Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/W2DMRJ_k9e8AoJXRItyS4Y_0GsE.roa
File: W2DMRJ_k9e8AoJXRItyS4Y_0GsE.roa (raw, json)
Hash identifier: u28JHNr8um784JuRkZF/hrHuBy1UKccyyYxb4cD+A4A=
Subject key identifier: 5B:60:CC:44:9F:E4:F5:EF:00:A0:95:D1:22:DC:92:E1:8F:F4:1A:C1
Certificate issuer: /CN=66d9758b8c8c373583c0575166d62343600c7f01
Certificate serial: 01942369C1743814FB3D14F34A6CA7489CBE
Authority key identifier: 66:D9:75:8B:8C:8C:37:35:83:C0:57:51:66:D6:23:43:60:0C:7F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/W2DMRJ_k9e8AoJXRItyS4Y_0GsE.roa
Signing time: Wed 01 Jan 2025 19:48:40 +0000
ROA not before: Wed 01 Jan 2025 19:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47302
IP address blocks: 91.206.24.0/23 maxlen: 23
149.126.0.0/21 maxlen: 21
185.174.216.0/22 maxlen: 22
194.126.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c1:74:38:14:fb:3d:14:f3:4a:6c:a7:48:9c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d9758b8c8c373583c0575166d62343600c7f01
Validity
Not Before: Jan 1 19:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b60cc449fe4f5ef00a095d122dc92e18ff41ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:b0:d4:9e:69:de:cb:73:8c:b7:e7:68:be:
13:fd:81:7d:e9:37:85:46:6d:18:79:06:7d:7f:23:
e8:a8:65:9f:5c:ec:ac:ad:96:26:c2:5b:b0:c6:d2:
ee:8e:72:8f:fc:21:4e:e5:f5:83:1e:54:de:06:37:
63:ea:01:ab:68:4d:42:70:99:39:10:dc:65:3b:63:
bd:7d:55:47:9e:b0:33:31:f6:11:11:25:e3:0b:11:
a5:f8:f2:88:f0:d7:7d:c5:2a:3b:d8:86:59:55:6b:
d1:8f:f5:1a:7c:2a:d1:7e:63:65:6d:c0:1b:d8:a3:
a7:e9:83:f5:1d:2d:ff:6f:18:56:b6:35:07:b3:17:
62:54:1e:a8:57:8c:8c:2c:15:1b:fe:6d:60:73:8c:
d9:9f:d7:6d:2f:4b:fc:1c:ad:c6:5b:e4:a4:45:29:
6b:5f:88:24:60:91:f3:c6:97:2c:d7:c6:d7:40:47:
a9:c8:40:ec:fb:49:63:7f:38:ca:a3:c1:88:f2:33:
74:04:d2:c5:02:2f:7e:d4:a6:c1:96:c8:73:ba:51:
f6:7c:ab:3e:de:8d:91:45:6e:aa:c5:fa:99:99:74:
e4:99:25:eb:b8:4a:3a:47:57:89:29:7b:4a:7f:ec:
ee:a0:df:97:ed:6c:fb:7b:61:f2:95:6c:0b:68:de:
3c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:60:CC:44:9F:E4:F5:EF:00:A0:95:D1:22:DC:92:E1:8F:F4:1A:C1
X509v3 Authority Key Identifier:
keyid:66:D9:75:8B:8C:8C:37:35:83:C0:57:51:66:D6:23:43:60:0C:7F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/W2DMRJ_k9e8AoJXRItyS4Y_0GsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.24.0/23
149.126.0.0/21
185.174.216.0/22
194.126.200.0/24
Signature Algorithm: sha256WithRSAEncryption
66:90:1c:87:74:d4:97:8c:2a:5e:10:87:bc:07:02:9a:fd:a9:
37:9a:50:b3:c1:35:a1:4b:ec:0d:1f:40:5a:fc:06:83:2b:36:
b5:2d:bb:b5:75:37:f0:dd:6f:fd:d7:58:64:4e:0e:e0:78:cf:
aa:ba:50:5e:6c:e1:d7:25:55:41:19:86:3b:8b:90:fa:80:61:
ed:53:08:25:94:8a:e9:8d:22:8a:42:30:a8:e2:3e:40:ac:0a:
40:08:0a:e8:c8:ce:09:c3:d8:0c:0e:9a:e5:8b:9c:a3:80:ef:
0e:98:e5:a0:97:ce:55:1b:30:77:ed:ea:05:63:f0:44:e5:b3:
99:a4:a4:0a:62:7c:41:74:27:ab:77:9e:19:5e:c3:8d:a0:96:
a9:93:66:f9:a5:35:30:54:4c:9d:e4:8f:f8:f3:f6:f6:bc:35:
c1:f2:83:be:ce:12:af:a4:10:26:b1:bb:e4:cb:76:49:ed:53:
63:a8:50:82:08:c7:58:1d:85:47:93:e5:6d:a4:df:7f:a7:fc:
32:1e:60:84:c0:d0:08:8b:ed:48:2a:a6:16:83:20:ea:bb:24:
04:c2:81:54:79:7b:a0:53:bf:86:4e:9f:ae:8e:53:74:98:da:
5c:51:fa:9f:c7:d8:ce:c7:44:32:6a:ff:96:08:b1:91:c2:e2:
8f:60:73:d3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjacF0OBT7PRTzSmynSJy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDk3NThiOGM4YzM3MzU4M2MwNTc1MTY2ZDYyMzQzNjAw
YzdmMDEwHhcNMjUwMTAxMTk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYwY2M0NDlmZTRmNWVmMDBhMDk1ZDEyMmRjOTJlMThmZjQxYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTCw1J5p3stzjLfnaL4T/YF96TeF
Rm0YeQZ9fyPoqGWfXOysrZYmwluwxtLujnKP/CFO5fWDHlTeBjdj6gGraE1CcJk5
ENxlO2O9fVVHnrAzMfYRESXjCxGl+PKI8Nd9xSo72IZZVWvRj/UafCrRfmNlbcAb
2KOn6YP1HS3/bxhWtjUHsxdiVB6oV4yMLBUb/m1gc4zZn9dtL0v8HK3GW+SkRSlr
X4gkYJHzxpcs18bXQEepyEDs+0ljfzjKo8GI8jN0BNLFAi9+1KbBlshzulH2fKs+
3o2RRW6qxfqZmXTkmSXruEo6R1eJKXtKf+zuoN+X7Wz7e2HylWwLaN48ZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFtgzESf5PXvAKCV0SLckuGP9BrBMB8GA1UdIwQY
MBaAFGbZdYuMjDc1g8BXUWbWI0NgDH8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRsMWk0eU1OeldEd0ZkUlp0WWpRMkFNZndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81ZDRkMmYtYmExOC00MjExLWJjOWIt
ZWU4ODMxOTI0YjMyLzEvVzJETVJKX2s5ZThBb0pYUkl0eVM0WV8wR3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81ZDRkMmYtYmExOC00MjExLWJjOWItZWU4ODMxOTI0YjMy
LzEvWnRsMWk0eU1OeldEd0ZkUlp0WWpRMkFNZndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW84YAwQD
lX4AAwQCua7YAwQAwn7IMA0GCSqGSIb3DQEBCwUAA4IBAQBmkByHdNSXjCpeEIe8
BwKa/ak3mlCzwTWhS+wNH0Ba/AaDKza1Lbu1dTfw3W/911hkTg7geM+qulBebOHX
JVVBGYY7i5D6gGHtUwgllIrpjSKKQjCo4j5ArApACAroyM4Jw9gMDprli5yjgO8O
mOWgl85VGzB37eoFY/BE5bOZpKQKYnxBdCerd54ZXsONoJapk2b5pTUwVEyd5I/4
8/b2vDXB8oO+zhKvpBAmsbvky3ZJ7VNjqFCCCMdYHYVHk+VtpN9/p/wyHmCEwNAI
i+1IKqYWgyDquyQEwoFUeXugU7+GTp+ujlN0mNpcUfqfx9jOx0Qyav+WCLGRwuKP
YHPT
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:08 2025 by rpki-client