Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/wKMrC-xvOnFI7StFVvvRQEu7XxA.roa
File: wKMrC-xvOnFI7StFVvvRQEu7XxA.roa (raw, json)
Hash identifier: PBE7WQbLaJ84O/pVhEjH0Fx39vOaxblOyGFRqpjhYW0=
Subject key identifier: C0:A3:2B:0B:EC:6F:3A:71:48:ED:2B:45:56:FB:D1:40:4B:BB:5F:10
Certificate issuer: /CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Certificate serial: 01942824338E999A6B6BB5DFBBFA7F942D21
Authority key identifier: 6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/wKMrC-xvOnFI7StFVvvRQEu7XxA.roa
Signing time: Thu 02 Jan 2025 17:50:48 +0000
ROA not before: Thu 02 Jan 2025 17:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2799
IP address blocks: 147.186.0.0/16 maxlen: 16
147.186.0.0/17 maxlen: 17
147.186.128.0/17 maxlen: 17
147.186.171.0/24 maxlen: 24
2001:67c:49c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:33:8e:99:9a:6b:6b:b5:df:bb:fa:7f:94:2d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Validity
Not Before: Jan 2 17:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0a32b0bec6f3a7148ed2b4556fbd1404bbb5f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:8a:88:f2:ea:01:02:20:d1:7a:5a:f5:9b:
b0:d7:ff:21:43:b0:3a:ba:98:60:ad:5f:4a:04:b1:
53:35:a6:af:dc:f2:b4:c7:76:eb:6e:8f:ff:f2:5c:
50:10:c7:cc:c5:ed:f4:03:99:61:81:fd:43:71:fc:
78:70:8f:0f:fe:19:99:06:b0:76:be:d9:f7:04:14:
38:6d:b9:1f:75:c2:f5:17:9e:eb:12:9b:23:c0:70:
38:79:df:13:8b:11:37:0d:33:ee:4a:bb:f0:b1:fb:
b0:e4:1e:11:54:62:cb:3a:63:a8:6f:85:7b:b9:f1:
8b:34:de:a6:b7:7f:b6:ac:4c:76:4f:3a:bc:45:51:
82:74:48:83:cc:69:63:e9:46:04:ed:03:fe:35:07:
53:be:0d:c0:5a:4e:72:f1:2e:37:51:c6:d8:12:a6:
14:36:6c:48:c5:b3:b0:9e:87:9c:dd:a9:96:2a:71:
5b:29:b2:b7:4a:e6:08:6c:e4:b3:e3:4e:2e:0c:6f:
bb:e8:21:ee:fe:e2:65:26:b4:b1:12:1f:65:9b:1b:
13:3a:8a:cd:f3:7b:fe:66:6e:fa:84:3b:c4:30:ff:
8c:1c:46:54:29:8e:d5:f0:4d:d6:cc:ff:04:b3:4b:
66:5a:be:58:be:84:ce:90:5a:b0:73:2f:6e:3a:03:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A3:2B:0B:EC:6F:3A:71:48:ED:2B:45:56:FB:D1:40:4B:BB:5F:10
X509v3 Authority Key Identifier:
keyid:6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/wKMrC-xvOnFI7StFVvvRQEu7XxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.186.0.0/16
IPv6:
2001:67c:49c::/48
Signature Algorithm: sha256WithRSAEncryption
ad:3f:30:71:ef:71:b0:75:12:50:24:4f:85:8f:07:48:f0:f7:
d5:90:62:dd:e9:be:28:fd:0e:ba:59:8b:0e:62:f8:9f:a9:23:
58:9a:4f:17:62:51:68:e0:fe:7b:d9:2b:65:80:9d:f7:dc:70:
de:2f:5b:24:7f:b0:6d:df:f0:1a:27:6d:e9:0a:85:84:82:54:
ea:c3:db:0e:f4:7a:e0:97:23:ee:e1:4c:d5:2a:f9:38:bd:2b:
ad:97:5c:67:9b:d4:69:3f:3b:2d:dd:1a:97:54:e4:84:4c:96:
49:3e:b3:51:8d:42:c1:4d:b0:6a:25:35:2f:9f:b5:6f:a4:23:
64:e3:27:77:97:4c:80:42:00:69:b9:66:fa:c0:73:ed:0e:70:
59:19:d3:1a:0a:20:a3:5a:e0:dd:1a:97:62:75:1a:2a:43:36:
84:6c:7f:a2:98:54:d0:89:7a:1d:be:47:24:2d:15:b5:26:e7:
8d:f2:a1:e6:9c:f1:c3:22:ac:18:03:4e:c1:20:b0:78:5f:05:
c9:87:af:e6:ff:9a:67:db:7d:e2:7b:e1:bd:6c:b4:d3:fe:c2:
95:ae:aa:4d:0b:f7:4e:68:6d:36:66:10:a4:a7:7c:5e:21:59:
d8:96:00:17:43:ab:a5:d0:24:d8:43:f2:68:b0:d8:34:e5:ca:
bb:e5:86:5f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQoJDOOmZpra7Xfu/p/lC0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmIwZjliZGMzYTJmYWU0N2I0N2U3MDIxODk5M2M5MTlm
MTBmYjAwHhcNMjUwMTAyMTc1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEzMmIwYmVjNmYzYTcxNDhlZDJiNDU1NmZiZDE0MDRiYmI1ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQSKiPLqAQIg0Xpa9Zuw1/8hQ7A6
uphgrV9KBLFTNaav3PK0x3brbo//8lxQEMfMxe30A5lhgf1Dcfx4cI8P/hmZBrB2
vtn3BBQ4bbkfdcL1F57rEpsjwHA4ed8TixE3DTPuSrvwsfuw5B4RVGLLOmOob4V7
ufGLNN6mt3+2rEx2Tzq8RVGCdEiDzGlj6UYE7QP+NQdTvg3AWk5y8S43UcbYEqYU
NmxIxbOwnoec3amWKnFbKbK3SuYIbOSz404uDG+76CHu/uJlJrSxEh9lmxsTOorN
83v+Zm76hDvEMP+MHEZUKY7V8E3WzP8Es0tmWr5YvoTOkFqwcy9uOgP6/QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMCjKwvsbzpxSO0rRVb70UBLu18QMB8GA1UdIwQY
MBaAFG/7D5vcOi+uR7R+cCGJk8kZ8Q+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYt
ZjlhYjNiMDUyMzQ5LzEvd0tNckMteHZPbkZJN1N0RlZ2dlJRRXU3WHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYtZjlhYjNiMDUyMzQ5
LzEvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAk7owDwQC
AAIwCQMHACABBnwEnDANBgkqhkiG9w0BAQsFAAOCAQEArT8wce9xsHUSUCRPhY8H
SPD31ZBi3em+KP0OulmLDmL4n6kjWJpPF2JRaOD+e9krZYCd99xw3i9bJH+wbd/w
Gidt6QqFhIJU6sPbDvR64Jcj7uFM1Sr5OL0rrZdcZ5vUaT87Ld0al1TkhEyWST6z
UY1CwU2waiU1L5+1b6QjZOMnd5dMgEIAablm+sBz7Q5wWRnTGgogo1rg3RqXYnUa
KkM2hGx/ophU0Il6Hb5HJC0VtSbnjfKh5pzxwyKsGANOwSCweF8FyYev5v+aZ9t9
4nvhvWy00/7Cla6qTQv3TmhtNmYQpKd8XiFZ2JYAF0OrpdAk2EPyaLDYNOXKu+WG
Xw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:26:19 2025 by rpki-client