Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/WGlvtk8IWZ6ds_c_g4mOAVqrlN4.roa
File: WGlvtk8IWZ6ds_c_g4mOAVqrlN4.roa (raw, json)
Hash identifier: S/+B1U6aTb4hiIDRGdBxuiRRAF8hyixivQGp2pknvUs=
Subject key identifier: 58:69:6F:B6:4F:08:59:9E:9D:B3:F7:3F:83:89:8E:01:5A:AB:94:DE
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC247B3B5845A1154560ED9D231F2
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/WGlvtk8IWZ6ds_c_g4mOAVqrlN4.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8562
IP address blocks: 84.20.184.0/22 maxlen: 22
90.152.128.0/17 maxlen: 17
176.66.64.0/18 maxlen: 18
185.157.248.0/23 maxlen: 23
193.154.144.0/20 maxlen: 20
217.76.160.0/20 maxlen: 20
2001:890:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c2:47:b3:b5:84:5a:11:54:56:0e:d9:d2:31:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58696fb64f08599e9db3f73f83898e015aab94de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d2:a9:a4:55:73:5c:07:b6:ee:87:5e:d8:4f:
e3:b6:95:b7:b7:54:4e:80:cc:34:e7:22:02:d6:59:
2c:e7:eb:18:12:50:53:bb:12:7e:1c:d3:86:bf:ad:
04:5a:47:2e:f7:b8:28:88:d3:33:d9:f2:c5:84:55:
29:e2:2f:77:30:a9:fd:ea:8c:cd:ca:c0:f6:fd:07:
10:6a:54:f4:84:fe:b9:e4:50:69:fc:af:ae:68:39:
d2:47:dc:0d:42:90:d2:cb:fb:35:fc:bb:f8:46:1f:
09:fe:a2:d1:e0:f9:95:72:53:37:58:45:8a:fd:33:
e0:5b:d8:68:2e:ae:2c:c4:76:e8:34:fc:d3:a2:38:
c2:6e:e1:ae:a9:18:f3:84:ef:d8:0e:81:bc:d0:01:
49:29:c6:40:fd:6f:66:f6:be:c6:8f:86:c6:12:21:
00:c4:cf:be:0e:32:1c:4a:55:42:e0:e6:1e:2a:b9:
65:67:f3:da:0b:75:c7:04:50:f3:59:ab:51:f3:db:
a8:ed:7d:9b:54:a0:18:13:ae:85:00:54:30:96:16:
4c:ae:23:58:05:fe:5a:82:a7:df:74:fd:5d:81:68:
7e:4c:a0:45:c4:8e:85:ce:37:6d:cd:eb:59:b8:25:
08:18:a6:10:ce:2d:8f:e0:13:c7:76:68:a9:90:6c:
d5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:69:6F:B6:4F:08:59:9E:9D:B3:F7:3F:83:89:8E:01:5A:AB:94:DE
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/WGlvtk8IWZ6ds_c_g4mOAVqrlN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.184.0/22
90.152.128.0/17
176.66.64.0/18
185.157.248.0/23
193.154.144.0/20
217.76.160.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
b9:75:47:da:8f:e1:ec:55:76:ae:e8:cc:31:31:e2:0f:5c:74:
59:bd:f3:c5:93:d9:02:62:8b:fb:cf:2c:69:7f:4d:ba:ef:86:
28:7b:64:50:a2:19:cc:db:7f:56:19:f2:7a:d1:99:81:c8:03:
f4:01:24:0e:40:83:6e:88:dc:b2:e8:af:79:b2:96:1a:ef:a5:
0b:42:68:2c:30:d8:b1:a6:59:b5:a4:cf:4c:a3:01:2f:74:34:
df:82:29:eb:4f:c0:f6:c1:de:94:2c:e8:da:e4:f8:1b:27:8a:
3e:7a:d7:d8:67:d3:dc:db:f5:9b:92:79:d4:e8:19:93:39:df:
a7:c4:bb:c8:44:fb:41:6f:b8:9f:25:23:09:14:ef:20:2f:d4:
53:98:73:e5:65:c3:62:4f:48:35:32:95:46:12:d1:5d:25:81:
34:13:37:c6:97:2a:e4:52:67:0e:f6:30:95:8d:12:a7:1d:af:
eb:17:2e:3e:68:61:6d:06:9b:df:e6:d0:7c:61:4d:72:d6:60:
c0:82:d8:56:75:42:bf:5c:e5:56:4a:10:48:54:35:8a:c4:d7:
81:60:13:eb:0e:3c:9b:67:8f:bc:84:af:33:fc:68:e5:c0:79:
61:57:06:70:0f:66:6a:4c:b8:b5:9f:41:f6:c4:13:f8:2e:ba:
35:bf:64:1d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQma8JHs7WEWhFUVg7Z0jHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY5NmZiNjRmMDg1OTllOWRiM2Y3M2Y4Mzg5OGUwMTVhYWI5NGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NKppFVzXAe27ode2E/jtpW3t1RO
gMw05yIC1lks5+sYElBTuxJ+HNOGv60EWkcu97goiNMz2fLFhFUp4i93MKn96ozN
ysD2/QcQalT0hP655FBp/K+uaDnSR9wNQpDSy/s1/Lv4Rh8J/qLR4PmVclM3WEWK
/TPgW9hoLq4sxHboNPzTojjCbuGuqRjzhO/YDoG80AFJKcZA/W9m9r7Gj4bGEiEA
xM++DjIcSlVC4OYeKrllZ/PaC3XHBFDzWatR89uo7X2bVKAYE66FAFQwlhZMriNY
Bf5agqffdP1dgWh+TKBFxI6FzjdtzetZuCUIGKYQzi2P4BPHdmipkGzVdwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFhpb7ZPCFmenbP3P4OJjgFaq5TeMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvV0dsdnRrOElXWjZkc19jX2c0bU9BVnFybE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQCVBS4AwQH
WpiAAwQGsEJAAwQBuZ34AwQEwZqQAwQE2UygMA4EAgACMAgDBgYgAQiQwDANBgkq
hkiG9w0BAQsFAAOCAQEAuXVH2o/h7FV2rujMMTHiD1x0Wb3zxZPZAmKL+88saX9N
uu+GKHtkUKIZzNt/VhnyetGZgcgD9AEkDkCDbojcsuivebKWGu+lC0JoLDDYsaZZ
taTPTKMBL3Q034Ip60/A9sHelCzo2uT4GyeKPnrX2GfT3Nv1m5J51OgZkznfp8S7
yET7QW+4nyUjCRTvIC/UU5hz5WXDYk9INTKVRhLRXSWBNBM3xpcq5FJnDvYwlY0S
px2v6xcuPmhhbQab3+bQfGFNctZgwILYVnVCv1zlVkoQSFQ1isTXgWAT6w48m2eP
vISvM/xo5cB5YVcGcA9maky4tZ9B9sQT+C66Nb9kHQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:31 2025 by rpki-client