Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/WUTyK7BrRNi0uHZK_0QCE_Vt8SE.roa
File: WUTyK7BrRNi0uHZK_0QCE_Vt8SE.roa (raw, json)
Hash identifier: 4x8uT/6JZLvMnikfzpcnGLUs5znzoRWzxY13Odgg+MI=
Subject key identifier: 59:44:F2:2B:B0:6B:44:D8:B4:B8:76:4A:FF:44:02:13:F5:6D:F1:21
Certificate issuer: /CN=776a584d279f007066a38b5eb0f18e7bedb614eb
Certificate serial: 0194D5C295256E30CEF3DC0A8A37ADE50CDD
Authority key identifier: 77:6A:58:4D:27:9F:00:70:66:A3:8B:5E:B0:F1:8E:7B:ED:B6:14:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2pYTSefAHBmo4tesPGOe-22FOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/WUTyK7BrRNi0uHZK_0QCE_Vt8SE.roa
Signing time: Wed 05 Feb 2025 10:58:06 +0000
ROA not before: Wed 05 Feb 2025 10:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206194
IP address blocks: 185.188.188.0/23 maxlen: 24
185.188.190.0/24 maxlen: 24
185.188.191.0/24 maxlen: 24
2a0f:e980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/d2pYTSefAHBmo4tesPGOe-22FOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/d2pYTSefAHBmo4tesPGOe-22FOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/d2pYTSefAHBmo4tesPGOe-22FOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:c2:95:25:6e:30:ce:f3:dc:0a:8a:37:ad:e5:0c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776a584d279f007066a38b5eb0f18e7bedb614eb
Validity
Not Before: Feb 5 10:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5944f22bb06b44d8b4b8764aff440213f56df121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:5b:f2:32:4b:74:dd:19:7a:37:b1:5c:1b:
f4:cc:2a:c9:d8:b8:54:65:05:64:c9:49:5c:92:9b:
7c:28:ac:9f:c9:85:50:9a:18:97:16:e7:41:77:80:
47:9d:87:0b:f0:11:75:b8:f7:71:01:c5:23:8b:33:
a3:12:2a:c3:a9:1e:d1:03:e1:5e:d5:81:fc:f8:53:
0e:cd:4e:b2:73:a8:8d:be:d8:36:1d:ee:d7:0d:e6:
36:25:ba:36:fb:0b:94:51:ec:b8:39:69:d2:15:9e:
17:ff:d6:96:cd:63:72:15:86:31:e4:b6:0f:ba:57:
95:c6:ac:5b:9f:96:28:89:c4:5e:f3:94:5c:8c:28:
c4:85:4c:b8:0d:9f:ca:94:13:27:fc:45:f0:d8:8e:
e8:11:23:50:48:1f:5a:a5:eb:eb:a9:71:09:cf:63:
47:da:f5:7d:c0:ab:30:e4:dc:48:cf:df:bc:c5:e3:
98:e7:49:6d:99:e7:41:99:0f:08:47:c2:27:d1:dd:
81:8c:49:eb:ba:96:7c:74:e7:69:f8:bb:b2:65:e6:
5e:41:53:9e:42:39:9c:24:72:1f:b9:58:9b:5b:bc:
c7:2f:bc:90:ff:54:6d:93:cc:3e:26:8a:cd:fb:e0:
5c:ec:8a:7b:4c:b1:34:04:73:58:17:76:ca:48:36:
8a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:44:F2:2B:B0:6B:44:D8:B4:B8:76:4A:FF:44:02:13:F5:6D:F1:21
X509v3 Authority Key Identifier:
keyid:77:6A:58:4D:27:9F:00:70:66:A3:8B:5E:B0:F1:8E:7B:ED:B6:14:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2pYTSefAHBmo4tesPGOe-22FOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/WUTyK7BrRNi0uHZK_0QCE_Vt8SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/d2pYTSefAHBmo4tesPGOe-22FOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.188.0/22
