Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wfH_8mIr7MBsK_uV9NPJu7HH2As.roa
File: wfH_8mIr7MBsK_uV9NPJu7HH2As.roa (raw, json)
Hash identifier: 2AXYup1ENAMZ7fdArfiBEwsjx4YcbphMs2+KrTbk3Gw=
Subject key identifier: C1:F1:FF:F2:62:2B:EC:C0:6C:2B:FB:95:F4:D3:C9:BB:B1:C7:D8:0B
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01959C42AC1D0064836D37A4BA13A48C3043
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wfH_8mIr7MBsK_uV9NPJu7HH2As.roa
Signing time: Sun 16 Mar 2025 00:02:49 +0000
ROA not before: Sun 16 Mar 2025 00:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41717
IP address blocks: 2.58.244.0/24 maxlen: 24
2.58.245.0/24 maxlen: 24
2.58.246.0/24 maxlen: 24
2.58.247.0/24 maxlen: 24
2.58.248.0/24 maxlen: 24
2.58.249.0/24 maxlen: 24
2.58.250.0/24 maxlen: 24
2.58.251.0/24 maxlen: 24
5.183.116.0/23 maxlen: 23
5.183.116.0/24 maxlen: 24
5.183.117.0/24 maxlen: 24
5.183.118.0/24 maxlen: 24
5.183.119.0/24 maxlen: 24
5.183.120.0/22 maxlen: 24
5.183.120.0/23 maxlen: 23
5.183.120.0/24 maxlen: 24
5.183.121.0/24 maxlen: 24
5.183.122.0/24 maxlen: 24
5.183.123.0/24 maxlen: 24
45.8.32.0/24 maxlen: 24
45.8.34.0/24 maxlen: 24
45.8.35.0/24 maxlen: 24
45.139.194.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
80.66.199.0/24 maxlen: 24
95.214.166.0/24 maxlen: 24
95.214.167.0/24 maxlen: 24
185.198.71.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 22:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9c:42:ac:1d:00:64:83:6d:37:a4:ba:13:a4:8c:30:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 16 00:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1f1fff2622becc06c2bfb95f4d3c9bbb1c7d80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:cb:30:03:24:6a:7b:c8:a2:05:9e:b7:aa:
9d:93:ce:4b:58:8a:21:8b:12:98:cd:42:d3:81:e0:
76:0d:28:df:d5:e0:87:9e:4c:05:75:64:11:f9:8c:
7c:c4:c6:b8:53:28:9c:68:ca:86:af:09:7a:ed:03:
e9:9c:e3:ab:71:81:eb:1d:b2:30:75:3d:bb:f2:a0:
7a:ea:4f:10:03:d4:b3:10:69:5b:15:43:c0:6b:af:
84:3a:d7:5c:eb:fb:75:02:47:bc:97:b3:02:73:e9:
d3:73:e1:99:3c:44:88:d6:f3:d8:5c:d7:d4:0a:ac:
5a:6e:43:07:9e:7c:ff:07:96:88:27:2b:60:50:4a:
c6:45:b5:af:f3:55:76:ba:0c:a3:1c:6c:7e:9d:85:
f0:bd:8e:fe:47:c8:55:3d:d2:72:a1:b3:11:d1:48:
ec:5b:96:4c:dd:3c:bd:e0:1f:05:54:fe:80:5a:af:
16:20:c0:27:f8:d7:d7:28:b6:98:81:95:9a:3a:24:
2b:50:96:b7:87:a7:a9:22:52:5b:f3:17:97:1f:64:
63:2e:72:45:db:4e:df:e7:e6:3f:fb:63:4b:39:e4:
bf:31:05:ba:5e:78:f1:91:42:a1:51:d8:2e:c3:70:
9b:dc:49:83:59:6e:39:3b:de:a8:5b:dc:37:a8:aa:
6a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F1:FF:F2:62:2B:EC:C0:6C:2B:FB:95:F4:D3:C9:BB:B1:C7:D8:0B
