Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/WxKERWcgZHE3QlVsylKc45ZZndo.roa
File: WxKERWcgZHE3QlVsylKc45ZZndo.roa (raw, json)
Hash identifier: ZntJzaaGEPPPr8RAncg56sX3jW5j5m9ABQj+rx3cm+Q=
Subject key identifier: 5B:12:84:45:67:20:64:71:37:42:55:6C:CA:52:9C:E3:96:59:9D:DA
Certificate issuer: /CN=aba835d060176ee8160c7930f87e693559090d78
Certificate serial: 01942521A24CFBE69BEA8B76FC4E3F38A5D2
Authority key identifier: AB:A8:35:D0:60:17:6E:E8:16:0C:79:30:F8:7E:69:35:59:09:0D:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6g10GAXbugWDHkw-H5pNVkJDXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/WxKERWcgZHE3QlVsylKc45ZZndo.roa
Signing time: Thu 02 Jan 2025 03:49:08 +0000
ROA not before: Thu 02 Jan 2025 03:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9135
IP address blocks: 213.164.128.0/19 maxlen: 19
213.164.137.0/24 maxlen: 24
213.164.138.0/24 maxlen: 24
2a00:fcc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/q6g10GAXbugWDHkw-H5pNVkJDXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/q6g10GAXbugWDHkw-H5pNVkJDXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/q6g10GAXbugWDHkw-H5pNVkJDXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a2:4c:fb:e6:9b:ea:8b:76:fc:4e:3f:38:a5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba835d060176ee8160c7930f87e693559090d78
Validity
Not Before: Jan 2 03:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b128445672064713742556cca529ce396599dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:30:46:2c:71:5d:27:22:0f:ef:f9:f5:90:cb:
ee:d1:64:38:6a:64:78:e0:68:de:0a:ab:00:02:d0:
e5:4a:ee:98:64:53:d6:eb:aa:a7:5c:72:36:43:b3:
73:ba:6b:db:34:08:db:be:cd:2d:ff:a7:36:7a:11:
91:5d:f9:f6:18:8c:4c:2a:6e:04:4d:c4:09:63:07:
eb:82:57:10:6c:c9:dd:19:4e:d3:a3:09:ed:fd:2c:
fa:dc:9b:43:b8:c2:bf:91:f5:9d:a1:2a:c6:bc:98:
5d:3d:36:65:89:c6:d8:f5:81:e5:d4:ab:32:4c:4f:
b6:b3:df:27:73:4c:24:23:d8:37:70:ca:1a:3c:66:
2b:dd:e0:4c:8f:02:3d:ee:33:08:4d:0b:a7:e0:1d:
0b:4a:ea:cf:d2:85:00:b6:b7:fc:3f:b6:5b:c9:9c:
11:eb:92:49:98:fd:96:f2:fa:0d:a6:26:ce:a9:da:
66:05:a9:3c:32:74:c7:ca:a9:46:b5:ed:00:36:18:
56:9e:30:f6:71:6c:b8:14:6e:5c:72:90:af:46:6f:
51:40:d2:e1:95:1d:53:7e:4d:ad:c3:55:d9:7e:35:
97:ef:71:5e:90:1d:18:04:7b:a2:eb:1c:d2:de:e8:
42:a1:51:53:36:c1:19:21:88:b7:c5:ee:41:42:b3:
64:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:12:84:45:67:20:64:71:37:42:55:6C:CA:52:9C:E3:96:59:9D:DA
X509v3 Authority Key Identifier:
keyid:AB:A8:35:D0:60:17:6E:E8:16:0C:79:30:F8:7E:69:35:59:09:0D:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6g10GAXbugWDHkw-H5pNVkJDXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/WxKERWcgZHE3QlVsylKc45ZZndo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/46d1d2-a6c0-47be-8771-c3ab6b3466c0/1/q6g10GAXbugWDHkw-H5pNVkJDXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.164.128.0/19
