Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/WEKuOaRTTX2rTln9asflqP9Y2Os.roa
File: WEKuOaRTTX2rTln9asflqP9Y2Os.roa (raw, json)
Hash identifier: EcqtEEKcbvmbmPvboEcXGauHM+e7HHmS4JSP0Le2t4o=
Subject key identifier: 58:42:AE:39:A4:53:4D:7D:AB:4E:59:FD:6A:C7:E5:A8:FF:58:D8:EB
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 019470A9D71F14717BD4D1E20C8CCCD89882
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/WEKuOaRTTX2rTln9asflqP9Y2Os.roa
Signing time: Thu 16 Jan 2025 19:49:26 +0000
ROA not before: Thu 16 Jan 2025 19:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49549
IP address blocks: 89.107.10.0/24 maxlen: 24
146.19.128.0/24 maxlen: 24
146.19.207.0/24 maxlen: 24
176.126.103.0/24 maxlen: 24
178.250.187.0/24 maxlen: 24
178.250.191.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.229.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
193.0.239.0/24 maxlen: 24
217.114.43.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
2a0f:cdc4::/32 maxlen: 32
2a0f:cdc5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:a9:d7:1f:14:71:7b:d4:d1:e2:0c:8c:cc:d8:98:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 16 19:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5842ae39a4534d7dab4e59fd6ac7e5a8ff58d8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:03:b2:27:19:2e:57:41:0b:87:da:a0:d5:8f:
51:14:63:ba:b2:18:0a:f3:22:6c:56:1e:ce:ed:f0:
5f:54:b1:97:18:0d:f7:89:ff:32:06:10:b9:c9:74:
c3:57:1a:5c:04:a9:07:82:1b:e2:d4:00:c3:c7:0a:
4b:58:9d:08:88:9a:87:f9:d7:42:a2:d2:a1:a0:c7:
85:69:a4:7e:fd:7b:e7:16:9c:a2:dc:9f:ed:f0:e6:
2d:8d:51:76:1d:71:b1:6e:55:6b:1f:9f:26:63:9d:
d4:d3:05:d2:86:4b:62:6e:7f:e7:cd:72:83:d0:2d:
f0:c3:c0:09:b0:45:f0:9b:0d:a7:2b:14:92:70:9d:
6d:1f:86:2b:43:9a:fb:dc:2c:a9:f0:8b:42:62:28:
77:96:cb:bc:7d:ea:e8:d8:dc:51:df:d3:73:73:7b:
da:6f:a2:3d:e7:c6:a0:d8:29:37:af:9f:6e:5d:8e:
57:a6:bd:e8:e6:e3:89:1e:6f:e3:1f:0e:9d:90:e6:
70:87:e1:03:4e:a9:b0:05:2d:a5:f3:d3:86:a0:9b:
d7:31:43:fc:8c:65:7c:18:49:b2:1f:3a:be:31:97:
b9:b0:6e:c9:dc:ff:35:5f:1b:a5:82:b4:c9:e7:f7:
89:31:08:11:97:83:7a:c9:5b:15:13:00:8f:bb:a0:
3a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:42:AE:39:A4:53:4D:7D:AB:4E:59:FD:6A:C7:E5:A8:FF:58:D8:EB
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/WEKuOaRTTX2rTln9asflqP9Y2Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.10.0/24
146.19.128.0/24
146.19.207.0/24
176.126.103.0/24
178.250.187.0/24
178.250.191.0/24