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wfH_8mIr7MBsK_uV9NPJu7HH2As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.244.0-2.58.251.255
5.183.116.0-5.183.123.255
45.8.32.0/24
45.8.34.0/23
45.139.194.0/24
45.141.44.0/22
80.66.199.0/24
95.214.166.0/23
185.198.71.0/24
194.104.144.0/24
Signature Algorithm: sha256WithRSAEncryption
18:69:3b:53:cd:83:1f:fb:7f:8a:80:19:2e:69:86:f8:67:08:
51:0b:b0:22:74:fa:26:25:8d:b3:de:64:25:90:4a:22:e4:83:
a9:c7:0c:af:10:eb:71:eb:ea:c8:b2:07:4c:c8:35:f1:f0:a3:
b4:a8:8a:dd:b1:3f:a6:9c:b0:10:70:0f:3b:fb:23:6a:fb:16:
0c:61:fd:a4:f1:55:f0:ba:25:6d:c6:10:00:19:c8:9d:ab:64:
df:0c:80:ba:30:52:9e:60:55:cc:92:f6:7f:f8:3d:5c:ce:5d:
53:24:22:ad:e0:df:70:32:ba:4c:04:bb:5b:8f:9e:cb:ea:8a:
41:f5:1e:03:52:b2:c6:5c:cf:70:b6:67:67:73:64:94:79:f8:
b8:dc:51:d1:0b:d5:d7:bb:93:0e:7c:6b:91:f0:09:b0:5d:f5:
fc:f9:87:93:08:4f:0e:fc:15:71:df:9d:55:da:72:15:87:61:
c3:03:94:99:0e:c2:58:a0:45:cf:39:98:08:93:7a:2b:68:64:
12:84:8a:e6:06:53:9a:57:b8:c0:a2:0c:0a:72:f0:17:db:47:
46:0a:f4:f3:f0:f2:05:31:be:ed:a4:e4:fd:79:4b:fc:90:bb:
d5:39:f6:5c:dc:00:57:ad:e3:da:91:7b:4c:18:3b:92:85:5f:
ad:5f:24:cc
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZWcQqwdAGSDbTekuhOkjDBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMzE2MDAwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYxZmZmMjYyMmJlY2MwNmMyYmZiOTVmNGQzYzliYmIxYzdkODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqnLMAMkanvIogWet6qdk85LWIoh
ixKYzULTgeB2DSjf1eCHnkwFdWQR+Yx8xMa4UyicaMqGrwl67QPpnOOrcYHrHbIw
dT278qB66k8QA9SzEGlbFUPAa6+EOtdc6/t1Ake8l7MCc+nTc+GZPESI1vPYXNfU
CqxabkMHnnz/B5aIJytgUErGRbWv81V2ugyjHGx+nYXwvY7+R8hVPdJyobMR0Ujs
W5ZM3Ty94B8FVP6AWq8WIMAn+NfXKLaYgZWaOiQrUJa3h6epIlJb8xeXH2RjLnJF
207f5+Y/+2NLOeS/MQW6XnjxkUKhUdguw3Cb3EmDWW45O96oW9w3qKpqzwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMHx//JiK+zAbCv7lfTTybuxx9gLMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvd2ZIXzhtSXI3TUJzS191VjlOUEp1N0hIMkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAICOvQD
BAICOvgwDAMEAgW3dAMEAgW3eAMEAC0IIAMEAS0IIgMEAC2LwgMEAi2NLAMEAFBC
xwMEAV/WpgMEALnGRwMEAMJokDANBgkqhkiG9w0BAQsFAAOCAQEAGGk7U82DH/t/
ioAZLmmG+GcIUQuwInT6JiWNs95kJZBKIuSDqccMrxDrcevqyLIHTMg18fCjtKiK
3bE/ppywEHAPO/sjavsWDGH9pPFV8LolbcYQABnInatk3wyAujBSnmBVzJL2f/g9
XM5dUyQireDfcDK6TAS7W4+ey+qKQfUeA1KyxlzPcLZnZ3NklHn4uNxR0QvV17uT
DnxrkfAJsF31/PmHkwhPDvwVcd+dVdpyFYdhwwOUmQ7CWKBFzzmYCJN6K2hkEoSK
5gZTmle4wKIMCnLwF9tHRgr08/DyBTG+7aTk/XlL/JC71Tn2XNwAV63j2pF7TBg7
koVfrV8kzA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:28:58 2025 by rpki-client