Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFX7xPpJ7yA033Ye7jyB7b5hfrY.roa
File: wFX7xPpJ7yA033Ye7jyB7b5hfrY.roa (raw, json)
Hash identifier: cWLM1VzdX6e7FN9H2A5u+k5ZkEsPKCYG7CFbFvNUR/k=
Subject key identifier: C0:55:FB:C4:FA:49:EF:20:34:DF:76:1E:EE:3C:81:ED:BE:61:7E:B6
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 019425FC10354DC255FC992FF83339FB55EA
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFX7xPpJ7yA033Ye7jyB7b5hfrY.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 185.164.64.0/23 maxlen: 23
2a0f:4cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 18:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:10:35:4d:c2:55:fc:99:2f:f8:33:39:fb:55:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c055fbc4fa49ef2034df761eee3c81edbe617eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:a2:44:13:78:8c:a7:cf:25:40:41:36:80:
c2:18:9f:4f:e6:45:c2:f1:2b:9d:97:db:ac:40:fa:
94:d9:e2:92:7a:2e:ea:eb:7e:0b:d5:30:07:a0:90:
32:6e:04:b7:de:00:e6:b4:4a:73:06:35:fd:4e:d5:
d1:08:c8:b2:18:fe:af:59:53:77:8e:ee:b0:4e:37:
e2:3e:a2:6a:a6:aa:19:d6:90:af:ad:2b:1a:9a:74:
40:fb:99:80:76:c9:24:15:4e:da:fe:21:4f:8d:02:
37:62:e4:3c:bb:d9:b4:c1:88:04:0c:20:70:0f:71:
80:04:ad:27:da:fd:37:bc:00:8c:d1:d2:c9:aa:1a:
f1:66:19:b0:af:cf:85:df:4c:a7:d4:44:1c:69:2e:
d4:d3:76:e1:6b:e8:2f:30:07:d0:a3:5c:10:a0:b8:
45:a3:b6:10:d9:b8:5a:2e:6a:b4:b9:9a:90:e1:c6:
db:41:be:ee:69:1f:76:4f:25:8a:9b:09:37:34:33:
9d:f2:9c:f0:b8:a7:ff:63:0e:ee:37:ab:df:62:8c:
f9:94:61:36:f5:6c:40:6a:6f:df:f9:88:2c:41:74:
05:81:ef:89:15:5a:fc:67:2e:93:9d:41:25:0f:7e:
4b:9d:bf:13:a0:e1:d0:64:cc:20:de:61:c0:ba:1e:
03:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:55:FB:C4:FA:49:EF:20:34:DF:76:1E:EE:3C:81:ED:BE:61:7E:B6
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFX7xPpJ7yA033Ye7jyB7b5hfrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.64.0/23
IPv6:
2a0f:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:c6:50:16:8a:28:82:83:3b:f0:52:7d:52:a5:91:5b:b8:38:
a3:4f:ce:09:e0:6d:84:1d:11:3e:ff:97:4a:f3:fb:65:3b:5f:
46:4e:69:c3:8a:17:54:41:16:95:5b:4a:77:79:72:41:9f:c8:
01:dc:94:5b:13:ca:0b:d7:d8:f9:b9:e8:3c:eb:4e:40:40:88:
06:82:e4:fd:86:2b:f3:fa:4a:1f:fc:d5:75:44:3f:2f:af:47:
c6:c5:13:52:73:c0:a3:5e:da:74:44:4e:4c:87:91:00:17:38:
0b:09:e8:b4:0d:37:c9:37:3b:f7:3f:46:65:f0:d6:a7:9c:33:
53:c0:6c:2a:4e:62:73:61:2e:82:43:7c:5c:04:da:93:c1:25:
19:b7:2f:b2:9d:2e:23:06:7d:23:fe:81:4a:73:15:0d:cb:f3:
96:5e:2e:6c:09:1e:53:37:af:05:3f:05:b8:c9:20:08:8d:11:
43:30:4c:3b:39:cd:0f:2b:d2:43:30:02:ae:f8:51:c1:60:27:
d6:42:f7:b4:5a:cb:ec:d4:3e:a3:a7:50:fd:9d:fa:6c:c9:06:
85:9c:b2:ef:ed:ce:ce:6e:7c:0d:47:2e:21:ec:34:1a:c8:29:
06:c7:c8:08:ae:90:dd:d9:31:0f:5d:47:01:20:28:3d:61:c7:
38:be:56:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/BA1TcJV/Jkv+DM5+1XqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU1ZmJjNGZhNDllZjIwMzRkZjc2MWVlZTNjODFlZGJlNjE3ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvOiRBN4jKfPJUBBNoDCGJ9P5kXC
8Sudl9usQPqU2eKSei7q634L1TAHoJAybgS33gDmtEpzBjX9TtXRCMiyGP6vWVN3
ju6wTjfiPqJqpqoZ1pCvrSsamnRA+5mAdskkFU7a/iFPjQI3YuQ8u9m0wYgEDCBw
D3GABK0n2v03vACM0dLJqhrxZhmwr8+F30yn1EQcaS7U03bha+gvMAfQo1wQoLhF
o7YQ2bhaLmq0uZqQ4cbbQb7uaR92TyWKmwk3NDOd8pzwuKf/Yw7uN6vfYoz5lGE2
9WxAam/f+YgsQXQFge+JFVr8Zy6TnUElD35Lnb8ToOHQZMwg3mHAuh4DZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBV+8T6Se8gNN92Hu48ge2+YX62MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvd0ZYN3hQcEo3eUEwMzNZZTdqeUI3YjVoZnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaRAMA0E
AgACMAcDBQMqD0zAMA0GCSqGSIb3DQEBCwUAA4IBAQCJxlAWiiiCgzvwUn1SpZFb
uDijT84J4G2EHRE+/5dK8/tlO19GTmnDihdUQRaVW0p3eXJBn8gB3JRbE8oL19j5
ueg8605AQIgGguT9hivz+kof/NV1RD8vr0fGxRNSc8CjXtp0RE5Mh5EAFzgLCei0
DTfJNzv3P0Zl8NannDNTwGwqTmJzYS6CQ3xcBNqTwSUZty+ynS4jBn0j/oFKcxUN
y/OWXi5sCR5TN68FPwW4ySAIjRFDMEw7Oc0PK9JDMAKu+FHBYCfWQve0Wsvs1D6j
p1D9nfpsyQaFnLLv7c7ObnwNRy4h7DQayCkGx8gIrpDd2TEPXUcBICg9Ycc4vlY4
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:23:07 2025 by rpki-client