Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/WofWi7AY2voZ8zuxEwCCF11Li9Y.roa
File: WofWi7AY2voZ8zuxEwCCF11Li9Y.roa (raw, json)
Hash identifier: SwJtYvJm5nh+3634W4p5oPoXAQ3iVFOZXE2jIXt509U=
Subject key identifier: 5A:87:D6:8B:B0:18:DA:FA:19:F3:3B:B1:13:00:82:17:5D:4B:8B:D6
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 019427B4A0ACABCFC6AE44B5E5AF9B482083
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/WofWi7AY2voZ8zuxEwCCF11Li9Y.roa
Signing time: Thu 02 Jan 2025 15:48:56 +0000
ROA not before: Thu 02 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206844
IP address blocks: 45.156.32.0/22 maxlen: 24
45.158.54.0/23 maxlen: 24
185.174.160.0/22 maxlen: 24
2a07:1280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:a0:ac:ab:cf:c6:ae:44:b5:e5:af:9b:48:20:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Jan 2 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a87d68bb018dafa19f33bb1130082175d4b8bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:03:87:f3:d4:b9:b5:df:c2:4b:2a:87:de:1e:
73:7e:f8:97:0a:06:76:44:39:dc:7b:a5:a0:a1:e2:
c7:54:a5:db:45:c6:8c:84:8a:71:9e:10:b4:e7:ed:
f5:df:67:23:24:29:60:5c:57:21:e4:04:e3:b4:40:
a8:07:9c:97:ff:92:f0:81:47:ae:12:3f:17:9d:11:
75:62:f7:50:77:38:82:e6:7b:f1:8f:db:50:a2:c5:
b2:bd:14:43:9b:94:2d:b7:8d:a9:d0:b8:44:53:d2:
62:38:9f:3e:83:89:61:e3:18:d1:24:23:da:3a:1e:
b0:06:d1:c9:8f:df:54:07:0c:3d:b0:0c:db:6f:e1:
49:5e:a7:95:57:40:bc:6a:5c:9a:f4:e6:c3:d0:09:
33:43:42:63:0b:40:3c:c2:8c:0e:c7:5c:21:49:b7:
2a:f0:f0:d7:e4:c5:0e:c6:9b:d5:f8:21:84:25:b1:
be:a9:5d:84:f9:32:cc:c8:45:ae:8c:38:7c:48:96:
bd:cb:20:92:ad:cc:4e:28:6c:4b:a2:51:0a:58:03:
bf:d3:7e:55:15:bd:5f:f9:5f:d9:a7:f8:96:7b:df:
4c:90:54:30:b1:4b:02:cc:95:9f:49:51:eb:31:64:
94:98:02:53:4b:1d:45:a0:7a:23:3b:ff:88:7d:68:
00:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:87:D6:8B:B0:18:DA:FA:19:F3:3B:B1:13:00:82:17:5D:4B:8B:D6
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/WofWi7AY2voZ8zuxEwCCF11Li9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
45.158.54.0/23
185.174.160.0/22
IPv6:
2a07:1280::/32
Signature Algorithm: sha256WithRSAEncryption
1b:d3:d2:fd:2f:9b:c4:e5:cb:34:33:98:af:98:66:f5:a8:27:
57:15:01:58:5e:d9:4b:c1:63:c5:46:ff:4e:0b:53:a2:82:81:
17:d9:74:0e:af:55:78:af:38:6c:90:b6:e8:ad:84:54:20:01:
c8:7f:93:cb:12:1d:ad:cc:9c:d9:33:30:3a:73:6f:68:96:38:
60:9d:75:07:e4:18:9b:1e:0b:c8:f3:cf:89:e4:1c:d8:38:b7:
52:dc:5c:a1:01:87:a9:e8:a8:d8:35:ee:13:45:4c:f9:a7:70:
cc:ce:9b:34:4f:9a:1f:b1:00:b0:7e:80:b3:93:7b:5c:d4:4e:
57:75:7d:41:1a:38:cf:cf:f3:48:1d:74:ca:7a:80:3d:07:be:
c4:5f:91:3f:81:db:85:e6:71:53:c4:73:8a:aa:d8:d7:0c:b8:
d4:d3:9f:b3:55:da:ea:48:09:c6:c2:54:80:dd:ba:57:49:fe:
c5:3d:8c:a0:5e:bb:48:b9:ad:8e:06:2c:de:59:14:af:af:93:
8c:6e:33:a6:26:87:2e:8c:b6:4b:8d:c0:e2:20:40:74:1b:21:
2e:e1:a5:0a:80:58:8c:a8:8c:89:6d:51:0a:eb:eb:1e:51:45:
b1:04:2b:fe:66:3e:85:95:cf:19:d8:c5:6a:bc:c8:9a:fe:84:
54:02:e8:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQntKCsq8/GrkS15a+bSCCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjUwMTAyMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg3ZDY4YmIwMThkYWZhMTlmMzNiYjExMzAwODIxNzVkNGI4YmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwOH89S5td/CSyqH3h5zfviXCgZ2
RDnce6WgoeLHVKXbRcaMhIpxnhC05+3132cjJClgXFch5ATjtECoB5yX/5LwgUeu
Ej8XnRF1YvdQdziC5nvxj9tQosWyvRRDm5Qtt42p0LhEU9JiOJ8+g4lh4xjRJCPa
Oh6wBtHJj99UBww9sAzbb+FJXqeVV0C8alya9ObD0AkzQ0JjC0A8wowOx1whSbcq
8PDX5MUOxpvV+CGEJbG+qV2E+TLMyEWujDh8SJa9yyCSrcxOKGxLolEKWAO/035V
Fb1f+V/Zp/iWe99MkFQwsUsCzJWfSVHrMWSUmAJTSx1FoHojO/+IfWgAlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFqH1ouwGNr6GfM7sRMAghddS4vWMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvV29mV2k3QVkydm9aOHp1eEV3Q0NGMTFMaTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZwgAwQB
LZ42AwQCua6gMA0EAgACMAcDBQAqBxKAMA0GCSqGSIb3DQEBCwUAA4IBAQAb09L9
L5vE5cs0M5ivmGb1qCdXFQFYXtlLwWPFRv9OC1OigoEX2XQOr1V4rzhskLborYRU
IAHIf5PLEh2tzJzZMzA6c29oljhgnXUH5BibHgvI88+J5BzYOLdS3FyhAYep6KjY
Ne4TRUz5p3DMzps0T5ofsQCwfoCzk3tc1E5XdX1BGjjPz/NIHXTKeoA9B77EX5E/
gduF5nFTxHOKqtjXDLjU05+zVdrqSAnGwlSA3bpXSf7FPYygXrtIua2OBizeWRSv
r5OMbjOmJocujLZLjcDiIEB0GyEu4aUKgFiMqIyJbVEK6+seUUWxBCv+Zj6Flc8Z
2MVqvMia/oRUAugq
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:23 2025 by rpki-client