Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/wXmD77ivrLBnzkfNVUx9GVYS9fw.roa
File: wXmD77ivrLBnzkfNVUx9GVYS9fw.roa (raw, json)
Hash identifier: tE/07N+y9ScJvAqYYnDp5CmkVEB1T6atwgfCQwskaeM=
Subject key identifier: C1:79:83:EF:B8:AF:AC:B0:67:CE:47:CD:55:4C:7D:19:56:12:F5:FC
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDA8942492C1C5A4BE60F221F323A
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/wXmD77ivrLBnzkfNVUx9GVYS9fw.roa
Signing time: Thu 02 Jan 2025 05:48:26 +0000
ROA not before: Thu 02 Jan 2025 05:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208771
IP address blocks: 2a12:7a40:9909::/48 maxlen: 48
2a12:7a40:9919::/48 maxlen: 48
2a12:7a40:9929::/48 maxlen: 48
2a12:7a40:9939::/48 maxlen: 48
2a12:7a40:9949::/48 maxlen: 48
2a12:7a40:9959::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:da:89:42:49:2c:1c:5a:4b:e6:0f:22:1f:32:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c17983efb8afacb067ce47cd554c7d195612f5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2f:0b:75:93:4d:7b:22:a4:60:5e:e5:10:52:
65:8b:88:02:8a:8b:29:77:bf:b1:0d:a8:b9:e6:b0:
ab:4b:ac:f4:ba:bb:f6:38:d4:d6:c9:3b:13:a6:fe:
d8:2b:13:7a:2a:ba:0e:7a:1e:a6:f5:ed:ca:42:b0:
79:0c:54:78:1b:29:ac:f7:3d:c1:da:ef:c0:66:eb:
fd:65:32:f5:bf:06:eb:2c:1e:0a:4f:b8:ad:0c:19:
05:f7:cd:cc:94:fd:30:8e:72:a5:56:41:11:db:65:
64:09:aa:e0:8a:53:50:a5:4d:fc:a3:36:0a:39:ce:
88:46:1c:ac:88:08:03:d3:67:79:9c:a3:95:25:11:
64:d5:ee:f0:94:4b:81:97:a2:13:93:f3:c4:a2:aa:
5c:c6:75:40:61:42:cb:e4:e4:e4:ac:09:db:17:b2:
15:77:45:05:a6:cc:1b:1c:b5:60:8e:15:0c:cc:dd:
dd:ac:5a:c9:51:e2:2a:4a:66:18:3a:6c:3c:15:bc:
75:59:69:ed:67:2d:ce:a7:ee:69:8c:96:e5:d6:c7:
20:64:45:33:86:7b:36:ca:40:49:39:3a:21:eb:fa:
0d:5e:5d:26:d3:07:8f:01:74:6b:78:6b:f6:ac:39:
c2:36:64:0f:11:cb:06:e7:61:e0:75:ab:61:b6:38:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:79:83:EF:B8:AF:AC:B0:67:CE:47:CD:55:4C:7D:19:56:12:F5:FC
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/wXmD77ivrLBnzkfNVUx9GVYS9fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9909::/48
2a12:7a40:9919::/48
2a12:7a40:9929::/48
2a12:7a40:9939::/48
2a12:7a40:9949::/48
2a12:7a40:9959::/48
Signature Algorithm: sha256WithRSAEncryption
66:fb:4a:37:71:a4:85:a2:92:f3:7b:fb:8a:74:3e:e9:d3:a3:
ca:6d:47:b0:dd:36:36:24:cd:98:1d:50:bc:0b:01:d0:9e:af:
2e:8c:3c:cd:c7:3b:09:a8:df:49:ca:08:87:cb:1e:c3:2c:8f:
53:3f:da:81:df:b3:5c:dd:9f:e2:b0:72:1a:4c:eb:44:d9:c1:
df:95:5e:01:0b:e7:64:1b:67:c9:0b:9a:ea:a6:08:18:60:51:
36:3b:cb:32:03:a0:1d:dd:00:07:ed:5c:2b:c8:7e:22:d5:f1:
b3:b6:5d:10:82:3a:f5:31:1c:23:92:b6:2f:30:5d:f6:5b:2a:
13:64:02:8e:f5:77:e5:6e:15:1b:96:fc:97:76:4c:46:82:06:
2a:2c:f2:45:9f:1b:8b:e9:8d:02:1c:f3:18:49:98:1e:40:fa:
fa:5c:03:28:36:24:21:14:6e:09:74:af:f9:eb:41:8b:72:2d:
02:4b:9b:ff:53:7d:e4:84:fd:2c:88:50:49:da:a3:6b:59:4e:
bb:f0:fe:06:a5:cb:8c:10:5e:93:8a:89:ac:8d:e4:ec:34:ea:
65:52:e2:a4:56:1e:82:ac:8c:db:06:05:47:a6:31:f1:2d:cf:
d7:c2:7d:97:64:01:4c:3e:cd:3a:c9:b0:46:c1:16:3a:4d:04:
4f:0c:63:8f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljtqJQkksHFpL5g8iHzI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc5ODNlZmI4YWZhY2IwNjdjZTQ3Y2Q1NTRjN2QxOTU2MTJmNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy8LdZNNeyKkYF7lEFJli4gCiosp
d7+xDai55rCrS6z0urv2ONTWyTsTpv7YKxN6KroOeh6m9e3KQrB5DFR4Gyms9z3B
2u/AZuv9ZTL1vwbrLB4KT7itDBkF983MlP0wjnKlVkER22VkCargilNQpU38ozYK
Oc6IRhysiAgD02d5nKOVJRFk1e7wlEuBl6ITk/PEoqpcxnVAYULL5OTkrAnbF7IV
d0UFpswbHLVgjhUMzN3drFrJUeIqSmYYOmw8Fbx1WWntZy3Op+5pjJbl1scgZEUz
hns2ykBJOToh6/oNXl0m0wePAXRreGv2rDnCNmQPEcsG52HgdathtjiuDQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMF5g++4r6ywZ85HzVVMfRlWEvX8MB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvd1htRDc3aXZyTEJuemtmTlZVeDlHVllTOWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkJ
AwcAKhJ6QJkZAwcAKhJ6QJkpAwcAKhJ6QJk5AwcAKhJ6QJlJAwcAKhJ6QJlZMA0G
CSqGSIb3DQEBCwUAA4IBAQBm+0o3caSFopLze/uKdD7p06PKbUew3TY2JM2YHVC8
CwHQnq8ujDzNxzsJqN9JygiHyx7DLI9TP9qB37Nc3Z/isHIaTOtE2cHflV4BC+dk
G2fJC5rqpggYYFE2O8syA6Ad3QAH7VwryH4i1fGztl0Qgjr1MRwjkrYvMF32WyoT
ZAKO9XflbhUblvyXdkxGggYqLPJFnxuL6Y0CHPMYSZgeQPr6XAMoNiQhFG4JdK/5
60GLci0CS5v/U33khP0siFBJ2qNrWU678P4GpcuMEF6TiomsjeTsNOplUuKkVh6C
rIzbBgVHpjHxLc/Xwn2XZAFMPs06ybBGwRY6TQRPDGOP
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:01:10 2025 by rpki-client