Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/Wem4R1HhiLTH9JF3d-SZOmy37u0.roa
File: Wem4R1HhiLTH9JF3d-SZOmy37u0.roa (raw, json)
Hash identifier: 7MdQgNFI/gw33JrzBz7PAxkDLsGz7qoxKurvzPVxBTY=
Subject key identifier: 59:E9:B8:47:51:E1:88:B4:C7:F4:91:77:77:E4:99:3A:6C:B7:EE:ED
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 019427479C6F05134CD797A041E9E6CAD85B
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/Wem4R1HhiLTH9JF3d-SZOmy37u0.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42369
IP address blocks: 91.250.253.0/24 maxlen: 24
94.176.160.0/23 maxlen: 23
94.176.160.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
185.235.147.0/24 maxlen: 24
188.240.51.0/24 maxlen: 24
194.33.191.0/24 maxlen: 24
2a10:8b40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9c:6f:05:13:4c:d7:97:a0:41:e9:e6:ca:d8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59e9b84751e188b4c7f4917777e4993a6cb7eeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:b5:9a:38:da:bd:55:a4:8f:c1:29:2f:02:
0e:0a:81:37:d1:ae:cd:16:0a:30:a6:84:bd:12:c3:
83:22:0a:4c:b1:4a:d7:62:7e:84:c3:1d:2e:19:79:
0b:f1:81:d0:20:a8:80:12:b8:fd:f7:54:4d:54:2a:
a6:6a:99:cf:b0:6b:87:19:5b:05:8f:9b:5b:be:9c:
cf:44:18:11:92:98:da:c0:7e:45:b6:46:7e:79:b1:
80:cb:a1:9a:cd:30:dd:bf:9b:cd:10:d3:b2:0c:ce:
44:fa:4d:54:f8:cf:c2:e1:57:42:e9:9a:b2:d5:b2:
d4:f7:26:e3:7f:b3:ea:4e:e0:fb:f4:6f:70:6f:bd:
4c:3a:f4:60:2e:87:a6:56:fd:c3:f0:b0:ed:fb:70:
81:2f:e3:9a:f6:f7:0f:4a:60:99:ba:1c:3d:25:a2:
e0:4c:92:84:22:df:07:08:d3:e2:76:3f:52:5f:cb:
ab:7c:f8:c4:a1:36:a9:9a:46:e0:34:e4:75:77:fc:
c5:8c:06:3b:be:4c:49:96:84:9e:b6:11:bd:ff:18:
bd:e5:40:17:08:b0:86:cc:ec:67:fd:13:d3:23:c9:
90:68:df:46:38:b1:3d:28:f8:e1:79:6a:f4:bd:9a:
9a:d1:e6:4c:8e:26:28:c3:20:5e:21:9b:39:33:15:
15:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E9:B8:47:51:E1:88:B4:C7:F4:91:77:77:E4:99:3A:6C:B7:EE:ED
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/Wem4R1HhiLTH9JF3d-SZOmy37u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.250.253.0/24
94.176.160.0/23
185.235.147.0/24
188.240.51.0/24
194.33.191.0/24
IPv6:
2a10:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
4b:c6:70:81:fa:c5:68:8c:57:66:9f:95:c8:d0:f8:75:ea:ea:
de:48:fd:fd:2f:63:4e:bc:b9:eb:99:9c:c1:51:2d:11:6f:3a:
5f:f2:f0:21:88:b2:f7:77:5b:a8:af:d4:9e:b1:a5:46:40:da:
43:f0:67:cd:be:f2:85:ca:88:12:3a:17:b1:e2:91:fd:24:17:
28:fb:cd:0e:e0:92:9a:d6:09:bc:9c:d3:91:df:ee:46:3a:e6:
72:eb:3b:ed:6d:1c:c4:59:70:c0:7c:b6:a4:4c:e0:fb:b6:04:
cd:07:29:56:30:52:3a:7b:27:69:34:17:a0:d9:21:93:e7:73:
8c:87:ff:b7:5d:4e:ac:86:e6:a6:21:86:1c:03:e8:6b:e6:80:
49:14:86:37:96:8a:2d:24:01:50:ae:86:8a:ff:4a:34:fd:63:
a1:64:b9:4c:63:be:42:88:21:e9:e0:08:3c:f5:ae:a0:64:b9:
8d:35:eb:00:0a:63:7a:0a:c1:79:ac:96:89:aa:2a:33:9d:88:
fc:89:fa:55:c4:f1:0e:c1:8b:30:41:20:3d:79:06:d6:e9:af:
fb:6b:12:f0:13:4c:d6:dc:a5:b3:91:d4:07:9a:d3:20:9d:5f:
a7:29:f9:48:5f:d0:c2:09:38:c9:02:7a:5b:70:80:08:da:09:
12:76:be:d9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQnR5xvBRNM15egQenmythbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWU5Yjg0NzUxZTE4OGI0YzdmNDkxNzc3N2U0OTkzYTZjYjdlZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf61mjjavVWkj8EpLwIOCoE30a7N
FgowpoS9EsODIgpMsUrXYn6Ewx0uGXkL8YHQIKiAErj991RNVCqmapnPsGuHGVsF
j5tbvpzPRBgRkpjawH5FtkZ+ebGAy6GazTDdv5vNENOyDM5E+k1U+M/C4VdC6Zqy
1bLU9ybjf7PqTuD79G9wb71MOvRgLoemVv3D8LDt+3CBL+Oa9vcPSmCZuhw9JaLg
TJKEIt8HCNPidj9SX8urfPjEoTapmkbgNOR1d/zFjAY7vkxJloSethG9/xi95UAX
CLCGzOxn/RPTI8mQaN9GOLE9KPjheWr0vZqa0eZMjiYowyBeIZs5MxUV1QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFnpuEdR4Yi0x/SRd3fkmTpst+7tMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xL1dlbTRSMUhoaUxUSDlKRjNkLVNaT215Mzd1MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBABb+v0D
BAFesKADBAC565MDBAC88DMDBADCIb8wDQQCAAIwBwMFACoQi0AwDQYJKoZIhvcN
AQELBQADggEBAEvGcIH6xWiMV2aflcjQ+HXq6t5I/f0vY068ueuZnMFRLRFvOl/y
8CGIsvd3W6iv1J6xpUZA2kPwZ82+8oXKiBI6F7Hikf0kFyj7zQ7gkprWCbyc05Hf
7kY65nLrO+1tHMRZcMB8tqRM4Pu2BM0HKVYwUjp7J2k0F6DZIZPnc4yH/7ddTqyG
5qYhhhwD6GvmgEkUhjeWii0kAVCuhor/SjT9Y6FkuUxjvkKIIengCDz1rqBkuY01
6wAKY3oKwXmslomqKjOdiPyJ+lXE8Q7BizBBID15Btbpr/trEvATTNbcpbOR1Aea
0yCdX6cp+Uhf0MIJOMkCeltwgAjaCRJ2vtk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:20:35 2025 by rpki-client