Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WQIOJXHFculSf7VKNcTI4G1FzB0.roa
File: WQIOJXHFculSf7VKNcTI4G1FzB0.roa (raw, json)
Hash identifier: 1m31qu3p2ND5PEv0/zfE1Skv8FXpx3eh76tg/GNUGqE=
Subject key identifier: 59:02:0E:25:71:C5:72:E9:52:7F:B5:4A:35:C4:C8:E0:6D:45:CC:1D
Certificate issuer: /CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Certificate serial: 019424456A3E4CF6A6AFF9A27F3F714F94D7
Authority key identifier: 59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WQIOJXHFculSf7VKNcTI4G1FzB0.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35710
IP address blocks: 45.84.32.0/22 maxlen: 24
91.132.200.0/22 maxlen: 24
185.168.151.0/24 maxlen: 24
193.111.100.0/22 maxlen: 24
2a09:d180::/29 maxlen: 32
2a0e:9580::/29 maxlen: 32
2a12:13c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6a:3e:4c:f6:a6:af:f9:a2:7f:3f:71:4f:94:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59020e2571c572e9527fb54a35c4c8e06d45cc1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:0c:fb:9e:11:f2:48:a4:0c:ab:fe:f1:0e:
51:80:68:60:a1:71:b2:37:be:81:b8:45:bd:7a:56:
49:78:82:60:6b:54:63:3b:21:b2:47:33:ca:3a:d8:
0f:21:d8:a6:18:37:9c:3c:6e:89:b6:25:41:89:03:
09:fa:c2:2d:fa:3b:c6:af:b5:d5:d2:a9:34:9e:5a:
e5:c7:91:4e:c0:97:de:59:f5:51:c5:21:e3:33:11:
be:cb:68:0a:fb:68:84:b3:ec:48:3a:db:a9:a4:3e:
fb:6f:2c:62:67:e7:40:7d:3b:98:2d:af:88:38:5a:
7f:aa:19:c6:79:a9:3f:4b:13:3f:ea:47:30:dd:5a:
59:c2:4d:0f:5f:34:76:36:d8:d2:8b:ee:fa:ca:2d:
93:05:83:11:7c:d9:54:ed:90:bc:87:88:95:cb:13:
59:7d:aa:10:a7:f9:88:74:67:fd:cb:b7:da:d1:0a:
ee:6b:50:0e:7c:50:96:80:27:18:c0:31:23:d6:52:
d4:1f:fa:8f:9d:fb:6e:99:cf:32:86:98:75:76:ee:
c4:5d:d2:d9:6c:1e:08:25:a5:10:8b:27:b4:67:02:
28:41:be:07:50:ed:38:9f:18:60:2c:ca:86:22:97:
b1:1e:de:7b:58:c7:8e:af:c5:c1:fa:f9:2c:56:d3:
a2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:02:0E:25:71:C5:72:E9:52:7F:B5:4A:35:C4:C8:E0:6D:45:CC:1D
X509v3 Authority Key Identifier:
keyid:59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WQIOJXHFculSf7VKNcTI4G1FzB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.32.0/22
91.132.200.0/22
185.168.151.0/24
193.111.100.0/22
IPv6:
2a09:d180::/29
2a0e:9580::/29
2a12:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:c7:b4:97:08:3f:1a:5d:36:d7:d0:a8:bc:3e:67:70:cb:69:
ce:a8:ca:b7:7b:f2:55:b1:d2:01:da:da:46:8b:5a:07:0d:3c:
48:e9:56:d1:e7:8f:4c:c7:46:6f:39:26:2b:da:cd:05:2b:c4:
50:40:db:65:57:74:ad:49:a2:8e:5f:56:da:e8:a1:dc:3c:c6:
21:5d:a1:f3:56:f6:94:60:0e:7d:7c:38:86:e6:76:32:f6:57:
61:49:58:57:a0:38:94:1b:ed:01:10:9f:a2:2c:61:25:d9:05:
25:f2:ac:38:9b:73:96:a4:15:13:26:81:cc:bb:bc:17:6f:01:
2a:b2:6c:6e:f5:1d:98:6a:88:0e:28:62:8a:b6:3f:dc:69:98:
e0:78:a8:93:a6:42:d3:6e:9c:dd:a6:61:66:5b:96:8a:c4:08:
f2:f5:11:a5:44:70:d2:3e:61:3b:89:eb:af:9d:87:42:ae:67:
89:fa:6e:99:b7:76:b7:3c:30:ad:76:c4:9f:dd:42:1e:a5:11:
85:49:e9:54:ad:0f:27:51:d8:67:84:da:cc:e3:a3:85:4c:2c:
1d:48:98:c9:67:9b:17:9a:c8:eb:df:c2:a1:d1:42:d1:2a:d1:
fd:60:b6:48:d9:b9:d4:c7:08:5c:d5:1e:f8:73:c3:3a:19:56:
50:b6:9b:24
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQkRWo+TPamr/mifz9xT5TXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRjN2I3ZTZkZjc1Nzg0NjZkODJiNTI3MTVjYjIwOWY3
ZjIxYzUwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTAyMGUyNTcxYzU3MmU5NTI3ZmI1NGEzNWM0YzhlMDZkNDVjYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDMM+54R8kikDKv+8Q5RgGhgoXGy
N76BuEW9elZJeIJga1RjOyGyRzPKOtgPIdimGDecPG6JtiVBiQMJ+sIt+jvGr7XV
0qk0nlrlx5FOwJfeWfVRxSHjMxG+y2gK+2iEs+xIOtuppD77byxiZ+dAfTuYLa+I
OFp/qhnGeak/SxM/6kcw3VpZwk0PXzR2NtjSi+76yi2TBYMRfNlU7ZC8h4iVyxNZ
faoQp/mIdGf9y7fa0Qrua1AOfFCWgCcYwDEj1lLUH/qPnftumc8yhph1du7EXdLZ
bB4IJaUQiye0ZwIoQb4HUO04nxhgLMqGIpexHt57WMeOr8XB+vksVtOiiwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFkCDiVxxXLpUn+1SjXEyOBtRcwdMB8GA1UdIwQY
MBaAFFlUx7fm33V4Rm2CtScVyyCffyHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0Mjct
OGIxMDUyZmZjZjZkLzEvV1FJT0pYSEZjdWxTZjdWS05jVEk0RzFGekIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0MjctOGIxMDUyZmZjZjZk
LzEvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLVQgAwQC
W4TIAwQAuaiXAwQCwW9kMBsEAgACMBUDBQMqCdGAAwUDKg6VgAMFAyoSE8AwDQYJ
KoZIhvcNAQELBQADggEBAD/HtJcIPxpdNtfQqLw+Z3DLac6oyrd78lWx0gHa2kaL
WgcNPEjpVtHnj0zHRm85JivazQUrxFBA22VXdK1Joo5fVtroodw8xiFdofNW9pRg
Dn18OIbmdjL2V2FJWFegOJQb7QEQn6IsYSXZBSXyrDibc5akFRMmgcy7vBdvASqy
bG71HZhqiA4oYoq2P9xpmOB4qJOmQtNunN2mYWZblorECPL1EaVEcNI+YTuJ66+d
h0KuZ4n6bpm3drc8MK12xJ/dQh6lEYVJ6VStDydR2GeE2szjo4VMLB1ImMlnmxea
yOvfwqHRQtEq0f1gtkjZudTHCFzVHvhzwzoZVlC2myQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 10:10:37 2025 by rpki-client