Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/whutfHrGbrMoUBiwqU4xPdyhmA0.roa
File: whutfHrGbrMoUBiwqU4xPdyhmA0.roa (raw, json)
Hash identifier: IJxHyhxFaVshf8NMZql5Td0GAvIXYopqx9xBaH+8idI=
Subject key identifier: C2:1B:AD:7C:7A:C6:6E:B3:28:50:18:B0:A9:4E:31:3D:DC:A1:98:0D
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019424456BD0762DACF0CD7704DE3D81B29A
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/whutfHrGbrMoUBiwqU4xPdyhmA0.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 147.136.64.0/24 maxlen: 24
168.199.132.0/24 maxlen: 24
168.199.186.0/24 maxlen: 24
168.199.227.0/24 maxlen: 24
192.95.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6b:d0:76:2d:ac:f0:cd:77:04:de:3d:81:b2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c21bad7c7ac66eb3285018b0a94e313ddca1980d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:18:5e:6a:2a:ff:da:e7:a8:ef:1c:6b:dd:
1d:45:3d:29:98:78:5e:97:10:ef:d7:8d:b0:f5:cb:
d2:89:bf:7b:c8:32:21:9d:66:9e:b2:bf:82:85:73:
d9:dc:af:78:86:ef:c9:9e:4a:f6:9e:07:9b:be:7b:
06:37:63:34:ce:5c:30:b9:dc:16:b5:08:67:66:1d:
ca:f1:17:6b:f2:c4:ff:eb:a6:7a:64:2f:8f:57:a2:
7d:3b:18:21:81:4e:48:ec:b0:ab:6c:d4:0f:3c:4e:
19:d8:ad:17:41:56:f8:50:6d:be:f3:b6:9d:d2:24:
8e:b9:38:6a:a7:3b:fe:fc:11:8f:89:44:87:df:3a:
ea:1b:f5:43:07:6e:d1:61:42:ae:8c:c3:90:ee:ce:
35:dc:86:3f:44:81:bf:63:54:9b:0a:98:77:7a:18:
82:36:4d:4e:94:2e:7e:bc:1a:c5:20:16:7a:78:8b:
01:d2:65:21:c7:c9:09:a9:09:61:8b:7f:5e:5a:a6:
43:a1:72:a5:8b:d1:08:1c:8a:e2:e1:91:1c:b3:1d:
4c:c5:21:4a:86:8e:83:2b:56:83:17:6a:84:a5:6f:
33:a8:e3:27:ee:8b:10:da:d5:af:06:67:1d:18:4a:
13:84:2d:52:d7:00:e3:67:e2:28:b8:e9:18:87:9b:
4f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1B:AD:7C:7A:C6:6E:B3:28:50:18:B0:A9:4E:31:3D:DC:A1:98:0D
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/whutfHrGbrMoUBiwqU4xPdyhmA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.64.0/24
168.199.132.0/24
168.199.186.0/24
168.199.227.0/24
192.95.80.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0f:2c:de:16:79:66:5a:9f:7f:38:a0:71:5a:20:75:d5:53:
c5:25:ec:ca:6b:cf:d7:b0:4d:01:b9:5d:f7:b8:41:54:f3:ee:
22:a1:e8:bd:78:bb:30:76:5d:eb:4e:50:7a:f4:8a:41:f0:5b:
36:a4:90:1f:b3:78:ea:0e:f8:51:ea:9f:5a:e1:86:68:b8:d8:
eb:f4:41:69:37:0b:fc:c0:ef:db:d5:04:66:b7:1c:12:2b:5f:
82:83:08:af:1e:8b:dd:be:03:91:2c:50:4c:c0:40:22:bf:b2:
5e:d4:df:f3:d4:e2:6e:c8:f2:65:40:9b:43:a9:8c:9b:6c:48:
e0:bd:81:62:f0:ee:27:57:a2:cf:51:64:1e:e1:8f:98:fe:7d:
7d:10:f5:5e:44:6b:2d:db:18:1c:68:ae:9d:23:da:42:95:4d:
dc:4e:35:b5:f9:45:cf:3a:fd:d3:0c:e6:e8:f4:66:e5:41:99:
90:ef:e0:3a:50:75:e6:1a:52:1e:d8:ed:21:95:06:ab:60:2a:
49:2b:cf:24:17:9c:5a:75:2d:ea:41:1a:56:a0:84:75:dc:42:
5d:23:5a:a4:e0:a4:5f:56:95:af:79:93:fe:46:75:99:ae:77:
2c:03:61:1e:8e:8d:7f:3f:a4:fb:48:6f:71:9d:d0:f7:fb:ac:
0d:e1:58:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRWvQdi2s8M13BN49gbKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFiYWQ3YzdhYzY2ZWIzMjg1MDE4YjBhOTRlMzEzZGRjYTE5ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhQYXmoq/9rnqO8ca90dRT0pmHhe
lxDv142w9cvSib97yDIhnWaesr+ChXPZ3K94hu/Jnkr2ngebvnsGN2M0zlwwudwW
tQhnZh3K8Rdr8sT/66Z6ZC+PV6J9OxghgU5I7LCrbNQPPE4Z2K0XQVb4UG2+87ad
0iSOuThqpzv+/BGPiUSH3zrqG/VDB27RYUKujMOQ7s413IY/RIG/Y1SbCph3ehiC
Nk1OlC5+vBrFIBZ6eIsB0mUhx8kJqQlhi39eWqZDoXKli9EIHIri4ZEcsx1MxSFK
ho6DK1aDF2qEpW8zqOMn7osQ2tWvBmcdGEoThC1S1wDjZ+IouOkYh5tPPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMIbrXx6xm6zKFAYsKlOMT3coZgNMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvd2h1dGZIckdick1vVUJpd3FVNHhQZHlobUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAk4hAAwQA
qMeEAwQAqMe6AwQAqMfjAwQAwF9QMA0GCSqGSIb3DQEBCwUAA4IBAQA5DyzeFnlm
Wp9/OKBxWiB11VPFJezKa8/XsE0BuV33uEFU8+4ioei9eLswdl3rTlB69IpB8Fs2
pJAfs3jqDvhR6p9a4YZouNjr9EFpNwv8wO/b1QRmtxwSK1+CgwivHovdvgORLFBM
wEAiv7Je1N/z1OJuyPJlQJtDqYybbEjgvYFi8O4nV6LPUWQe4Y+Y/n19EPVeRGst
2xgcaK6dI9pClU3cTjW1+UXPOv3TDObo9GblQZmQ7+A6UHXmGlIe2O0hlQarYCpJ
K88kF5xadS3qQRpWoIR13EJdI1qk4KRfVpWveZP+RnWZrncsA2Eejo1/P6T7SG9x
ndD3+6wN4ViE
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:51:57 2025 by rpki-client