Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/w61tMnNeHDs_V8XDRBjX0VmxQLs.roa
File: w61tMnNeHDs_V8XDRBjX0VmxQLs.roa (raw, json)
Hash identifier: zbcmX4twBgLQPIU3RR2PPgPgWTG3cAdbD9etQBxxLBE=
Subject key identifier: C3:AD:6D:32:73:5E:1C:3B:3F:57:C5:C3:44:18:D7:D1:59:B1:40:BB
Certificate issuer: /CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Certificate serial: 0195AB1CDA59F9F120D85789EA64067B1B1C
Authority key identifier: C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/w61tMnNeHDs_V8XDRBjX0VmxQLs.roa
Signing time: Tue 18 Mar 2025 21:15:49 +0000
ROA not before: Tue 18 Mar 2025 21:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.233.0/24 maxlen: 24
5.183.208.0/24 maxlen: 24
86.54.99.0/24 maxlen: 24
91.240.40.0/22 maxlen: 22
93.92.116.0/22 maxlen: 22
94.176.100.0/22 maxlen: 22
185.35.232.0/22 maxlen: 22
185.67.120.0/24 maxlen: 24
185.107.24.0/22 maxlen: 22
185.125.36.0/22 maxlen: 22
185.224.116.0/22 maxlen: 22
193.32.11.0/24 maxlen: 24
193.124.76.0/22 maxlen: 22
193.124.144.0/21 maxlen: 21
194.135.200.0/21 maxlen: 21
195.216.136.0/22 maxlen: 22
2a04:65c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 09:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ab:1c:da:59:f9:f1:20:d8:57:89:ea:64:06:7b:1b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Validity
Not Before: Mar 18 21:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3ad6d32735e1c3b3f57c5c34418d7d159b140bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:71:c0:24:b8:40:17:0d:88:30:8c:6c:9f:3b:
fc:91:2a:90:8c:2c:20:13:b1:09:fb:47:0b:fc:97:
65:23:7b:e2:41:77:e1:a0:ad:13:1e:64:a9:92:2c:
42:ea:73:78:af:80:f2:85:45:30:90:3a:77:09:f7:
b2:70:b6:5a:82:b8:46:9d:75:cf:b4:f4:af:70:67:
bc:19:fa:79:59:3b:41:6c:17:a9:41:fd:c5:3a:09:
20:4a:47:7e:dd:f9:a3:1a:87:fb:16:3b:3e:51:b8:
68:b2:e1:f9:15:9c:66:a2:0a:16:ed:2e:1f:ce:52:
27:ce:90:bc:5c:fa:b7:29:be:63:9a:0a:ed:45:26:
31:a3:9f:e6:1c:77:ea:0a:0f:b9:68:87:c5:07:a6:
af:52:61:b6:27:d8:f1:61:1e:de:0c:8b:83:16:3b:
82:1d:85:22:56:ab:88:18:9e:a3:38:1e:62:c1:c5:
f1:95:6f:5b:00:2c:0f:f6:3b:c6:9a:20:18:58:18:
36:72:8d:47:b5:52:23:ee:06:de:2f:8e:35:ce:d3:
aa:c2:70:17:03:df:02:b6:e1:34:e0:bc:f3:95:55:
c2:19:b2:be:9b:c2:76:92:a3:9e:ac:8f:31:2a:ed:
2f:54:81:6b:02:0f:c6:4a:f8:1a:36:e9:35:14:d9:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AD:6D:32:73:5E:1C:3B:3F:57:C5:C3:44:18:D7:D1:59:B1:40:BB
X509v3 Authority Key Identifier:
keyid:C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/w61tMnNeHDs_V8XDRBjX0VmxQLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.233.0/24
5.183.208.0/24
86.54.99.0/24
91.240.40.0/22
93.92.116.0/22
94.176.100.0/22
185.35.232.0/22
185.67.120.0/24
