Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/IwPxKQ0cH2VtiVJXXV7lwrIiVdY.roa
File: IwPxKQ0cH2VtiVJXXV7lwrIiVdY.roa (raw, json)
Hash identifier: Vp7I9HovJoiuEC9VCO+6KWFaSrjYJto9LxrxlUDp/FE=
Subject key identifier: 23:03:F1:29:0D:1C:1F:65:6D:89:52:57:5D:5E:E5:C2:B2:22:55:D6
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01942748545A3C43D8988FA79834542D98B7
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/IwPxKQ0cH2VtiVJXXV7lwrIiVdY.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29068
IP address blocks: 94.184.160.0/20 maxlen: 21
94.184.168.0/22 maxlen: 22
94.184.168.0/23 maxlen: 23
94.184.170.0/24 maxlen: 24
94.184.171.0/24 maxlen: 24
94.184.172.0/22 maxlen: 22
194.225.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:54:5a:3c:43:d8:98:8f:a7:98:34:54:2d:98:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2303f1290d1c1f656d8952575d5ee5c2b22255d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4c:22:93:7f:c7:fc:8a:8e:76:e8:e1:11:7c:
ee:71:71:02:e5:a1:4a:ae:f7:23:c3:ef:6c:d2:cf:
d8:65:0b:eb:a4:9e:72:9d:9c:94:55:49:99:d9:56:
b0:d0:67:e7:2a:11:b6:54:a6:7f:02:71:55:46:14:
a5:7d:5d:b7:db:54:24:6a:fb:e8:87:87:b2:08:75:
77:6d:2b:a7:1c:aa:88:26:60:4f:e0:32:e0:0c:fd:
f0:d5:ed:c0:40:69:14:25:8a:fc:6c:e6:50:10:d6:
2e:77:99:ed:56:e4:3b:b3:f8:1a:1e:43:56:8c:5b:
48:f0:d9:c7:79:c2:df:d7:91:07:a1:c9:b1:77:cc:
d2:02:5b:57:fa:45:b6:dd:f0:e8:8d:cb:5d:31:6a:
d9:21:c4:67:87:09:da:5c:81:77:9e:b8:5a:5e:02:
39:3b:8a:7a:08:6b:f3:dd:29:48:2a:86:17:7f:d1:
1b:80:ee:b0:5b:81:f7:b6:ce:65:55:b1:31:c6:2d:
d5:94:97:a2:31:1e:d5:8c:91:45:bd:19:f0:09:cf:
1c:7e:d1:5b:5d:16:2c:e2:64:de:e4:81:7c:81:30:
35:97:a6:ba:31:ad:86:7d:e9:3b:d6:bc:a6:db:6e:
5b:44:c6:b1:39:9c:1e:dc:4c:2c:e9:bf:a8:0f:cf:
82:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:03:F1:29:0D:1C:1F:65:6D:89:52:57:5D:5E:E5:C2:B2:22:55:D6
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/IwPxKQ0cH2VtiVJXXV7lwrIiVdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.160.0/20
194.225.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:60:b7:2e:d2:79:cb:3a:12:96:25:cd:d5:66:66:5d:78:a1:
4b:92:de:ef:f4:f5:a4:f7:1a:74:9f:65:07:fd:31:56:c2:94:
41:87:6d:1d:46:dc:bb:a2:1a:bc:2c:cd:fd:a4:e9:95:18:81:
66:88:4f:7f:6c:34:3d:01:fc:15:69:a3:76:c4:84:53:ba:c7:
aa:e9:dd:d6:3c:fe:c0:cd:13:f3:8e:f1:dc:ed:86:48:48:ea:
3a:da:cd:90:14:0c:81:0f:b7:c7:dd:54:b7:7e:4e:d0:cf:86:
8f:d2:8c:5c:48:15:9c:52:e3:42:c6:9c:e0:34:cb:6c:55:c4:
1b:d3:ac:4c:8e:da:41:67:72:f7:75:83:46:fd:48:5c:0a:27:
9d:d9:6d:c3:bf:8b:c0:b1:e5:7f:18:b9:45:69:00:48:7b:5d:
ef:8e:cb:d4:11:47:57:e3:2d:79:5f:49:2f:30:f2:43:aa:e8:
85:24:08:56:1f:90:12:a7:e3:12:8d:ef:53:37:61:28:9a:ce:
6e:05:23:41:7b:db:74:72:06:04:ef:78:e1:33:f0:6a:a6:9c:
da:19:fe:64:d7:c6:60:e1:e1:4a:75:ac:e1:8f:5b:cc:e6:5c:
9e:62:63:23:b0:53:e9:5d:79:8a:74:12:0f:f2:cb:50:cb:c9:
cf:c6:4d:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSFRaPEPYmI+nmDRULZi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAzZjEyOTBkMWMxZjY1NmQ4OTUyNTc1ZDVlZTVjMmIyMjI1NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEwik3/H/IqOdujhEXzucXEC5aFK
rvcjw+9s0s/YZQvrpJ5ynZyUVUmZ2Vaw0GfnKhG2VKZ/AnFVRhSlfV2321Qkavvo
h4eyCHV3bSunHKqIJmBP4DLgDP3w1e3AQGkUJYr8bOZQENYud5ntVuQ7s/gaHkNW
jFtI8NnHecLf15EHocmxd8zSAltX+kW23fDojctdMWrZIcRnhwnaXIF3nrhaXgI5
O4p6CGvz3SlIKoYXf9EbgO6wW4H3ts5lVbExxi3VlJeiMR7VjJFFvRnwCc8cftFb
XRYs4mTe5IF8gTA1l6a6Ma2Gfek71rym225bRMaxOZwe3Ews6b+oD8+CXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMD8SkNHB9lbYlSV11e5cKyIlXWMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvSXdQeEtRMGNIMlZ0aVZKWFhWN2x3cklpVmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXrigAwQE
wuEAMA0GCSqGSIb3DQEBCwUAA4IBAQCwYLcu0nnLOhKWJc3VZmZdeKFLkt7v9PWk
9xp0n2UH/TFWwpRBh20dRty7ohq8LM39pOmVGIFmiE9/bDQ9AfwVaaN2xIRTuseq
6d3WPP7AzRPzjvHc7YZISOo62s2QFAyBD7fH3VS3fk7Qz4aP0oxcSBWcUuNCxpzg
NMtsVcQb06xMjtpBZ3L3dYNG/UhcCied2W3Dv4vAseV/GLlFaQBIe13vjsvUEUdX
4y15X0kvMPJDquiFJAhWH5ASp+MSje9TN2Eoms5uBSNBe9t0cgYE73jhM/Bqppza
Gf5k18Zg4eFKdazhj1vM5lyeYmMjsFPpXXmKdBIP8stQy8nPxk1G
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:40 2025 by rpki-client