Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/wqEidlRd5h8mEbMuznDw8G5hJT8.roa
File: wqEidlRd5h8mEbMuznDw8G5hJT8.roa (raw, json)
Hash identifier: ottFe6kNKLxVuyKxCrPheMgoItK6mcr1froPpXx13Sw=
Subject key identifier: C2:A1:22:76:54:5D:E6:1F:26:11:B3:2E:CE:70:F0:F0:6E:61:25:3F
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 019425FC0D84843487CFADD2C74199B76C6A
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/wqEidlRd5h8mEbMuznDw8G5hJT8.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58193
IP address blocks: 178.251.124.0/24 maxlen: 24
178.251.125.0/24 maxlen: 24
185.154.86.0/24 maxlen: 24
194.48.100.0/22 maxlen: 24
2a02:fae0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0d:84:84:34:87:cf:ad:d2:c7:41:99:b7:6c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2a12276545de61f2611b32ece70f0f06e61253f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:1f:fb:8f:85:6d:9b:48:a2:17:f4:58:1e:
77:45:92:ef:8f:be:60:ce:4c:0f:b6:61:31:2d:2f:
59:f2:7a:ca:5c:e0:8f:d4:4e:a3:91:65:f0:99:86:
3f:ef:48:c2:0c:62:24:7d:d4:67:62:11:f6:68:07:
29:4a:7d:e3:49:b0:be:8c:3a:85:61:34:d3:02:c8:
0a:ee:75:38:c6:67:6f:c9:9b:4a:0f:50:6d:d7:09:
a0:93:e4:b9:61:80:9c:c2:30:38:8f:21:24:5f:48:
f3:29:b9:fe:06:b1:a9:ee:d7:5a:19:59:f7:fe:18:
2a:5d:b8:60:d5:29:cb:a7:e9:b8:50:e6:3b:54:51:
8f:c0:f9:b6:bf:a0:b1:23:41:69:4e:9b:39:a8:64:
94:74:67:64:fc:32:2d:db:fc:e2:1b:11:89:93:5c:
9b:66:c8:04:1c:8b:f1:ac:04:8b:7b:d0:de:75:d4:
b3:fb:a2:6e:64:40:70:3b:93:84:a2:58:09:cc:2b:
43:52:e0:1b:f9:d8:99:97:17:33:34:78:c9:2a:0c:
d1:a5:e0:c5:1d:c7:52:b1:a8:8a:c8:6b:41:49:25:
05:7c:e3:09:28:4f:8e:2a:ce:5b:4d:c7:5c:d4:18:
58:2a:79:f4:40:3b:d9:13:88:4f:7a:15:72:e0:36:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A1:22:76:54:5D:E6:1F:26:11:B3:2E:CE:70:F0:F0:6E:61:25:3F
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/wqEidlRd5h8mEbMuznDw8G5hJT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.124.0/23
185.154.86.0/24
194.48.100.0/22
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
92:e1:7e:93:31:fd:85:07:69:aa:e0:82:60:47:4e:15:bd:0e:
0f:77:1b:85:1c:1f:07:b3:68:50:9c:40:35:5e:20:3f:2e:d1:
fb:66:0b:2e:b6:23:7d:99:07:f1:07:66:d7:81:cb:43:75:ba:
58:25:d2:e8:74:d8:79:47:73:58:58:a3:21:58:8a:42:be:0e:
89:66:47:6d:70:7b:32:a9:82:a2:38:e4:64:dc:04:ad:70:3c:
9b:c5:07:b5:62:77:04:79:6c:c4:da:53:07:a7:42:af:6c:5c:
5d:dd:64:05:23:09:53:8f:c8:3b:10:1e:7a:ae:2d:25:07:f2:
76:73:d2:60:31:4a:8c:66:de:06:25:52:ef:d4:bc:c4:46:3e:
26:aa:57:9f:1f:b1:ce:59:59:a9:2e:5d:d2:a4:da:04:c6:3d:
9b:d2:a1:15:9a:10:1b:23:35:52:b6:0e:89:18:84:3b:88:73:
47:98:33:b7:9b:4d:ef:4d:4e:39:2f:38:6a:97:51:88:05:08:
26:ef:0c:ce:ea:b2:38:13:03:67:23:d2:d8:d6:96:8d:e9:82:
5b:1f:f1:1c:18:a2:6b:61:44:83:38:cb:55:d7:b2:1a:b1:d1:
48:e2:b1:c6:66:71:29:f3:9b:4d:1b:de:d2:c5:2d:a9:83:a2:
b0:42:b6:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/A2EhDSHz63Sx0GZt2xqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmExMjI3NjU0NWRlNjFmMjYxMWIzMmVjZTcwZjBmMDZlNjEyNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyIf+4+FbZtIohf0WB53RZLvj75g
zkwPtmExLS9Z8nrKXOCP1E6jkWXwmYY/70jCDGIkfdRnYhH2aAcpSn3jSbC+jDqF
YTTTAsgK7nU4xmdvyZtKD1Bt1wmgk+S5YYCcwjA4jyEkX0jzKbn+BrGp7tdaGVn3
/hgqXbhg1SnLp+m4UOY7VFGPwPm2v6CxI0FpTps5qGSUdGdk/DIt2/ziGxGJk1yb
ZsgEHIvxrASLe9DeddSz+6JuZEBwO5OEolgJzCtDUuAb+diZlxczNHjJKgzRpeDF
HcdSsaiKyGtBSSUFfOMJKE+OKs5bTcdc1BhYKnn0QDvZE4hPehVy4DbV6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMKhInZUXeYfJhGzLs5w8PBuYSU/MB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEvd3FFaWRsUmQ1aDhtRWJNdXpuRHc4RzVoSlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBsvt8AwQA
uZpWAwQCwjBkMA0EAgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQCS4X6T
Mf2FB2mq4IJgR04VvQ4PdxuFHB8Hs2hQnEA1XiA/LtH7ZgsutiN9mQfxB2bXgctD
dbpYJdLodNh5R3NYWKMhWIpCvg6JZkdtcHsyqYKiOORk3AStcDybxQe1YncEeWzE
2lMHp0KvbFxd3WQFIwlTj8g7EB56ri0lB/J2c9JgMUqMZt4GJVLv1LzERj4mqlef
H7HOWVmpLl3SpNoExj2b0qEVmhAbIzVStg6JGIQ7iHNHmDO3m03vTU45Lzhql1GI
BQgm7wzO6rI4EwNnI9LY1paN6YJbH/EcGKJrYUSDOMtV17IasdFI4rHGZnEp85tN
G97SxS2pg6KwQrbh
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:57:22 2025 by rpki-client