Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WsWf9GSA4L_JhEW23Ldr1Wm9FnA.roa
File: WsWf9GSA4L_JhEW23Ldr1Wm9FnA.roa (raw, json)
Hash identifier: CoXTuo4ZMfCHvVlTfPlqrWyPXWxX/qX6BmAs6YGhQv4=
Subject key identifier: 5A:C5:9F:F4:64:80:E0:BF:C9:84:45:B6:DC:B7:6B:D5:69:BD:16:70
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194214415F37D670217F3891B3F1274630C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WsWf9GSA4L_JhEW23Ldr1Wm9FnA.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211975
IP address blocks: 82.152.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:15:f3:7d:67:02:17:f3:89:1b:3f:12:74:63:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ac59ff46480e0bfc98445b6dcb76bd569bd1670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:81:d2:c8:fd:4a:d5:57:ee:c5:f2:01:d0:fd:
e1:f6:8e:f8:66:d8:b2:3b:e2:f1:ed:c8:13:ad:bd:
3b:ae:52:e8:ee:92:8b:d0:0f:23:c1:69:3e:2c:70:
72:03:8f:ed:11:58:ae:42:ac:b0:63:2f:52:c1:74:
9e:2a:16:8a:01:3b:b0:56:64:d1:07:4c:08:75:ee:
2b:c4:7a:45:85:a6:78:1f:ff:d6:a5:69:1d:1f:c9:
d3:8f:c4:95:ab:45:5b:c5:23:2d:43:98:04:79:c0:
70:19:71:e2:6d:e3:f2:48:51:87:f0:b3:db:d8:16:
8b:9a:55:af:01:75:ce:84:92:cc:20:9d:b9:05:e7:
86:d0:c8:41:78:36:7d:81:84:f1:1e:e7:ac:73:c7:
c3:e2:31:4e:6c:41:bd:3c:c9:68:4c:ee:38:62:af:
1a:e7:ab:8d:3f:25:b0:9e:3c:f7:6d:2a:4a:72:24:
1b:ec:fa:b1:85:a7:55:86:b4:f9:c6:be:45:5c:d1:
a0:55:69:59:74:db:5a:0b:da:83:8a:5c:5a:80:59:
6e:ef:47:f5:8e:2f:8b:e1:9d:d6:28:96:9a:c1:9d:
42:93:3f:8e:53:65:d4:9f:0c:8b:e0:89:03:f9:13:
08:f3:7d:e4:e3:03:d6:1b:29:bb:20:03:9b:45:8b:
d7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C5:9F:F4:64:80:E0:BF:C9:84:45:B6:DC:B7:6B:D5:69:BD:16:70
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WsWf9GSA4L_JhEW23Ldr1Wm9FnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.177.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:fb:e1:ff:1c:35:0a:53:37:66:2d:c3:8b:d8:52:17:06:81:
a3:6f:6d:79:bf:72:7c:ef:dd:3c:fd:a2:59:63:70:ff:a1:51:
56:dd:0b:99:75:e6:d8:91:fb:49:6b:dc:26:55:69:b5:9c:72:
c2:75:5e:16:10:16:09:71:e4:d7:ed:24:48:90:bf:f7:30:75:
72:ec:74:be:27:07:4f:6c:2e:46:1b:5e:7d:90:6d:84:a7:e1:
c3:c6:48:3e:df:2f:e2:8a:e3:e7:b6:57:01:e0:d0:b0:7d:a5:
91:ae:f3:23:6e:b2:7a:b7:43:65:d2:5c:8c:23:e2:72:30:7f:
c9:0e:01:7c:6a:26:12:7d:b2:3c:a2:96:9c:91:e7:78:e0:3b:
fc:62:95:c2:89:dc:ec:30:4e:22:54:28:51:d2:a0:49:91:e8:
b4:33:4e:4b:64:15:5b:98:e8:02:18:23:85:c5:0f:95:cb:9a:
78:71:65:79:ba:e2:08:cd:74:60:0b:74:8d:72:37:52:e5:c8:
21:a3:2d:8e:65:24:2e:bc:fd:8d:c7:1c:a0:df:98:0a:cf:7e:
cb:39:20:97:16:53:c1:e8:3e:80:90:7b:3b:4b:88:b1:7c:47:
1a:f9:23:16:07:4c:5a:fc:62:fb:f6:76:58:5c:36:49:ac:c7:
42:61:d9:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBXzfWcCF/OJGz8SdGMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWM1OWZmNDY0ODBlMGJmYzk4NDQ1YjZkY2I3NmJkNTY5YmQxNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IHSyP1K1VfuxfIB0P3h9o74Ztiy
O+Lx7cgTrb07rlLo7pKL0A8jwWk+LHByA4/tEViuQqywYy9SwXSeKhaKATuwVmTR
B0wIde4rxHpFhaZ4H//WpWkdH8nTj8SVq0VbxSMtQ5gEecBwGXHibePySFGH8LPb
2BaLmlWvAXXOhJLMIJ25BeeG0MhBeDZ9gYTxHuesc8fD4jFObEG9PMloTO44Yq8a
56uNPyWwnjz3bSpKciQb7PqxhadVhrT5xr5FXNGgVWlZdNtaC9qDilxagFlu70f1
ji+L4Z3WKJaawZ1Ckz+OU2XUnwyL4IkD+RMI833k4wPWGym7IAObRYvXTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrFn/RkgOC/yYRFtty3a9VpvRZwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV3NXZjlHU0E0TF9KaEVXMjNMZHIxV205Rm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpixMA0G
CSqGSIb3DQEBCwUAA4IBAQCb++H/HDUKUzdmLcOL2FIXBoGjb215v3J87908/aJZ
Y3D/oVFW3QuZdebYkftJa9wmVWm1nHLCdV4WEBYJceTX7SRIkL/3MHVy7HS+JwdP
bC5GG159kG2Ep+HDxkg+3y/iiuPntlcB4NCwfaWRrvMjbrJ6t0Nl0lyMI+JyMH/J
DgF8aiYSfbI8opacked44Dv8YpXCidzsME4iVChR0qBJkei0M05LZBVbmOgCGCOF
xQ+Vy5p4cWV5uuIIzXRgC3SNcjdS5cghoy2OZSQuvP2Nxxyg35gKz37LOSCXFlPB
6D6AkHs7S4ixfEca+SMWB0xa/GL79nZYXDZJrMdCYdlJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:28 2025 by rpki-client