IPv6:
2a00:fcc0::/32
Signature Algorithm: sha256WithRSAEncryption
76:9d:6b:64:9b:e4:f2:23:4e:2e:93:c0:1b:e5:fd:8d:87:86:
45:9d:22:c3:97:73:f9:a6:85:d5:81:68:33:ef:f6:c9:81:98:
4d:9b:e8:bd:1c:23:c5:8c:89:11:3b:63:98:1e:26:1b:77:c5:
b0:71:9e:46:e5:34:4d:2a:19:5a:3a:42:b4:75:a9:6d:79:23:
46:36:d3:c4:7e:09:78:31:ad:2e:99:33:48:e2:44:d9:7d:2d:
b6:1f:52:a8:0e:df:5b:ec:63:34:67:da:4a:98:b1:ac:0a:6c:
85:11:7a:dd:59:eb:d7:69:29:dd:01:d8:5a:b9:05:57:89:22:
89:8e:72:46:0b:55:43:d9:49:da:d3:6e:0d:dd:8c:d4:29:04:
e0:ec:18:ad:ba:77:33:6c:4a:90:c6:40:c6:e8:15:f4:63:16:
27:7f:83:f4:fd:a2:85:79:34:ab:5e:d7:35:19:d0:c8:0c:e7:
33:57:6a:f7:81:14:bf:f8:bc:64:17:85:0d:aa:b8:be:86:da:
b7:64:9d:18:7a:3f:e9:00:c5:e6:ae:6d:2a:57:25:72:5a:c9:
a7:b2:02:d2:5c:6c:c5:97:58:de:67:d1:be:a5:7a:49:da:c8:
3b:36:28:4c:b3:60:c3:9b:e8:a1:5d:49:01:58:e6:71:eb:65:
84:85:68:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIaJM++ab6ot2/E4/OKXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTgzNWQwNjAxNzZlZTgxNjBjNzkzMGY4N2U2OTM1NTkw
OTBkNzgwHhcNMjUwMTAyMDM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjEyODQ0NTY3MjA2NDcxMzc0MjU1NmNjYTUyOWNlMzk2NTk5ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDBGLHFdJyIP7/n1kMvu0WQ4amR4
4GjeCqsAAtDlSu6YZFPW66qnXHI2Q7NzumvbNAjbvs0t/6c2ehGRXfn2GIxMKm4E
TcQJYwfrglcQbMndGU7Townt/Sz63JtDuMK/kfWdoSrGvJhdPTZlicbY9YHl1Ksy
TE+2s98nc0wkI9g3cMoaPGYr3eBMjwI97jMITQun4B0LSurP0oUAtrf8P7ZbyZwR
65JJmP2W8voNpibOqdpmBak8MnTHyqlGte0ANhhWnjD2cWy4FG5ccpCvRm9RQNLh
lR1Tfk2tw1XZfjWX73FekB0YBHui6xzS3uhCoVFTNsEZIYi3xe5BQrNkKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFsShEVnIGRxN0JVbMpSnOOWWZ3aMB8GA1UdIwQY
MBaAFKuoNdBgF27oFgx5MPh+aTVZCQ14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZnMTBHQVhidWdXREhrdy1INXBOVmtKRFhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NmQxZDItYTZjMC00N2JlLTg3NzEt
YzNhYjZiMzQ2NmMwLzEvV3hLRVJXY2daSEUzUWxWc3lsS2M0NVpabmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NmQxZDItYTZjMC00N2JlLTg3NzEtYzNhYjZiMzQ2NmMw
LzEvcTZnMTBHQVhidWdXREhrdy1INXBOVmtKRFhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1aSAMA0E
AgACMAcDBQAqAPzAMA0GCSqGSIb3DQEBCwUAA4IBAQB2nWtkm+TyI04uk8Ab5f2N
h4ZFnSLDl3P5poXVgWgz7/bJgZhNm+i9HCPFjIkRO2OYHiYbd8WwcZ5G5TRNKhla
OkK0dalteSNGNtPEfgl4Ma0umTNI4kTZfS22H1KoDt9b7GM0Z9pKmLGsCmyFEXrd
WevXaSndAdhauQVXiSKJjnJGC1VD2Una024N3YzUKQTg7BitunczbEqQxkDG6BX0
YxYnf4P0/aKFeTSrXtc1GdDIDOczV2r3gRS/+LxkF4UNqri+htq3ZJ0Yej/pAMXm
rm0qVyVyWsmnsgLSXGzFl1jeZ9G+pXpJ2sg7NihMs2DDm+ihXUkBWOZx62WEhWg6
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:03 2025 by rpki-client