Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wfIcKyhQnZbXstiW89UpyNXR4U8.roa
File: wfIcKyhQnZbXstiW89UpyNXR4U8.roa (raw, json)
Hash identifier: bbcCfBndZlxqIb2W00iANrwp7NHBy2EixcVKy65SR4A=
Subject key identifier: C1:F2:1C:2B:28:50:9D:96:D7:B2:D8:96:F3:D5:29:C8:D5:D1:E1:4F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B3AB81D18A4FA46F36C6811443D2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wfIcKyhQnZbXstiW89UpyNXR4U8.roa
Signing time: Wed 01 Jan 2025 21:47:40 +0000
ROA not before: Wed 01 Jan 2025 21:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 93.114.74.0/24 maxlen: 24
93.114.75.0/24 maxlen: 24
93.114.76.0/24 maxlen: 24
93.114.77.0/24 maxlen: 24
93.114.78.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b3:ab:81:d1:8a:4f:a4:6f:36:c6:81:14:43:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1f21c2b28509d96d7b2d896f3d529c8d5d1e14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:77:c5:4a:63:f5:ed:3c:74:6d:72:8c:1d:bb:
c1:17:4c:58:77:32:34:a9:58:aa:87:64:0d:a7:3c:
9c:64:e0:59:2e:d6:f9:bf:13:66:4a:cb:06:b0:8e:
22:34:3e:ff:ff:90:80:42:49:a7:b1:9b:c2:32:c4:
7c:03:cf:bb:37:1d:c3:48:55:48:b2:57:88:53:e5:
50:19:80:fa:27:41:78:86:aa:7e:b8:91:33:03:56:
c9:ce:61:16:d9:3e:d9:42:f5:e4:69:f2:57:8f:ee:
d6:9f:29:8a:af:1e:59:4a:0d:47:bb:b8:fb:a2:44:
24:25:5e:93:36:47:b0:a2:ea:c6:f5:b1:77:d5:b7:
e3:c9:20:e6:e3:f2:7c:a6:b4:4b:2b:14:6a:0d:90:
c4:5e:49:f9:64:fb:cf:72:a3:d0:b3:08:fa:1f:93:
0a:c0:93:b1:d3:f4:2c:00:96:1e:9a:c6:e8:b5:44:
19:6d:0d:40:b6:81:02:41:bf:65:11:d7:1e:a2:16:
0a:6b:02:2e:0f:d2:06:d0:80:f2:1d:18:28:cf:84:
23:73:04:64:7d:07:4b:f5:d2:51:2c:5e:91:7b:9d:
b3:5f:c9:61:db:e4:41:5b:53:6e:ea:66:6a:ec:60:
c9:db:11:a7:7c:25:76:ea:40:2c:2c:03:0e:66:50:
c8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F2:1C:2B:28:50:9D:96:D7:B2:D8:96:F3:D5:29:C8:D5:D1:E1:4F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wfIcKyhQnZbXstiW89UpyNXR4U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.74.0-93.114.79.255
Signature Algorithm: sha256WithRSAEncryption
4c:62:40:83:6e:26:3e:20:26:b3:cb:5a:97:fb:d0:9e:5d:1e:
6e:31:cc:97:32:63:3a:90:9b:e3:74:05:7f:5b:2b:d8:38:be:
80:1d:84:aa:41:39:e7:ae:9f:e2:18:39:13:39:76:68:a3:88:
ea:54:24:5c:64:c3:4b:1d:e7:e5:bb:f7:5a:0f:f8:e5:f5:a3:
fa:08:c9:6f:7c:66:9d:0c:9c:c0:9b:0a:35:3f:bd:81:3a:10:
9a:9f:53:cc:19:01:1b:34:64:e1:b2:64:22:14:d4:0d:3e:cf:
47:7e:be:9f:ea:cd:c0:7e:34:70:ad:b7:43:a9:4b:5a:fe:c2:
5f:5e:82:01:7a:1a:c3:1f:7b:4b:7f:ed:9d:f4:67:b9:1d:46:
e7:23:b6:c3:17:8d:c4:75:5d:87:96:f2:fd:2a:2d:35:e9:ef:
f7:2b:99:0b:0f:00:13:72:f1:47:81:fa:23:17:a6:90:6c:7b:
88:55:75:38:03:07:8b:41:2f:43:32:e1:1e:cd:46:cb:e1:44:
16:71:54:03:3c:36:2d:c8:87:ab:7a:b7:e2:09:41:0e:c0:e1:
d2:2c:af:a6:bb:64:45:68:af:83:11:8b:1d:a0:68:a6:c8:cb:
55:25:4a:7d:1f:b2:f3:63:04:7d:ea:82:fe:4e:73:bd:95:60:
2b:97:6d:77
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQj1rOrgdGKT6RvNsaBFEPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYyMWMyYjI4NTA5ZDk2ZDdiMmQ4OTZmM2Q1MjljOGQ1ZDFlMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXfFSmP17Tx0bXKMHbvBF0xYdzI0
qViqh2QNpzycZOBZLtb5vxNmSssGsI4iND7//5CAQkmnsZvCMsR8A8+7Nx3DSFVI
sleIU+VQGYD6J0F4hqp+uJEzA1bJzmEW2T7ZQvXkafJXj+7WnymKrx5ZSg1Hu7j7
okQkJV6TNkewourG9bF31bfjySDm4/J8prRLKxRqDZDEXkn5ZPvPcqPQswj6H5MK
wJOx0/QsAJYemsbotUQZbQ1AtoECQb9lEdceohYKawIuD9IG0IDyHRgoz4QjcwRk
fQdL9dJRLF6Re52zX8lh2+RBW1Nu6mZq7GDJ2xGnfCV26kAsLAMOZlDIFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMHyHCsoUJ2W17LYlvPVKcjV0eFPMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd2ZJY0t5aFFuWmJYc3RpVzg5VXB5TlhSNFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFdckoD
BARdckAwDQYJKoZIhvcNAQELBQADggEBAExiQINuJj4gJrPLWpf70J5dHm4xzJcy
YzqQm+N0BX9bK9g4voAdhKpBOeeun+IYORM5dmijiOpUJFxkw0sd5+W791oP+OX1
o/oIyW98Zp0MnMCbCjU/vYE6EJqfU8wZARs0ZOGyZCIU1A0+z0d+vp/qzcB+NHCt
t0OpS1r+wl9eggF6GsMfe0t/7Z30Z7kdRucjtsMXjcR1XYeW8v0qLTXp7/crmQsP
ABNy8UeB+iMXppBse4hVdTgDB4tBL0My4R7NRsvhRBZxVAM8Ni3Ih6t6t+IJQQ7A
4dIsr6a7ZEVor4MRix2gaKbIy1UlSn0fsvNjBH3qgv5Oc72VYCuXbXc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:47 2025 by rpki-client