IPv6:
2a0f:e980::/29
Signature Algorithm: sha256WithRSAEncryption
1c:8b:5b:90:64:f2:3b:34:21:4a:a9:87:d9:3c:5d:c4:c4:7f:
3a:92:3b:14:67:14:13:ff:2c:11:43:83:ea:38:b2:6e:2c:3b:
bb:f0:4f:06:76:be:ac:8c:85:d2:d3:03:d8:38:69:f6:39:98:
5c:f4:f3:2e:bc:c4:08:91:78:85:c6:2d:c9:a0:64:c9:57:90:
82:2c:d2:69:ab:df:39:07:ee:72:69:ae:15:bc:aa:f3:5c:c5:
8b:4c:cd:44:e9:68:dc:64:62:7c:bc:f4:fc:46:22:b4:2f:e3:
99:87:04:8e:a4:22:77:b4:6e:0d:08:f4:6a:87:03:3b:95:32:
4d:72:31:93:c1:40:90:b9:d5:f7:b9:71:b4:43:91:79:ca:f3:
d1:22:6d:9d:69:93:40:d8:1f:9e:ed:34:ee:3b:54:c0:9d:ff:
bc:5a:60:f8:89:f1:ec:58:76:aa:52:cc:76:60:52:bb:4c:8d:
8d:b0:2b:4d:ea:8e:fd:c9:17:56:8e:2a:ec:ba:23:2d:3c:50:
40:fd:77:99:db:96:3c:a0:00:4a:f6:8b:b2:bd:4d:df:7a:bb:
12:6d:2e:2b:07:fa:4b:da:59:d1:0b:30:0f:e5:77:19:14:23:
6f:21:a9:22:af:6d:c7:e0:cb:e2:6d:03:2d:d8:37:69:ae:df:
8b:a9:fb:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTVwpUlbjDO89wKijet5QzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NmE1ODRkMjc5ZjAwNzA2NmEzOGI1ZWIwZjE4ZTdiZWRi
NjE0ZWIwHhcNMjUwMjA1MTA1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQ0ZjIyYmIwNmI0NGQ4YjRiODc2NGFmZjQ0MDIxM2Y1NmRmMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuxb8jJLdN0ZejexXBv0zCrJ2LhU
ZQVkyUlckpt8KKyfyYVQmhiXFudBd4BHnYcL8BF1uPdxAcUjizOjEirDqR7RA+Fe
1YH8+FMOzU6yc6iNvtg2He7XDeY2Jbo2+wuUUey4OWnSFZ4X/9aWzWNyFYYx5LYP
uleVxqxbn5YoicRe85RcjCjEhUy4DZ/KlBMn/EXw2I7oESNQSB9apevrqXEJz2NH
2vV9wKsw5NxIz9+8xeOY50ltmedBmQ8IR8In0d2BjEnrupZ8dOdp+LuyZeZeQVOe
QjmcJHIfuVibW7zHL7yQ/1Rtk8w+JorN++Bc7Ip7TLE0BHNYF3bKSDaKtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFlE8iuwa0TYtLh2Sv9EAhP1bfEhMB8GA1UdIwQY
MBaAFHdqWE0nnwBwZqOLXrDxjnvtthTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJwWVRTZWZBSEJtbzR0ZXNQR09lLTIyRk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny83ZTg4NDgtMTA2NS00Mzg2LTgxNTYt
Mzg3YzZjNGQ4ZjAyLzEvV1VUeUs3QnJSTmkwdUhaS18wUUNFX1Z0OFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny83ZTg4NDgtMTA2NS00Mzg2LTgxNTYtMzg3YzZjNGQ4ZjAy
LzEvZDJwWVRTZWZBSEJtbzR0ZXNQR09lLTIyRk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuby8MA0E
AgACMAcDBQMqD+mAMA0GCSqGSIb3DQEBCwUAA4IBAQAci1uQZPI7NCFKqYfZPF3E
xH86kjsUZxQT/ywRQ4PqOLJuLDu78E8Gdr6sjIXS0wPYOGn2OZhc9PMuvMQIkXiF
xi3JoGTJV5CCLNJpq985B+5yaa4VvKrzXMWLTM1E6WjcZGJ8vPT8RiK0L+OZhwSO
pCJ3tG4NCPRqhwM7lTJNcjGTwUCQudX3uXG0Q5F5yvPRIm2daZNA2B+e7TTuO1TA
nf+8WmD4ifHsWHaqUsx2YFK7TI2NsCtN6o79yRdWjirsuiMtPFBA/XeZ25Y8oABK
9ouyvU3fersSbS4rB/pL2lnRCzAP5XcZFCNvIakir23H4MvibQMt2Ddprt+LqfuI
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:00:44 2025 by rpki-client