Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/PW26W-VSuEOhQv0UYQiviWvM3PQ.roa
File: PW26W-VSuEOhQv0UYQiviWvM3PQ.roa (raw, json)
Hash identifier: amtlrhmVHqku8l89qlGVcPiKPSCbAqVjZC9kdgQdMxM=
Subject key identifier: 3D:6D:BA:5B:E5:52:B8:43:A1:42:FD:14:61:08:AF:89:6B:CC:DC:F4
Certificate issuer: /CN=053e94501f0fd2cdea3c2e7b46318e6e7f515f73
Certificate serial: 0194258E579769EF1E2509DC08D4959B5A24
Authority key identifier: 05:3E:94:50:1F:0F:D2:CD:EA:3C:2E:7B:46:31:8E:6E:7F:51:5F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT6UUB8P0s3qPC57RjGObn9RX3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/PW26W-VSuEOhQv0UYQiviWvM3PQ.roa
Signing time: Thu 02 Jan 2025 05:47:53 +0000
ROA not before: Thu 02 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13101
IP address blocks: 82.97.128.0/18 maxlen: 24
86.103.0.0/16 maxlen: 24
176.119.214.0/24 maxlen: 24
185.118.20.0/22 maxlen: 24
213.158.96.0/19 maxlen: 24
213.178.64.0/19 maxlen: 24
217.70.192.0/20 maxlen: 24
2a00:12d0::/29 maxlen: 29
2a03:c140::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/BT6UUB8P0s3qPC57RjGObn9RX3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/BT6UUB8P0s3qPC57RjGObn9RX3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/BT6UUB8P0s3qPC57RjGObn9RX3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:57:97:69:ef:1e:25:09:dc:08:d4:95:9b:5a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053e94501f0fd2cdea3c2e7b46318e6e7f515f73
Validity
Not Before: Jan 2 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d6dba5be552b843a142fd146108af896bccdcf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:01:88:0b:0c:d6:ec:ba:87:17:12:84:0c:04:
e0:eb:dc:38:61:40:f4:42:7b:fc:16:70:92:d2:03:
d1:d3:56:32:86:31:92:ac:32:77:d3:f2:00:47:b6:
b8:07:19:28:42:9d:ca:0d:d7:3c:52:79:33:9a:22:
c2:ee:0d:ee:9e:c2:14:55:94:76:fe:e0:39:cd:8c:
1b:3f:7a:4a:8d:9f:e8:3d:db:35:17:58:6c:7f:84:
46:02:58:c9:9d:e5:07:a0:0d:1b:4f:1c:37:4c:8c:
74:63:98:5d:cf:76:c0:16:ab:b3:9a:82:53:12:53:
e8:ce:ca:5f:ad:1d:fe:ef:3e:0e:3c:bf:89:2c:5c:
8c:fa:b6:bc:71:61:61:96:7c:d7:6c:8d:a6:08:50:
b5:bd:73:02:ea:56:51:46:a5:09:fc:c7:b5:aa:f4:
12:82:6e:90:6e:7b:dd:84:3e:2c:81:ca:b9:cf:57:
40:e2:54:18:fc:42:18:72:ec:31:87:d0:6c:40:af:
6c:15:b3:eb:6d:9e:6d:dd:0c:2e:12:91:1a:61:71:
b8:54:fc:82:4d:2b:0d:14:73:76:13:fa:cd:2d:16:
1a:24:8e:da:00:5e:99:fd:4a:09:9c:bb:25:09:40:
67:5b:ba:09:2c:e6:07:05:61:f0:6c:7d:76:dd:f1:
f8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6D:BA:5B:E5:52:B8:43:A1:42:FD:14:61:08:AF:89:6B:CC:DC:F4
X509v3 Authority Key Identifier:
keyid:05:3E:94:50:1F:0F:D2:CD:EA:3C:2E:7B:46:31:8E:6E:7F:51:5F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT6UUB8P0s3qPC57RjGObn9RX3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/PW26W-VSuEOhQv0UYQiviWvM3PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/BT6UUB8P0s3qPC57RjGObn9RX3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.128.0/18
