Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/jw6vhP1XSWL-mJ5DdRhBrk5Uzas.roa
File: jw6vhP1XSWL-mJ5DdRhBrk5Uzas.roa (raw, json)
Hash identifier: Kw3hAcXjhw+zjLuWTzYjCzsx/BTtTlyQ/NHsrLRcPPw=
Subject key identifier: 8F:0E:AF:84:FD:57:49:62:FE:98:9E:43:75:18:41:AE:4E:54:CD:AB
Certificate issuer: /CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Certificate serial: 019421B1D1A792033B936583F1FE1CBCB3C6
Authority key identifier: 2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/jw6vhP1XSWL-mJ5DdRhBrk5Uzas.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15796
IP address blocks: 51.154.0.0/16 maxlen: 16
51.154.248.0/22 maxlen: 22
51.154.252.0/22 maxlen: 22
213.55.128.0/17 maxlen: 24
213.55.128.0/24 maxlen: 24
213.55.131.0/24 maxlen: 24
213.55.132.0/24 maxlen: 24
213.55.141.0/24 maxlen: 24
213.55.147.0/24 maxlen: 24
213.55.184.0/23 maxlen: 23
213.55.188.0/23 maxlen: 23
213.55.192.0/24 maxlen: 24
213.55.193.0/24 maxlen: 24
213.55.194.0/24 maxlen: 24
213.55.195.0/24 maxlen: 24
213.55.206.0/24 maxlen: 24
213.55.220.0/22 maxlen: 22
213.55.224.0/22 maxlen: 22
213.55.240.0/22 maxlen: 22
213.55.244.0/22 maxlen: 22
2a04:ee40::/29 maxlen: 29
2a04:ee40:2000::/35 maxlen: 35
2a04:ee41::/41 maxlen: 41
2a04:ee41:80::/41 maxlen: 41
2a04:ee42:1::/64 maxlen: 64
2a04:ee42:2::/64 maxlen: 64
2a04:ee42:53::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d1:a7:92:03:3b:93:65:83:f1:fe:1c:bc:b3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f0eaf84fd574962fe989e43751841ae4e54cdab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:24:01:89:b7:0b:53:d6:bb:84:af:cb:e5:b8:
ea:50:45:09:56:78:d4:9a:f2:43:32:de:d3:80:63:
64:a6:fd:2f:e5:cb:0a:4d:ea:c3:6b:48:02:63:6d:
40:39:60:d8:9e:dd:8e:1f:d7:81:a0:d5:e0:dd:c4:
45:16:59:03:a4:f0:1f:2c:b2:66:56:44:71:7a:d5:
48:e3:aa:da:3c:e9:bb:48:09:fc:69:de:f6:e1:9f:
f4:b6:85:19:0e:5c:ac:c7:5e:d1:3c:b8:07:8c:d0:
43:4f:5a:4e:1c:b0:4e:8a:b6:7c:d7:9c:f3:8f:ea:
60:c4:37:b0:ba:c0:f4:05:06:e1:90:da:69:67:ab:
53:74:f3:77:ef:56:e5:e7:d8:db:2b:20:1f:80:02:
ce:09:2c:7c:af:fe:5f:54:2f:66:25:5a:58:c5:27:
81:52:64:59:2d:3b:51:3f:20:e8:45:6a:2b:7e:24:
06:01:86:94:28:11:66:88:9c:19:aa:45:7c:a5:f7:
79:74:ea:96:e8:12:b1:cb:cc:4d:fb:75:b1:04:c3:
11:60:fb:2b:2e:e7:49:22:31:ad:bc:7c:ee:a2:f9:
79:d6:4f:a1:d7:0b:c5:ae:4f:ea:bf:fc:af:cd:be:
a2:66:fe:cc:82:09:47:e7:60:c7:88:39:ab:eb:7c:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0E:AF:84:FD:57:49:62:FE:98:9E:43:75:18:41:AE:4E:54:CD:AB
X509v3 Authority Key Identifier:
keyid:2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/jw6vhP1XSWL-mJ5DdRhBrk5Uzas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.154.0.0/16
213.55.128.0/17
IPv6:
2a04:ee40::/29
Signature Algorithm: sha256WithRSAEncryption
43:59:62:0a:f1:ce:8a:fc:0a:8f:e5:af:fd:ea:37:64:04:67:
e7:cd:78:f4:c1:eb:97:95:ed:21:aa:64:71:6d:00:52:67:59:
55:b2:d0:01:a9:26:4b:ca:6f:37:ec:02:79:a9:cf:7b:4f:9f:
91:04:02:ad:f6:03:31:65:03:a2:51:1d:cd:e7:36:23:01:44:
2b:f0:04:a2:dd:8c:01:6a:9a:ea:af:88:08:3f:6c:1e:82:10:
43:6f:b9:db:8f:0f:4d:79:c1:ac:81:8e:1f:2b:63:8b:09:00:
af:d3:9b:66:55:11:34:d7:e1:b8:e8:b3:dc:06:e6:ca:9a:52:
9e:71:3e:f8:91:bb:08:13:21:ef:75:4e:2b:5e:69:5e:3d:2b:
57:a3:f8:f1:bb:5c:62:73:a2:3e:97:68:97:38:25:1c:b7:f5:
28:c5:3c:3f:91:87:d8:d2:cc:d0:d1:3b:34:c3:bf:c2:e5:99:
9c:0d:74:fc:0e:05:fc:88:7c:08:e3:d5:7c:8a:43:e8:ac:74:
32:fb:d1:ac:10:9d:b5:26:86:8c:c1:34:bc:2a:ac:75:06:d3:
42:64:ac:2e:56:f0:2d:7f:bb:04:65:8e:a0:e0:62:4c:9c:20:
17:1d:a6:6c:c6:c2:b0:c8:5f:7e:c9:9c:99:9a:27:72:6b:5e:
03:20:c6:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQhsdGnkgM7k2WD8f4cvLPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNTcxZDY4OGFhNTAzYTJlNTY2YmJjODc2ZGYwYmE0NTVj
NTc3ZWQwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBlYWY4NGZkNTc0OTYyZmU5ODllNDM3NTE4NDFhZTRlNTRjZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSQBibcLU9a7hK/L5bjqUEUJVnjU
mvJDMt7TgGNkpv0v5csKTerDa0gCY21AOWDYnt2OH9eBoNXg3cRFFlkDpPAfLLJm
VkRxetVI46raPOm7SAn8ad724Z/0toUZDlysx17RPLgHjNBDT1pOHLBOirZ815zz
j+pgxDewusD0BQbhkNppZ6tTdPN371bl59jbKyAfgALOCSx8r/5fVC9mJVpYxSeB
UmRZLTtRPyDoRWorfiQGAYaUKBFmiJwZqkV8pfd5dOqW6BKxy8xN+3WxBMMRYPsr
LudJIjGtvHzuovl51k+h1wvFrk/qv/yvzb6iZv7MgglH52DHiDmr63xUuwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI8Or4T9V0li/pieQ3UYQa5OVM2rMB8GA1UdIwQY
MBaAFCxXHWiKpQOi5Wa7yHbfC6RVxXftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzkt
ODc1MjQwMTRkYmZiLzEvanc2dmhQMVhTV0wtbUo1RGRSaEJyazVVemFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzktODc1MjQwMTRkYmZi
LzEvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAM5oDBAfV
N4AwDQQCAAIwBwMFAyoE7kAwDQYJKoZIhvcNAQELBQADggEBAENZYgrxzor8Co/l
r/3qN2QEZ+fNePTB65eV7SGqZHFtAFJnWVWy0AGpJkvKbzfsAnmpz3tPn5EEAq32
AzFlA6JRHc3nNiMBRCvwBKLdjAFqmuqviAg/bB6CEENvuduPD015wayBjh8rY4sJ
AK/Tm2ZVETTX4bjos9wG5sqaUp5xPviRuwgTIe91TiteaV49K1ej+PG7XGJzoj6X
aJc4JRy39SjFPD+Rh9jSzNDROzTDv8LlmZwNdPwOBfyIfAjj1XyKQ+isdDL70awQ
nbUmhozBNLwqrHUG00JkrC5W8C1/uwRljqDgYkycIBcdpmzGwrDIX37JnJmaJ3Jr
XgMgxlw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:53 2025 by rpki-client