185.107.24.0/22
185.125.36.0/22
185.224.116.0/22
193.32.11.0/24
193.124.76.0/22
193.124.144.0/21
194.135.200.0/21
195.216.136.0/22
IPv6:
2a04:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:e9:7b:62:b1:c8:a8:b7:3e:22:f5:b3:70:a9:8e:cf:be:dd:
1a:2c:cf:92:23:7a:45:7f:56:b4:4b:96:d5:25:7b:d5:f3:d9:
ad:f3:f2:e3:df:c6:5e:aa:92:21:c5:ed:bc:f8:02:7d:de:1e:
0c:70:96:7d:a5:1a:ec:9b:a9:40:b4:1f:24:4e:a6:d4:76:3e:
76:b8:a9:d2:36:a8:38:e4:6e:d1:4b:84:38:22:69:5e:7b:40:
ee:08:13:1b:57:23:5f:df:1a:36:46:6b:b5:88:60:dd:cd:c0:
2a:5f:85:0e:14:e7:cd:33:17:58:8e:09:2f:d2:d4:cf:ed:ab:
48:91:cc:4e:0d:dd:22:f2:24:c5:c1:7a:3a:42:69:65:26:0e:
96:99:bb:56:27:61:6a:cd:a9:9f:2a:65:b5:93:72:b8:08:23:
b4:01:db:c9:a5:94:a2:ae:16:6e:de:c4:68:95:13:fc:00:97:
15:8c:89:6f:af:32:c3:ed:b2:05:f3:c6:55:ec:a7:77:99:45:
f1:eb:52:57:9e:50:a5:ab:57:b5:f6:22:f0:04:c3:d2:58:ce:
a4:6f:11:d3:94:b6:83:8a:d6:b8:d3:ef:08:39:44:9d:eb:77:
29:20:fb:32:0b:bb:60:0e:b9:cb:d3:ce:10:c3:84:1a:75:b9:
e6:f2:f6:ac
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZWrHNpZ+fEg2FeJ6mQGexscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGNhMDg1NTE3OGEwY2RkNzE5MTRiY2YyMjNhYTMxYWY2
MzY5YTQwHhcNMjUwMzE4MjExNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2FkNmQzMjczNWUxYzNiM2Y1N2M1YzM0NDE4ZDdkMTU5YjE0MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHHAJLhAFw2IMIxsnzv8kSqQjCwg
E7EJ+0cL/JdlI3viQXfhoK0THmSpkixC6nN4r4DyhUUwkDp3CfeycLZagrhGnXXP
tPSvcGe8Gfp5WTtBbBepQf3FOgkgSkd+3fmjGof7Fjs+UbhosuH5FZxmogoW7S4f
zlInzpC8XPq3Kb5jmgrtRSYxo5/mHHfqCg+5aIfFB6avUmG2J9jxYR7eDIuDFjuC
HYUiVquIGJ6jOB5iwcXxlW9bACwP9jvGmiAYWBg2co1HtVIj7gbeL441ztOqwnAX
A98CtuE04LzzlVXCGbK+m8J2kqOerI8xKu0vVIFrAg/GSvgaNuk1FNka5wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFMOtbTJzXhw7P1fFw0QY19FZsUC7MB8GA1UdIwQY
MBaAFMdMoIVReKDN1xkUvPIjqjGvY2mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQt
ZGVkZDM1MjkzMjMwLzEvdzYxdE1uTmVIRHNfVjhYRFJCalgwVm14UUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQtZGVkZDM1MjkzMjMw
LzEveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAAWa6QME
AAW30AMEAFY2YwMEAlvwKAMEAl1cdAMEAl6wZAMEArkj6AMEALlDeAMEArlrGAME
Arl9JAMEArngdAMEAMEgCwMEAsF8TAMEA8F8kAMEA8KHyAMEAsPYiDANBAIAAjAH
AwUDKgRlwDANBgkqhkiG9w0BAQsFAAOCAQEAmul7YrHIqLc+IvWzcKmOz77dGizP
kiN6RX9WtEuW1SV71fPZrfPy49/GXqqSIcXtvPgCfd4eDHCWfaUa7JupQLQfJE6m
1HY+drip0jaoOORu0UuEOCJpXntA7ggTG1cjX98aNkZrtYhg3c3AKl+FDhTnzTMX
WI4JL9LUz+2rSJHMTg3dIvIkxcF6OkJpZSYOlpm7Vidhas2pnypltZNyuAgjtAHb
yaWUoq4Wbt7EaJUT/ACXFYyJb68yw+2yBfPGVeynd5lF8etSV55QpatXtfYi8ATD
0ljOpG8R05S2g4rWuNPvCDlEnet3KSD7Mgu7YA65y9POEMOEGnW55vL2rA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:49:59 2025 by rpki-client