e5:96:98:05:51:52:
de:3a:75:b5:a0:79:5b:ea:1a:a5:ab:5d:2c:4f:58:
50:a0:57:41:a5:65:22:ba:f1:77:76:19:dc:ca:89:
98:3f:cd:12:8f:6c:1d:85:34:ef:83:28:f8:56:70:
b3:6f:d1:8c:3b:41:27:69:55:51:0f:66:51:2f:f4:
86:97:28:c7:c0:fe:8a:bc:44:fd:09:d4:0a:7b:72:
d3:5f:3d:7f:7e:ba:6b:bd:93:d3:33:f0:ba:7b:89:
ad:74:09:4e:78:9b:15:7c:be:57:3a:8b:0c:63:e1:
e4:cd:8c:f0:2f:cb:5f:9b:41:18:7d:d0:23:d4:44:
7d:18:52:e1:93:89:08:5f:dc:5d:26:c8:8e:2b:0c:
2b:74:2b:bf:75:0f:36:da:ec:78:cf:7b:07:f1:bf:
17:0f:5c:48:dd:4c:3c:65:43:de:a7:da:4b:35:ec:
14:9b:f0:03:d9:90:e5:d7:2b:50:b2:54:7e:3b:ad:
ad:69:f6:81:88:df:76:5d:a8:19:9b:6d:eb:76:1c:
d7:97:87:ea:a5:3a:e6:76:93:0f:97:ec:88:fa:ab:
52:56:a6:f3:b4:04:26:73:9a:da:5e:a0:15:9c:34:
53:04:39:9d:80:d7:c8:d6:4f:3a:df:17:6e:ac:07:
b5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:30:62:9B:3C:B0:8A:AF:BC:62:B7:DC:B3:49:58:B2:D8:08:DD:DB
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/WjBimzywiq-8Yrfcs0lYstgI3ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.192.0-144.208.203.255
185.50.234.0/24
IPv6:
2a01:aea0:dd3::-2a01:aea0:dd6:ffff:ffff:ffff:ffff:ffff
2a01:aea0:df3::-2a01:aea0:df6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:4f:82:95:33:e7:24:1b:a4:b9:99:0b:98:3f:aa:91:49:9c:
f9:91:24:57:7f:94:a5:7e:4c:d3:11:bf:00:a6:2b:1a:86:32:
64:c2:03:ac:b6:40:51:de:b8:a9:b2:8c:63:ff:17:26:00:02:
7f:3b:06:00:6b:03:7a:29:67:a0:3d:ec:41:0c:34:66:b1:9e:
19:9f:bf:42:12:ce:d1:ba:4f:76:bf:5f:52:a9:ce:33:36:02:
8f:97:d6:cf:9b:95:91:c0:eb:bc:24:23:ae:e2:f6:12:8f:e7:
8a:6f:50:f6:d8:2e:24:c9:b4:a8:67:8b:82:8f:c6:46:5a:ab:
6e:86:67:a0:0d:96:2f:bd:40:c6:1a:c3:69:9c:41:8f:7d:be:
c3:ad:95:82:73:9a:22:42:75:c2:ea:3a:17:43:d2:14:56:5c:
d3:0d:01:9a:47:0a:c8:5c:13:4c:ef:ea:87:c6:75:93:d4:af:
5e:0f:9c:4c:f1:fe:b2:f3:b7:f3:ae:0f:8a:67:eb:40:ee:ff:
e7:9e:ff:f3:df:67:07:c1:da:2b:bf:84:45:f5:49:d3:ea:79:
07:46:21:f5:69:ab:b7:2a:0d:be:2f:c2:24:4b:44:4e:5c:f7:
af:a6:08:a6:b2:1b:c7:74:66:97:26:b1:a1:d6:e9:36:66:9c:
7d:88:fe:b3
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQg1e/w6tNaIsVPaNAn8Ck3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTMwNjI5YjNjYjA4YWFmYmM2MmI3ZGNiMzQ5NThiMmQ4MDhkZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOi2u/N+p63llpgFUVLeOnW1oHlb
6hqlq10sT1hQoFdBpWUiuvF3dhncyomYP80Sj2wdhTTvgyj4VnCzb9GMO0EnaVVR
D2ZRL/SGlyjHwP6KvET9CdQKe3LTXz1/frprvZPTM/C6e4mtdAlOeJsVfL5XOosM
Y+HkzYzwL8tfm0EYfdAj1ER9GFLhk4kIX9xdJsiOKwwrdCu/dQ822ux4z3sH8b8X
D1xI3Uw8ZUPep9pLNewUm/AD2ZDl1ytQslR+O62tafaBiN92XagZm23rdhzXl4fq
pTrmdpMPl+yI+qtSVqbztAQmc5raXqAVnDRTBDmdgNfI1k863xdurAe1cwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFowYps8sIqvvGK33LNJWLLYCN3bMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvV2pCaW16eXdpcS04WXJmY3MwbFlzdGdJM2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAaBAIAATAUMAwDBAaQ0MAD
BAKQ0MgDBAC5MuowLgQCAAIwKDASAwcAKgGuoA3TAwcAKgGuoA3WMBIDBwAqAa6g
DfMDBwAqAa6gDfYwDQYJKoZIhvcNAQELBQADggEBAG9PgpUz5yQbpLmZC5g/qpFJ
nPmRJFd/lKV+TNMRvwCmKxqGMmTCA6y2QFHeuKmyjGP/FyYAAn87BgBrA3opZ6A9
7EEMNGaxnhmfv0ISztG6T3a/X1KpzjM2Ao+X1s+blZHA67wkI67i9hKP54pvUPbY
LiTJtKhni4KPxkZaq26GZ6ANli+9QMYaw2mcQY99vsOtlYJzmiJCdcLqOhdD0hRW
XNMNAZpHCshcE0zv6ofGdZPUr14PnEzx/rLzt/OuD4pn60Du/+ee//PfZwfB2iu/
hEX1SdPqeQdGIfVpq7cqDb4vwiRLRE5c96+mCKayG8d0ZpcmsaHW6TZmnH2I/rM=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:11:16 2025 by rpki-client