193.0.227.0/24
193.0.229.0-193.0.230.255
193.0.239.0/24
217.114.43.0/24
217.119.129.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/31
Signature Algorithm: sha256WithRSAEncryption
9b:63:b4:38:1a:0f:a5:33:53:d5:7c:b6:40:13:8f:24:79:cb:
12:9e:48:1f:99:2b:6e:45:a5:3b:81:83:d1:c2:e8:bc:98:75:
2b:5d:d1:0a:e5:9a:28:0d:af:69:44:97:2b:b5:dc:98:b5:3a:
47:58:9b:1a:be:4e:ff:9c:3c:8f:eb:26:31:aa:67:fc:8f:3a:
d7:55:4a:d0:de:e2:00:d1:6c:e8:0d:71:d0:1f:58:9f:56:15:
6a:2a:29:9f:3f:e0:b6:95:74:ac:9b:f3:d3:24:b8:05:50:26:
75:62:3b:a0:7c:39:12:9e:58:69:ab:c8:cd:05:83:dc:4a:75:
f0:8f:2c:d2:50:38:aa:da:b3:89:6a:26:ad:19:57:00:9a:df:
67:09:5f:4b:11:11:09:64:da:e8:87:b8:2e:42:2e:51:f2:ff:
4a:dd:d6:38:65:8f:79:80:95:1c:e2:5e:48:54:d3:56:02:28:
de:b5:2d:60:78:fb:88:42:de:b2:f4:d0:41:ce:33:39:83:a7:
25:9f:33:13:80:e5:cd:41:32:44:9f:ec:82:4c:65:bf:b1:ac:
cc:73:02:03:d8:63:f4:93:7b:2b:ab:d5:e8:b3:20:1a:6b:f1:
b0:0e:e2:b4:31:52:3d:64:16:6f:fe:04:c5:0d:cb:25:a9:3c:
33:00:88:8c
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZRwqdcfFHF71NHiDIzM2JiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjUwMTE2MTk0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQyYWUzOWE0NTM0ZDdkYWI0ZTU5ZmQ2YWM3ZTVhOGZmNThkOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwOyJxkuV0ELh9qg1Y9RFGO6shgK
8yJsVh7O7fBfVLGXGA33if8yBhC5yXTDVxpcBKkHghvi1ADDxwpLWJ0IiJqH+ddC
otKhoMeFaaR+/XvnFpyi3J/t8OYtjVF2HXGxblVrH58mY53U0wXShktibn/nzXKD
0C3ww8AJsEXwmw2nKxSScJ1tH4YrQ5r73Cyp8ItCYih3lsu8fero2NxR39Nzc3va
b6I958ag2Ck3r59uXY5Xpr3o5uOJHm/jHw6dkOZwh+EDTqmwBS2l89OGoJvXMUP8
jGV8GEmyHzq+MZe5sG7J3P81XxulgrTJ5/eJMQgRl4N6yVsVEwCPu6A6gwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFFhCrjmkU019q05Z/WrH5aj/WNjrMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvV0VLdU9hUlRUWDJyVGxuOWFzZmxxUDlZMk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQAWWsKAwQA
khOAAwQAkhPPAwQAsH5nAwQAsvq7AwQAsvq/AwQAwQDjMAwDBADBAOUDBADBAOYD
BADBAO8DBADZcisDBADZd4EwFAQCAAIwDgMFACoPzcIDBQEqD83EMA0GCSqGSIb3
DQEBCwUAA4IBAQCbY7Q4Gg+lM1PVfLZAE48kecsSnkgfmStuRaU7gYPRwui8mHUr
XdEK5ZooDa9pRJcrtdyYtTpHWJsavk7/nDyP6yYxqmf8jzrXVUrQ3uIA0WzoDXHQ
H1ifVhVqKimfP+C2lXSsm/PTJLgFUCZ1YjugfDkSnlhpq8jNBYPcSnXwjyzSUDiq
2rOJaiatGVcAmt9nCV9LEREJZNroh7guQi5R8v9K3dY4ZY95gJUc4l5IVNNWAije
tS1gePuIQt6y9NBBzjM5g6clnzMTgOXNQTJEn+yCTGW/sazMcwID2GP0k3srq9Xo
syAaa/GwDuK0MVI9ZBZv/gTFDcslqTwzAIiM
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:55:41 2025 by rpki-client