Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Woo9uQ4ucTRYjMh9ah88cw5clxk.roa
File: Woo9uQ4ucTRYjMh9ah88cw5clxk.roa (raw, json)
Hash identifier: WrdAqZeK7ES2+LIoGcfX11G6G4YXGyd2qn4CZO/jQsA=
Subject key identifier: 5A:8A:3D:B9:0E:2E:71:34:58:8C:C8:7D:6A:1F:3C:73:0E:5C:97:19
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 019427B53B14D97FBFF68699792A49DB8483
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Woo9uQ4ucTRYjMh9ah88cw5clxk.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 195.122.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3b:14:d9:7f:bf:f6:86:99:79:2a:49:db:84:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a8a3db90e2e7134588cc87d6a1f3c730e5c9719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f6:d8:b4:c3:e9:12:64:82:e6:5f:fa:0a:13:
23:21:db:39:7d:fd:b1:ff:e6:3e:d7:44:5c:fe:58:
4a:99:55:bb:68:18:fe:14:5e:98:ac:2e:81:f3:ea:
47:9f:16:69:2e:07:ca:f9:67:06:15:ae:c7:fc:be:
5b:1a:93:a6:28:3c:1d:f8:1c:c1:bf:b1:45:c7:9b:
40:1a:bc:23:85:4f:05:2d:bf:3f:ee:c4:2c:1d:f2:
89:96:36:bb:34:a7:0b:e1:4a:41:ba:d3:6b:0b:8c:
6c:3c:d6:a4:ff:06:eb:79:aa:4d:7b:4e:8e:2b:04:
78:f1:ca:6f:71:41:2f:7c:77:f0:79:36:f1:77:c7:
ef:c0:9b:2e:fe:12:c5:f0:dc:ca:0c:54:43:88:25:
38:d7:d7:e2:3a:7e:fc:1e:99:c7:c0:40:18:31:e0:
c4:cc:22:14:37:71:00:cb:ef:3f:ed:26:6b:f3:d9:
7b:24:96:9a:b4:f6:ec:0a:e6:52:17:4a:cc:0f:5b:
27:54:df:53:30:24:67:32:c8:d1:21:f9:37:51:f5:
b8:e9:15:2b:bb:d7:b2:da:ea:5a:90:5b:a0:2b:e9:
89:d2:f2:c5:51:ef:5a:c3:79:58:af:2e:f5:59:16:
b2:6b:f4:b8:b7:b4:71:34:dd:8f:99:3a:b9:9f:08:
64:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8A:3D:B9:0E:2E:71:34:58:8C:C8:7D:6A:1F:3C:73:0E:5C:97:19
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Woo9uQ4ucTRYjMh9ah88cw5clxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.122.186.0/24
Signature Algorithm: sha256WithRSAEncryption
76:10:f4:0b:41:2d:f8:82:04:3f:88:4d:47:20:ad:95:66:a0:
01:33:86:25:6d:d0:3f:01:05:a1:33:7a:fe:81:db:d7:0c:90:
1c:3e:a9:2b:02:aa:de:bc:e8:de:2c:85:2b:65:cf:cc:62:7f:
bb:39:3e:a5:d2:69:d6:20:89:83:72:5d:19:ea:f9:e3:6e:77:
2c:53:18:aa:1c:93:4b:68:38:2c:fe:d0:f1:00:2b:98:cf:ef:
71:95:b2:08:b5:c5:23:30:25:95:93:bf:0f:19:a4:92:6e:ca:
52:b4:02:94:f3:9f:d1:48:7e:76:ae:61:75:38:24:d5:1f:8e:
8f:f5:d0:5d:21:71:0b:54:cd:a7:1a:ae:f7:c1:e2:67:8f:a3:
f6:0f:9c:67:22:90:f8:80:d7:ad:7e:bb:4d:1e:73:01:22:5e:
f1:ea:68:3a:1e:76:f8:34:45:14:44:a3:78:55:ed:d5:d3:46:
49:6b:40:19:cd:4e:3b:db:8f:24:3e:a1:f0:53:dc:3e:c4:9b:
16:50:0b:2c:4a:22:b2:0a:f2:30:61:7f:cf:3a:0f:f8:a9:d0:
5f:a8:9a:6e:5c:de:9a:55:23:db:e9:31:0e:a4:76:b8:52:89:
f0:92:57:a3:bd:22:09:e2:41:e5:66:5f:da:54:b7:77:40:a1:
2d:82:99:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntTsU2X+/9oaZeSpJ24SDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThhM2RiOTBlMmU3MTM0NTg4Y2M4N2Q2YTFmM2M3MzBlNWM5NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/bYtMPpEmSC5l/6ChMjIds5ff2x
/+Y+10Rc/lhKmVW7aBj+FF6YrC6B8+pHnxZpLgfK+WcGFa7H/L5bGpOmKDwd+BzB
v7FFx5tAGrwjhU8FLb8/7sQsHfKJlja7NKcL4UpButNrC4xsPNak/wbreapNe06O
KwR48cpvcUEvfHfweTbxd8fvwJsu/hLF8NzKDFRDiCU419fiOn78HpnHwEAYMeDE
zCIUN3EAy+8/7SZr89l7JJaatPbsCuZSF0rMD1snVN9TMCRnMsjRIfk3UfW46RUr
u9ey2upakFugK+mJ0vLFUe9aw3lYry71WRaya/S4t7RxNN2PmTq5nwhkEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqKPbkOLnE0WIzIfWofPHMOXJcZMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvV29vOXVRNHVjVFJZak1oOWFoODhjdzVjbHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3q6MA0G
CSqGSIb3DQEBCwUAA4IBAQB2EPQLQS34ggQ/iE1HIK2VZqABM4YlbdA/AQWhM3r+
gdvXDJAcPqkrAqrevOjeLIUrZc/MYn+7OT6l0mnWIImDcl0Z6vnjbncsUxiqHJNL
aDgs/tDxACuYz+9xlbIItcUjMCWVk78PGaSSbspStAKU85/RSH52rmF1OCTVH46P
9dBdIXELVM2nGq73weJnj6P2D5xnIpD4gNetfrtNHnMBIl7x6mg6Hnb4NEUURKN4
Ve3V00ZJa0AZzU47248kPqHwU9w+xJsWUAssSiKyCvIwYX/POg/4qdBfqJpuXN6a
VSPb6TEOpHa4UonwklejvSIJ4kHlZl/aVLd3QKEtgply
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:31:34 2025 by rpki-client