Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iW93Iii_wpRaBJx4UitIZE8Hirs.roa
File: iW93Iii_wpRaBJx4UitIZE8Hirs.roa (raw, json)
Hash identifier: nFhRjV7MRzVZ4mQI/ZjUoZj1OD4mh/1+uDWJfZv9Rc0=
Subject key identifier: 89:6F:77:22:28:BF:C2:94:5A:04:9C:78:52:2B:48:64:4F:07:8A:BB
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 01942068096C64AB41905D3D4903507141F9
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iW93Iii_wpRaBJx4UitIZE8Hirs.roa
Signing time: Wed 01 Jan 2025 05:47:56 +0000
ROA not before: Wed 01 Jan 2025 05:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47215
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 01:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:09:6c:64:ab:41:90:5d:3d:49:03:50:71:41:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 1 05:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=896f772228bfc2945a049c78522b48644f078abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:71:4b:7f:f1:43:9e:41:33:33:13:5c:d5:a6:
7b:39:95:52:de:a6:97:55:32:c9:b2:05:f0:b0:30:
e3:62:ea:a7:c5:c9:b0:17:94:ce:8f:0a:fd:d0:b9:
37:62:fb:80:0e:56:a9:32:48:47:b4:b8:d6:33:d5:
25:5d:e0:34:58:c4:ee:bc:da:0e:81:09:8c:ab:15:
ee:a2:2d:a4:2a:5a:a4:8a:c9:37:3f:7e:be:3b:96:
05:91:87:19:5f:b5:40:9a:8f:d4:bb:d9:2f:54:a5:
72:1b:01:bf:cd:ed:12:66:06:f8:8d:7d:b6:d0:48:
e0:b8:e9:6a:b7:44:cd:a9:32:6e:40:b8:9f:6a:c1:
c2:f4:24:e2:21:f8:78:28:5f:3e:2d:62:77:97:6b:
54:6a:4f:25:1e:e0:cd:af:72:3f:60:a2:3e:17:5f:
34:0a:83:73:f2:bc:64:f0:49:55:6e:3e:b5:1e:64:
30:45:ef:1d:70:64:d6:65:ba:ae:db:df:9b:3d:3e:
38:cd:19:76:42:ef:ad:0e:eb:08:10:cf:61:dc:ab:
43:14:8a:ea:3b:90:6f:fe:b4:e3:95:12:b8:1f:38:
82:5f:b8:d1:0d:6b:76:9a:df:48:79:74:c0:19:d5:
bd:62:3a:4a:18:01:7f:5a:f0:8c:1b:da:05:c9:69:
2a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6F:77:22:28:BF:C2:94:5A:04:9C:78:52:2B:48:64:4F:07:8A:BB
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iW93Iii_wpRaBJx4UitIZE8Hirs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
aa:a6:d9:20:2e:b8:4e:dc:e8:a1:4b:af:02:b9:66:c3:c2:a7:
51:7c:c8:59:84:8a:89:cd:55:28:92:83:93:b7:a0:7e:5f:80:
4f:bb:f7:05:0d:dc:8d:e4:01:e0:29:46:94:8b:a1:25:6e:82:
b6:a9:a0:5d:8c:7f:4d:ef:7a:ac:c3:68:a0:b9:5f:72:e9:c8:
c9:1f:f5:d6:ad:88:d5:44:ec:50:bb:12:f7:48:4d:c2:36:23:
7b:8d:b8:48:61:9a:90:f2:d6:cb:d3:72:e5:32:b5:9f:3c:33:
ba:18:a3:8c:f4:f2:85:66:70:e3:70:2e:66:88:13:5f:3c:ca:
c7:24:44:93:64:1e:12:a8:7d:12:f3:fc:5a:0d:c4:98:aa:5c:
10:75:81:f0:d5:25:bb:5b:9a:e8:e7:f1:89:cc:f7:4b:0a:2a:
e5:c2:6b:32:29:61:ad:fd:95:d3:6c:e5:5c:d8:83:99:d3:00:
79:5b:ba:48:4c:00:5d:e8:36:fa:3e:c8:bf:aa:64:38:2d:ea:
66:42:6a:5d:b0:4d:28:12:ab:7c:19:b2:c3:f4:52:18:9e:46:
3a:ff:f0:55:bd:00:79:85:0a:1f:93:c4:52:1d:4e:bc:4e:9f:
39:0e:72:c6:94:2d:c6:90:3c:3e:c7:ab:4c:46:84:4b:b2:1b:
8a:d6:bc:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaAlsZKtBkF09SQNQcUH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjUwMTAxMDU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZmNzcyMjI4YmZjMjk0NWEwNDljNzg1MjJiNDg2NDRmMDc4YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnFLf/FDnkEzMxNc1aZ7OZVS3qaX
VTLJsgXwsDDjYuqnxcmwF5TOjwr90Lk3YvuADlapMkhHtLjWM9UlXeA0WMTuvNoO
gQmMqxXuoi2kKlqkisk3P36+O5YFkYcZX7VAmo/Uu9kvVKVyGwG/ze0SZgb4jX22
0EjguOlqt0TNqTJuQLifasHC9CTiIfh4KF8+LWJ3l2tUak8lHuDNr3I/YKI+F180
CoNz8rxk8ElVbj61HmQwRe8dcGTWZbqu29+bPT44zRl2Qu+tDusIEM9h3KtDFIrq
O5Bv/rTjlRK4HziCX7jRDWt2mt9IeXTAGdW9YjpKGAF/WvCMG9oFyWkqdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIlvdyIov8KUWgSceFIrSGRPB4q7MB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvaVc5M0lpaV93cFJhQkp4NFVpdElaRThIaXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQCqptkgLrhO3OihS68CuWbD
wqdRfMhZhIqJzVUokoOTt6B+X4BPu/cFDdyN5AHgKUaUi6ElboK2qaBdjH9N73qs
w2iguV9y6cjJH/XWrYjVROxQuxL3SE3CNiN7jbhIYZqQ8tbL03LlMrWfPDO6GKOM
9PKFZnDjcC5miBNfPMrHJESTZB4SqH0S8/xaDcSYqlwQdYHw1SW7W5ro5/GJzPdL
CirlwmsyKWGt/ZXTbOVc2IOZ0wB5W7pITABd6Db6Psi/qmQ4LepmQmpdsE0oEqt8
GbLD9FIYnkY6//BVvQB5hQofk8RSHU68Tp85DnLGlC3GkDw+x6tMRoRLshuK1rya
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:51:12 2025 by rpki-client