Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/Wb0clcxCuCcUH9RDxENV44_1l9w.roa
File: Wb0clcxCuCcUH9RDxENV44_1l9w.roa (raw, json)
Hash identifier: IOO34gWbQwbQwVQDhS544nKGrCLE+a+zuAW9waRkyRU=
Subject key identifier: 59:BD:1C:95:CC:42:B8:27:14:1F:D4:43:C4:43:55:E3:8F:F5:97:DC
Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a
Certificate serial: 0194221FE164B6F084D87DA5CEEB030DB920
Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/Wb0clcxCuCcUH9RDxENV44_1l9w.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49475
IP address blocks: 185.246.156.0/22 maxlen: 22
2a0d:8780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e1:64:b6:f0:84:d8:7d:a5:ce:eb:03:0d:b9:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59bd1c95cc42b827141fd443c44355e38ff597dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:35:83:09:9b:6e:7f:22:85:13:ae:69:5b:
18:15:2d:94:46:b0:9e:04:ce:1f:c0:7d:f2:95:a4:
59:91:98:f5:c2:95:db:4e:90:de:75:2d:b0:c5:e9:
a2:fc:de:9e:5b:20:eb:a8:b0:4b:b1:49:38:b4:be:
ec:2f:6f:36:82:8c:1e:e7:29:db:56:11:38:e9:0f:
cb:2d:4c:59:ab:ec:6e:1d:e6:f5:a1:c6:ad:d9:f5:
b8:ac:a8:13:03:2b:ba:75:85:6f:5e:7a:19:cd:5e:
71:63:97:31:89:4e:e7:d9:48:95:38:2b:c0:60:d9:
88:18:f8:7a:b4:44:ff:39:5d:b8:3f:8a:db:4a:fb:
3f:98:9d:f9:8c:60:53:52:dc:b2:1f:92:b1:11:c5:
55:f0:4f:d3:65:3f:56:c0:92:59:d2:01:f1:87:c2:
1c:a9:ca:61:89:ae:df:bd:17:63:c0:cf:3a:69:75:
77:74:04:35:67:22:e3:d0:5e:4b:af:03:4e:00:ad:
42:9c:ca:0d:34:26:4b:b6:98:e4:b9:c4:80:62:86:
46:07:c0:4c:3b:25:9a:31:7b:b1:bf:5e:ae:0a:6a:
e1:de:91:db:47:72:91:32:e3:3d:0c:f1:99:88:fa:
dc:a9:19:93:e2:e0:51:97:79:bc:78:d2:49:5f:df:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BD:1C:95:CC:42:B8:27:14:1F:D4:43:C4:43:55:E3:8F:F5:97:DC
X509v3 Authority Key Identifier:
keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/Wb0clcxCuCcUH9RDxENV44_1l9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.156.0/22
IPv6:
2a0d:8780::/29
Signature Algorithm: sha256WithRSAEncryption
b0:ce:6d:8a:5d:fb:53:bb:fa:99:15:6b:dc:d0:d4:d0:ba:5d:
8d:0a:7d:80:ca:d7:5d:3d:0b:90:ed:f7:96:7e:01:63:66:05:
0f:8e:aa:d3:e4:b7:98:ac:ee:3c:78:25:30:81:23:23:69:c7:
4e:f0:62:cf:f5:dc:21:0c:da:ff:1e:97:5c:70:73:42:10:84:
dc:d5:86:b7:e2:91:73:31:ce:a2:b2:b0:99:51:ac:01:ae:7b:
25:b9:27:7b:1f:31:45:dd:5d:ab:12:9d:79:8d:ea:9e:36:39:
10:30:89:aa:f4:71:2e:77:18:17:7d:b6:bb:e1:94:24:3e:c6:
a8:1e:51:fa:fd:21:58:11:e0:9f:a6:67:11:53:d9:2f:33:2f:
ab:42:45:e0:cf:97:da:e3:3a:e3:1a:e4:be:c1:c6:61:32:4d:
06:e3:93:73:30:06:ae:a2:71:c4:48:4c:7c:27:37:c9:ee:e5:
0c:76:04:44:e6:63:6e:80:03:6d:fc:4f:36:c6:1a:63:39:b4:
00:14:ac:73:eb:97:16:5f:c6:62:c9:f1:5b:7b:b3:a3:58:6c:
a9:a8:98:0a:d9:00:72:a6:54:b3:dc:ae:0f:88:86:e6:15:d5:
b0:e2:08:0e:ca:fe:2b:6f:92:39:bb:4c:f9:bb:50:cb:ac:c4:
94:96:89:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH+FktvCE2H2lzusDDbkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi
NTQxOWEwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJkMWM5NWNjNDJiODI3MTQxZmQ0NDNjNDQzNTVlMzhmZjU5N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO01gwmbbn8ihROuaVsYFS2URrCe
BM4fwH3ylaRZkZj1wpXbTpDedS2wxemi/N6eWyDrqLBLsUk4tL7sL282gowe5ynb
VhE46Q/LLUxZq+xuHeb1ocat2fW4rKgTAyu6dYVvXnoZzV5xY5cxiU7n2UiVOCvA
YNmIGPh6tET/OV24P4rbSvs/mJ35jGBTUtyyH5KxEcVV8E/TZT9WwJJZ0gHxh8Ic
qcphia7fvRdjwM86aXV3dAQ1ZyLj0F5LrwNOAK1CnMoNNCZLtpjkucSAYoZGB8BM
OyWaMXuxv16uCmrh3pHbR3KRMuM9DPGZiPrcqRmT4uBRl3m8eNJJX99avwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFm9HJXMQrgnFB/UQ8RDVeOP9ZfcMB8GA1UdIwQY
MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct
NzhjYjU5Yjc4YTRmLzEvV2IwY2xjeEN1Q2NVSDlSRHhFTlY0NF8xbDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm
LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufacMA0E
AgACMAcDBQMqDYeAMA0GCSqGSIb3DQEBCwUAA4IBAQCwzm2KXftTu/qZFWvc0NTQ
ul2NCn2AytddPQuQ7feWfgFjZgUPjqrT5LeYrO48eCUwgSMjacdO8GLP9dwhDNr/
HpdccHNCEITc1Ya34pFzMc6isrCZUawBrnsluSd7HzFF3V2rEp15jeqeNjkQMImq
9HEudxgXfba74ZQkPsaoHlH6/SFYEeCfpmcRU9kvMy+rQkXgz5fa4zrjGuS+wcZh
Mk0G45NzMAauonHESEx8JzfJ7uUMdgRE5mNugANt/E82xhpjObQAFKxz65cWX8Zi
yfFbe7OjWGypqJgK2QByplSz3K4PiIbmFdWw4ggOyv4rb5I5u0z5u1DLrMSUlok4
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:25 2025 by rpki-client