86.103.0.0/16
176.119.214.0/24
185.118.20.0/22
213.158.96.0/19
213.178.64.0/19
217.70.192.0/20
IPv6:
2a00:12d0::/29
2a03:c140::/29
Signature Algorithm: sha256WithRSAEncryption
63:5b:74:53:d5:eb:5b:0f:82:83:15:c4:42:11:75:e9:8f:3b:
5d:e5:05:50:c4:8a:ca:7c:19:26:86:51:17:4d:ef:b5:07:ca:
91:c5:a4:c1:40:fe:bc:5c:01:f1:d1:9c:20:e7:c4:0b:4c:25:
b7:c7:f0:8e:e6:1a:41:b9:41:98:04:74:f5:bf:2a:b6:6d:a0:
fa:35:92:cc:a5:86:13:ad:33:18:70:b5:45:2b:83:63:e9:a0:
8c:cc:b7:70:b7:01:b0:4d:02:f2:af:64:91:79:5e:16:83:56:
6d:ca:a8:94:05:5b:4d:d2:f5:79:ec:1f:bd:af:8c:b3:02:b5:
77:8e:2a:c1:df:54:a1:b8:57:fc:ca:84:93:40:6a:b0:ef:b0:
72:9e:2c:52:73:ea:d9:b9:16:21:f1:47:fb:94:94:72:d7:4f:
35:b8:69:ba:4c:86:c5:32:f3:06:ea:37:9c:f5:28:9a:24:68:
14:4f:5a:f0:c2:98:71:a6:79:d7:b6:e5:c6:0f:73:25:59:14:
69:80:8a:c6:8e:ec:7b:58:08:9e:76:04:fa:2b:e3:ab:b7:f7:
f6:30:3d:4c:ba:bb:09:d7:6e:7b:02:f4:dd:41:73:9f:0d:e2:
a2:b7:98:6a:0b:66:e9:73:19:e6:4b:ef:3e:81:7e:18:68:7f:
ac:e3:3c:06
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQljleXae8eJQncCNSVm1okMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2U5NDUwMWYwZmQyY2RlYTNjMmU3YjQ2MzE4ZTZlN2Y1
MTVmNzMwHhcNMjUwMTAyMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZkYmE1YmU1NTJiODQzYTE0MmZkMTQ2MTA4YWY4OTZiY2NkY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQGICwzW7LqHFxKEDATg69w4YUD0
Qnv8FnCS0gPR01YyhjGSrDJ30/IAR7a4BxkoQp3KDdc8UnkzmiLC7g3unsIUVZR2
/uA5zYwbP3pKjZ/oPds1F1hsf4RGAljJneUHoA0bTxw3TIx0Y5hdz3bAFquzmoJT
ElPozspfrR3+7z4OPL+JLFyM+ra8cWFhlnzXbI2mCFC1vXMC6lZRRqUJ/Me1qvQS
gm6QbnvdhD4sgcq5z1dA4lQY/EIYcuwxh9BsQK9sFbPrbZ5t3QwuEpEaYXG4VPyC
TSsNFHN2E/rNLRYaJI7aAF6Z/UoJnLslCUBnW7oJLOYHBWHwbH123fH4+wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFD1tulvlUrhDoUL9FGEIr4lrzNz0MB8GA1UdIwQY
MBaAFAU+lFAfD9LN6jwue0Yxjm5/UV9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQ2VVVCOFAwczNxUEM1N1JqR09ibjlSWDNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NjQ1MmItNGI5My00MWU1LWE4YTIt
NjFiNTI2Mzc5MjFiLzEvUFcyNlctVlN1RU9oUXYwVVlRaXZpV3ZNM1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NjQ1MmItNGI5My00MWU1LWE4YTItNjFiNTI2Mzc5MjFi
LzEvQlQ2VVVCOFAwczNxUEM1N1JqR09ibjlSWDNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQGUmGAAwMA
VmcDBACwd9YDBAK5dhQDBAXVnmADBAXVskADBATZRsAwFAQCAAIwDgMFAyoAEtAD
BQMqA8FAMA0GCSqGSIb3DQEBCwUAA4IBAQBjW3RT1etbD4KDFcRCEXXpjztd5QVQ
xIrKfBkmhlEXTe+1B8qRxaTBQP68XAHx0Zwg58QLTCW3x/CO5hpBuUGYBHT1vyq2
baD6NZLMpYYTrTMYcLVFK4Nj6aCMzLdwtwGwTQLyr2SReV4Wg1ZtyqiUBVtN0vV5
7B+9r4yzArV3jirB31ShuFf8yoSTQGqw77BynixSc+rZuRYh8Uf7lJRy1081uGm6
TIbFMvMG6jec9SiaJGgUT1rwwphxpnnXtuXGD3MlWRRpgIrGjux7WAiedgT6K+Or
t/f2MD1MursJ1257AvTdQXOfDeKit5hqC2bpcxnmS+8+gX4YaH+s4zwG
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:01:36 2025 by rpki-client