Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/wRQWlx5VTlfOioAPy2QXY4Uk2Xg.roa
File: wRQWlx5VTlfOioAPy2QXY4Uk2Xg.roa (raw, json)
Hash identifier: rPHBxj4mRhTnPsN1GhR6ZZjmr/wkKhGGUErpiW2+PN4=
Subject key identifier: C1:14:16:97:1E:55:4E:57:CE:8A:80:0F:CB:64:17:63:85:24:D9:78
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 0195846A643D05FCD24A0C2FCEBDCF1E7F3B
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/wRQWlx5VTlfOioAPy2QXY4Uk2Xg.roa
Signing time: Tue 11 Mar 2025 08:55:19 +0000
ROA not before: Tue 11 Mar 2025 08:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 84.247.104.0/24 maxlen: 24
84.247.106.0/24 maxlen: 24
84.247.107.0/24 maxlen: 24
84.247.108.0/24 maxlen: 24
84.247.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:6a:64:3d:05:fc:d2:4a:0c:2f:ce:bd:cf:1e:7f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Mar 11 08:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c11416971e554e57ce8a800fcb6417638524d978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:f4:49:e4:3a:25:f1:84:7d:30:6d:a9:3a:
2d:4a:4a:c2:d5:c3:9f:68:e1:cc:38:3d:44:ca:54:
2d:e5:ac:e7:93:3d:da:10:7b:f2:35:21:8c:be:48:
7a:bd:ee:43:b8:41:d3:8c:42:46:85:4b:dc:11:bf:
61:20:b2:5d:12:96:a9:66:e3:f8:94:a4:64:7c:f8:
b5:f6:8a:39:53:5d:68:64:1d:79:4c:3f:00:68:ea:
41:ed:39:b6:ff:82:b5:07:2e:9d:ac:d3:72:1f:73:
f5:74:8d:21:8b:26:83:91:e2:b0:ab:74:ad:58:a4:
4a:94:af:01:36:e2:95:44:8d:5d:ae:ae:79:f2:66:
bd:41:54:2c:c9:03:36:44:ca:0d:27:c9:a7:fe:1c:
24:25:34:e8:9f:29:16:f1:40:1c:2c:3e:df:61:9c:
c0:24:86:8a:0b:f7:d2:37:c2:d9:4f:34:3b:a6:07:
d1:9f:ea:fc:70:72:fd:6a:78:9b:b7:1d:8b:0f:69:
a4:7f:bc:b0:b3:e7:39:e0:38:93:63:cb:3a:2a:b9:
67:11:0d:e0:9d:35:0e:95:06:09:7f:19:5b:06:cc:
5f:76:69:d9:1e:0a:7b:e0:41:f4:a8:45:46:51:2f:
79:59:d5:37:5b:f5:45:20:a9:57:2e:ab:56:b2:cc:
48:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:14:16:97:1E:55:4E:57:CE:8A:80:0F:CB:64:17:63:85:24:D9:78
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/wRQWlx5VTlfOioAPy2QXY4Uk2Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.104.0/24
84.247.106.0-84.247.109.255
Signature Algorithm: sha256WithRSAEncryption
75:fb:7e:9e:75:0c:77:84:24:71:ef:7a:c9:41:0f:b6:56:1b:
5e:4f:a6:92:ab:af:9a:c3:59:fa:79:f6:cd:b2:c1:81:26:e9:
1c:87:5b:ab:7d:d1:77:e2:c4:d7:2a:74:4d:e1:24:23:1e:19:
1b:4f:3b:2b:2f:a9:80:14:1a:1f:8e:76:78:62:b6:22:6d:ee:
47:f0:83:0f:43:b1:9d:84:93:b5:8b:f2:2e:13:81:b6:e7:b0:
a8:cb:7a:77:7f:c8:48:bb:61:27:98:91:32:24:4f:cf:07:41:
9d:9e:9d:19:ba:57:f4:01:f6:f1:f1:f1:3c:95:c7:71:a5:40:
b4:d4:de:88:4e:e0:3c:93:eb:a4:21:90:19:86:3c:06:f9:9b:
d5:be:de:9a:53:6b:5b:a9:8f:d5:99:96:9b:51:5a:3d:c8:ee:
b7:20:3f:d0:93:c0:ea:2a:29:7c:e8:30:c1:79:59:e7:fa:d6:
26:2c:25:f1:48:85:4c:a2:39:70:0d:80:3f:eb:26:c2:f8:36:
52:7e:f2:fd:9e:1d:96:74:ec:80:d8:ca:ca:ef:24:f0:a1:de:
ea:f2:55:9e:e4:6a:09:e2:3b:3b:50:99:41:e2:f6:76:05:31:
a6:44:86:04:aa:75:5f:06:bc:fe:12:95:43:c3:50:f5:3a:7d:
38:20:28:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWEamQ9BfzSSgwvzr3PHn87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjUwMzExMDg1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE0MTY5NzFlNTU0ZTU3Y2U4YTgwMGZjYjY0MTc2Mzg1MjRkOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNH0SeQ6JfGEfTBtqTotSkrC1cOf
aOHMOD1EylQt5aznkz3aEHvyNSGMvkh6ve5DuEHTjEJGhUvcEb9hILJdEpapZuP4
lKRkfPi19oo5U11oZB15TD8AaOpB7Tm2/4K1By6drNNyH3P1dI0hiyaDkeKwq3St
WKRKlK8BNuKVRI1drq558ma9QVQsyQM2RMoNJ8mn/hwkJTTonykW8UAcLD7fYZzA
JIaKC/fSN8LZTzQ7pgfRn+r8cHL9anibtx2LD2mkf7yws+c54DiTY8s6KrlnEQ3g
nTUOlQYJfxlbBsxfdmnZHgp74EH0qEVGUS95WdU3W/VFIKlXLqtWssxIvwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMEUFpceVU5XzoqAD8tkF2OFJNl4MB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvd1JRV2x4NVZUbGZPaW9BUHkyUVhZNFVrMlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPdoMAwD
BAFU92oDBAFU92wwDQYJKoZIhvcNAQELBQADggEBAHX7fp51DHeEJHHveslBD7ZW
G15PppKrr5rDWfp59s2ywYEm6RyHW6t90XfixNcqdE3hJCMeGRtPOysvqYAUGh+O
dnhitiJt7kfwgw9DsZ2Ek7WL8i4TgbbnsKjLend/yEi7YSeYkTIkT88HQZ2enRm6
V/QB9vHx8TyVx3GlQLTU3ohO4DyT66QhkBmGPAb5m9W+3ppTa1upj9WZlptRWj3I
7rcgP9CTwOoqKXzoMMF5Wef61iYsJfFIhUyiOXANgD/rJsL4NlJ+8v2eHZZ07IDY
ysrvJPCh3uryVZ7kagniOztQmUHi9nYFMaZEhgSqdV8GvP4SlUPDUPU6fTggKJQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:37:16 2025 by rpki-client