Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/wJVCqkJKW7wdukijJarB4SSlNh0.roa
File: wJVCqkJKW7wdukijJarB4SSlNh0.roa (raw, json)
Hash identifier: OCvKaQOoRbSfLx6VPEZE2vLiOcjFXPz8efWK0J/I8to=
Subject key identifier: C0:95:42:AA:42:4A:5B:BC:1D:BA:48:A3:25:AA:C1:E1:24:A5:36:1D
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 019423D7CED9822DB185BB6B73F09C854E33
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/wJVCqkJKW7wdukijJarB4SSlNh0.roa
Signing time: Wed 01 Jan 2025 21:48:53 +0000
ROA not before: Wed 01 Jan 2025 21:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197075
IP address blocks: 5.152.154.0/24 maxlen: 24
5.152.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ce:d9:82:2d:b1:85:bb:6b:73:f0:9c:85:4e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 1 21:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c09542aa424a5bbc1dba48a325aac1e124a5361d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:50:e9:de:b3:83:ac:f7:d5:03:e2:7e:d9:16:
e3:be:04:43:1e:c2:8c:4f:4b:97:ef:38:c7:ea:2a:
36:60:5c:cb:35:d9:c4:2e:8b:c4:2f:a8:fe:b1:91:
43:3e:ac:44:55:45:8c:52:14:c2:39:7c:9e:63:05:
fb:a1:55:49:39:5d:c7:9c:0d:82:12:f9:d8:d0:11:
9f:0b:79:86:33:e4:e9:28:1a:35:73:da:9c:47:0f:
63:7f:1a:5d:f5:9b:7b:a6:a9:38:f9:e7:ea:1d:2d:
17:34:55:7f:33:f6:6d:72:0f:66:80:ab:fd:2d:09:
e1:d5:4e:af:13:4d:6c:50:97:24:35:d1:8a:7a:d9:
ee:69:17:5c:af:af:c2:5e:ba:73:d8:81:b2:9e:d1:
b1:db:36:35:ec:d3:19:ee:66:4a:9e:64:63:6b:1f:
3d:73:8e:52:8a:e2:f0:2b:1c:08:3d:7f:f7:85:3f:
05:0e:db:61:c1:69:73:91:30:f4:f0:7d:be:89:a0:
0e:9f:a8:f8:10:02:a1:5b:9a:0d:f7:5f:b7:e6:e4:
23:5b:63:50:f5:1e:71:91:92:75:80:5b:6b:dd:b6:
46:d2:8a:ae:c8:3f:88:fe:77:0f:1b:6a:2e:7e:ec:
4f:d8:43:22:ad:c9:d8:57:50:4a:58:a4:c6:86:21:
93:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:95:42:AA:42:4A:5B:BC:1D:BA:48:A3:25:AA:C1:E1:24:A5:36:1D
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/wJVCqkJKW7wdukijJarB4SSlNh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.154.0/24
5.152.156.0/24
Signature Algorithm: sha256WithRSAEncryption
83:aa:1e:b9:1e:48:05:3c:50:8d:80:51:81:7e:c5:70:8d:f2:
f3:85:b0:ea:3c:fc:f7:47:11:25:99:bf:69:2f:a8:ab:39:4c:
9d:ca:fa:d9:b7:6a:e5:fa:82:0a:8b:e0:8e:02:30:4a:4c:43:
8e:bd:02:2a:db:3d:0f:79:5c:eb:a2:6d:ec:50:39:49:f7:93:
ff:8b:95:23:df:47:19:a7:0e:64:b2:de:25:6a:92:10:7d:34:
d7:e3:18:0f:90:59:2d:14:32:ef:42:e9:30:15:40:f2:4d:54:
5d:c4:e8:80:37:db:6a:16:ce:d5:87:18:12:c0:15:da:85:1a:
3a:eb:25:20:3f:ca:5f:db:4a:62:a7:8b:dd:4c:ea:d9:05:b8:
c3:82:7e:16:51:db:6f:db:9a:a4:7f:72:38:f4:01:d1:66:d0:
51:ff:96:c8:84:c3:78:a5:3a:d0:e5:23:f2:b0:d3:88:4b:fb:
b1:1d:3f:c2:96:ee:91:da:b0:31:c9:6c:8b:cb:9c:8f:e4:6d:
e9:75:d5:17:e4:9b:94:7b:fa:88:5c:ba:17:e9:25:ea:54:2b:
e2:e0:e7:38:19:47:59:10:6b:3c:c6:1d:cb:49:4a:c5:4e:a7:
11:14:52:3f:81:aa:66:20:77:b8:1d:45:7b:19:3b:67:ea:57:
7a:87:3f:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj187Zgi2xhbtrc/CchU4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjUwMTAxMjE0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk1NDJhYTQyNGE1YmJjMWRiYTQ4YTMyNWFhYzFlMTI0YTUzNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lDp3rODrPfVA+J+2RbjvgRDHsKM
T0uX7zjH6io2YFzLNdnELovEL6j+sZFDPqxEVUWMUhTCOXyeYwX7oVVJOV3HnA2C
EvnY0BGfC3mGM+TpKBo1c9qcRw9jfxpd9Zt7pqk4+efqHS0XNFV/M/Ztcg9mgKv9
LQnh1U6vE01sUJckNdGKetnuaRdcr6/CXrpz2IGyntGx2zY17NMZ7mZKnmRjax89
c45SiuLwKxwIPX/3hT8FDtthwWlzkTD08H2+iaAOn6j4EAKhW5oN91+35uQjW2NQ
9R5xkZJ1gFtr3bZG0oquyD+I/ncPG2oufuxP2EMircnYV1BKWKTGhiGT1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMCVQqpCSlu8HbpIoyWqweEkpTYdMB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvd0pWQ3FrSktXN3dkdWtpakphckI0U1NsTmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZiaAwQA
BZicMA0GCSqGSIb3DQEBCwUAA4IBAQCDqh65HkgFPFCNgFGBfsVwjfLzhbDqPPz3
RxElmb9pL6irOUydyvrZt2rl+oIKi+COAjBKTEOOvQIq2z0PeVzrom3sUDlJ95P/
i5Uj30cZpw5kst4lapIQfTTX4xgPkFktFDLvQukwFUDyTVRdxOiAN9tqFs7VhxgS
wBXahRo66yUgP8pf20pip4vdTOrZBbjDgn4WUdtv25qkf3I49AHRZtBR/5bIhMN4
pTrQ5SPysNOIS/uxHT/Clu6R2rAxyWyLy5yP5G3pddUX5JuUe/qIXLoX6SXqVCvi
4Oc4GUdZEGs8xh3LSUrFTqcRFFI/gapmIHe4HUV7GTtn6ld6hz+V
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:23 2025 by rpki-client