Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/Wp47mYbGIM1Wn1TH4UytNLnpCRE.roa
File: Wp47mYbGIM1Wn1TH4UytNLnpCRE.roa (raw, json)
Hash identifier: s3jKeR589toj6Nv3VDplJDroNH801WsVAu93zGQYjRo=
Subject key identifier: 5A:9E:3B:99:86:C6:20:CD:56:9F:54:C7:E1:4C:AD:34:B9:E9:09:11
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 01942521FE37EEDB7F33F252556E14B4E0B1
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/Wp47mYbGIM1Wn1TH4UytNLnpCRE.roa
Signing time: Thu 02 Jan 2025 03:49:32 +0000
ROA not before: Thu 02 Jan 2025 03:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 87.254.96.0/24 maxlen: 24
87.254.97.0/24 maxlen: 24
87.254.98.0/24 maxlen: 24
87.254.99.0/24 maxlen: 24
87.254.100.0/24 maxlen: 24
87.254.101.0/24 maxlen: 24
87.254.102.0/24 maxlen: 24
87.254.103.0/24 maxlen: 24
87.254.104.0/24 maxlen: 24
87.254.105.0/24 maxlen: 24
87.254.106.0/24 maxlen: 24
87.254.107.0/24 maxlen: 24
87.254.108.0/24 maxlen: 24
87.254.109.0/24 maxlen: 24
87.254.110.0/24 maxlen: 24
87.254.111.0/24 maxlen: 24
87.254.112.0/24 maxlen: 24
87.254.113.0/24 maxlen: 24
87.254.114.0/24 maxlen: 24
87.254.115.0/24 maxlen: 24
87.254.116.0/24 maxlen: 24
87.254.117.0/24 maxlen: 24
87.254.118.0/24 maxlen: 24
87.254.119.0/24 maxlen: 24
87.254.120.0/24 maxlen: 24
87.254.121.0/24 maxlen: 24
87.254.122.0/24 maxlen: 24
87.254.123.0/24 maxlen: 24
87.254.124.0/24 maxlen: 24
87.254.125.0/24 maxlen: 24
87.254.126.0/24 maxlen: 24
87.254.127.0/24 maxlen: 24
185.69.216.0/24 maxlen: 24
185.69.217.0/24 maxlen: 24
185.69.218.0/24 maxlen: 24
185.69.219.0/24 maxlen: 24
195.137.228.0/24 maxlen: 24
195.137.229.0/24 maxlen: 24
212.24.192.0/24 maxlen: 24
212.24.193.0/24 maxlen: 24
212.24.194.0/24 maxlen: 24
212.24.195.0/24 maxlen: 24
212.24.196.0/24 maxlen: 24
212.24.197.0/24 maxlen: 24
212.24.198.0/24 maxlen: 24
212.24.199.0/24 maxlen: 24
212.24.200.0/24 maxlen: 24
212.24.201.0/24 maxlen: 24
212.24.202.0/24 maxlen: 24
212.24.203.0/24 maxlen: 24
212.24.204.0/24 maxlen: 24
212.24.205.0/24 maxlen: 24
212.24.206.0/24 maxlen: 24
212.24.207.0/24 maxlen: 24
212.24.208.0/24 maxlen: 24
212.24.209.0/24 maxlen: 24
212.24.210.0/24 maxlen: 24
212.24.211.0/24 maxlen: 24
212.24.212.0/24 maxlen: 24
212.24.213.0/24 maxlen: 24
212.24.214.0/24 maxlen: 24
212.24.215.0/24 maxlen: 24
212.24.216.0/24 maxlen: 24
212.24.217.0/24 maxlen: 24
212.24.218.0/24 maxlen: 24
212.24.219.0/24 maxlen: 24
212.24.220.0/24 maxlen: 24
212.24.221.0/24 maxlen: 24
212.24.222.0/24 maxlen: 24
212.24.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fe:37:ee:db:7f:33:f2:52:55:6e:14:b4:e0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 2 03:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a9e3b9986c620cd569f54c7e14cad34b9e90911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:6c:40:9a:d4:d2:db:7c:da:6d:05:85:61:
b7:fd:77:37:d1:d2:80:7e:63:e4:bd:ab:e8:9b:a5:
bb:97:67:28:14:3c:b8:38:0a:42:92:df:4b:b7:c5:
fc:5e:88:fb:d1:c0:5c:ec:c7:62:a4:79:74:d4:da:
1e:05:c1:15:17:a6:90:b9:d0:52:fc:f6:b4:84:92:
40:a3:3d:ce:99:8c:21:f6:b2:05:67:e9:4e:0e:f3:
66:c9:ec:9c:65:56:3f:3b:e6:4b:98:49:4e:04:30:
09:5e:e7:67:2a:d6:06:4b:61:19:a1:e0:7e:54:d6:
f8:cf:84:ff:4f:a7:fd:bb:27:af:39:22:f4:d4:f8:
fe:3a:d0:30:99:cc:52:3b:78:f4:1c:8a:b3:02:3d:
ad:1b:13:24:e2:7f:60:3a:09:4f:2b:04:1b:2c:11:
e6:4a:d4:2f:62:87:8a:4a:e6:2a:be:8d:28:ea:ec:
ff:14:f2:c8:c0:39:6a:f8:f2:18:c7:ae:09:54:7b:
07:a3:eb:69:dd:c6:83:dc:c1:81:6f:95:f7:7a:72:
5b:fb:df:4b:f9:af:58:fd:77:8a:87:7d:dd:eb:5c:
57:f6:72:92:3a:11:cb:26:f9:05:46:96:92:8a:c1:
4b:13:08:93:05:1e:18:e9:23:83:0b:da:c5:50:d8:
f0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9E:3B:99:86:C6:20:CD:56:9F:54:C7:E1:4C:AD:34:B9:E9:09:11
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/Wp47mYbGIM1Wn1TH4UytNLnpCRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
Signature Algorithm: sha256WithRSAEncryption
33:c0:ec:fc:76:98:3a:c4:4d:a3:da:93:3f:4d:87:7b:91:80:
22:e8:f1:0c:88:b7:40:cc:da:f5:cd:85:00:50:8c:0a:e4:81:
a4:ca:81:4b:58:93:6c:ed:c3:62:5f:85:47:59:6f:78:b6:dc:
d7:cb:f1:f8:c3:95:6a:29:0c:49:6e:e1:fd:bc:f8:a7:2e:b8:
83:03:b6:7c:6b:27:6b:62:93:c0:14:c8:df:64:32:7a:50:a2:
10:2b:01:cb:cd:f2:d7:73:7f:d8:15:0c:13:2e:9d:7c:c8:41:
a7:01:7c:ec:f9:0e:5b:ae:5c:de:30:4d:71:4d:be:44:2c:1c:
9b:88:fa:1b:ce:34:cf:f4:2c:e6:b6:a4:c5:56:35:ed:11:46:
39:a3:1c:11:c5:d1:47:82:73:7b:b3:eb:af:d9:2e:7d:95:39:
c4:eb:cd:77:84:75:6b:9e:65:20:53:5f:7a:6d:c9:26:b4:5f:
0e:8d:e2:b0:dc:83:93:0e:f9:4b:c2:f2:43:9f:ee:1a:98:e0:
d4:cc:1b:08:bd:fc:56:3f:57:f3:bc:55:62:19:ba:c1:79:ce:
b1:aa:4a:57:b4:be:29:b0:04:e3:68:4a:f5:66:54:88:97:47:
7b:33:99:ca:ee:ac:06:da:51:aa:df:29:59:74:4f:29:c7:ad:
50:84:84:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIf437tt/M/JSVW4UtOCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzc4NDNmMDc1MjIyNDQ1OWU2MDM0NTY5YTIxN2M4YjYx
MTU2NGIwHhcNMjUwMTAyMDM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTllM2I5OTg2YzYyMGNkNTY5ZjU0YzdlMTRjYWQzNGI5ZTkwOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyZsQJrU0tt82m0FhWG3/Xc30dKA
fmPkvavom6W7l2coFDy4OApCkt9Lt8X8Xoj70cBc7MdipHl01NoeBcEVF6aQudBS
/Pa0hJJAoz3OmYwh9rIFZ+lODvNmyeycZVY/O+ZLmElOBDAJXudnKtYGS2EZoeB+
VNb4z4T/T6f9uyevOSL01Pj+OtAwmcxSO3j0HIqzAj2tGxMk4n9gOglPKwQbLBHm
StQvYoeKSuYqvo0o6uz/FPLIwDlq+PIYx64JVHsHo+tp3caD3MGBb5X3enJb+99L
+a9Y/XeKh33d61xX9nKSOhHLJvkFRpaSisFLEwiTBR4Y6SODC9rFUNjwaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFqeO5mGxiDNVp9Ux+FMrTS56QkRMB8GA1UdIwQY
MBaAFMo3hD8HUiJEWeYDRWmiF8i2EVZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUt
OGZlNzg0ZTMxZTVkLzEvV3A0N21ZYkdJTTFXbjFUSDRVeXROTG5wQ1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUtOGZlNzg0ZTMxZTVk
LzEveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFV/5gAwQC
uUXYAwQBw4nkAwQF1BjAMA0GCSqGSIb3DQEBCwUAA4IBAQAzwOz8dpg6xE2j2pM/
TYd7kYAi6PEMiLdAzNr1zYUAUIwK5IGkyoFLWJNs7cNiX4VHWW94ttzXy/H4w5Vq
KQxJbuH9vPinLriDA7Z8aydrYpPAFMjfZDJ6UKIQKwHLzfLXc3/YFQwTLp18yEGn
AXzs+Q5brlzeME1xTb5ELBybiPobzjTP9CzmtqTFVjXtEUY5oxwRxdFHgnN7s+uv
2S59lTnE6813hHVrnmUgU196bckmtF8OjeKw3IOTDvlLwvJDn+4amODUzBsIvfxW
P1fzvFViGbrBec6xqkpXtL4psATjaEr1ZlSIl0d7M5nK7qwG2lGq3ylZdE8px61Q
hISJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:21 2025 by rpki-client