Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/weaYZtKN2dyX154ow3SGgXoIRjY.roa
File: weaYZtKN2dyX154ow3SGgXoIRjY.roa (raw, json)
Hash identifier: ed7Amn9Zz2cEzM2Ufd5UFwzqV4Z97E0C1znPlzbxe2k=
Subject key identifier: C1:E6:98:66:D2:8D:D9:DC:97:D7:9E:28:C3:74:86:81:7A:08:46:36
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 01942068431614DA46C1C9A1421DCAA23D61
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/weaYZtKN2dyX154ow3SGgXoIRjY.roa
Signing time: Wed 01 Jan 2025 05:48:11 +0000
ROA not before: Wed 01 Jan 2025 05:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42745
IP address blocks: 5.252.32.0/24 maxlen: 24
5.252.34.0/24 maxlen: 24
5.252.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:43:16:14:da:46:c1:c9:a1:42:1d:ca:a2:3d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Jan 1 05:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1e69866d28dd9dc97d79e28c37486817a084636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ad:62:5a:5d:5e:54:2f:27:89:46:80:99:79:
74:0a:20:c8:3c:a2:96:4a:6a:01:5f:5c:1b:ba:7e:
12:d7:e5:08:71:2e:f7:b2:e3:e7:ea:74:a5:41:71:
f6:7d:a9:11:40:df:0c:d8:db:83:9d:ad:38:4a:fa:
69:ff:ec:5e:ce:d2:36:be:52:4a:b0:07:fe:90:7f:
42:b2:a4:da:df:1f:a6:70:36:32:f2:5f:6d:78:40:
17:50:95:9b:05:8a:1f:2e:58:c4:84:c7:d1:3a:a4:
4c:27:cc:94:82:00:53:90:4d:2c:01:fc:fc:16:6a:
f2:81:5a:8a:95:d0:60:7a:8d:51:e4:f3:3f:62:2e:
e6:fd:31:9e:94:7c:f9:87:0a:19:fb:4f:7d:84:0e:
fc:07:c5:67:73:a4:2b:eb:f9:ad:31:ac:9b:8d:a5:
aa:58:a5:88:1b:6b:6d:23:b9:37:53:4b:11:84:43:
03:cc:69:35:12:6f:fa:2a:87:6f:6b:ab:e0:6e:c4:
6b:89:62:9f:41:c5:fc:de:c7:77:be:5f:a7:4e:61:
09:01:16:30:7e:4f:b9:63:f5:a6:6b:f0:92:b6:36:
b6:38:bc:3b:69:d9:85:9f:d0:32:df:a1:f9:4a:f4:
f6:98:5a:44:a7:b2:aa:29:60:47:c5:80:cc:9a:0f:
3a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E6:98:66:D2:8D:D9:DC:97:D7:9E:28:C3:74:86:81:7A:08:46:36
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/weaYZtKN2dyX154ow3SGgXoIRjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.32.0/24
5.252.34.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:ec:65:22:f8:37:e5:0c:99:ab:1e:a1:c9:3b:59:f6:e7:fa:
0d:ea:29:0c:82:a5:ac:a9:fa:0c:9f:1e:7a:1b:d9:bc:be:c9:
47:3c:84:a3:fe:be:4f:30:85:af:d5:91:9f:43:62:07:e7:ab:
22:6c:bc:8b:d2:b1:da:16:b6:d7:9d:3d:bf:14:98:b0:11:61:
43:da:66:80:bb:da:e6:b8:ac:25:72:64:5c:c2:b5:23:51:05:
47:de:a4:5e:2a:e6:ca:69:80:11:c6:da:da:04:df:bf:f7:8a:
fe:64:d4:94:16:0b:d7:ac:1f:c8:51:6d:4d:1d:25:c4:ae:79:
8d:65:45:d6:30:a0:4a:eb:26:9d:fc:fa:9e:0e:a9:35:82:81:
03:b6:9e:b3:43:49:16:74:e2:7e:69:29:0c:70:28:17:59:1a:
41:90:b0:df:79:32:2d:c9:1d:3b:0d:c2:e3:d6:66:32:c6:92:
f2:4d:15:5e:3c:66:35:23:56:ee:54:0e:e5:97:9b:2e:88:56:
35:6c:61:3e:41:40:26:00:a6:9d:1f:76:8b:29:b5:ac:c5:b6:
0a:9b:5c:0a:b8:cb:72:dd:09:92:f3:84:97:52:f4:72:2d:a3:
83:c4:58:0c:3c:0a:d9:66:52:dc:48:c2:7e:86:b9:ed:2d:a6:
d8:ea:b7:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaEMWFNpGwcmhQh3Koj1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjUwMTAxMDU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU2OTg2NmQyOGRkOWRjOTdkNzllMjhjMzc0ODY4MTdhMDg0NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA161iWl1eVC8niUaAmXl0CiDIPKKW
SmoBX1wbun4S1+UIcS73suPn6nSlQXH2fakRQN8M2NuDna04Svpp/+xeztI2vlJK
sAf+kH9CsqTa3x+mcDYy8l9teEAXUJWbBYofLljEhMfROqRMJ8yUggBTkE0sAfz8
FmrygVqKldBgeo1R5PM/Yi7m/TGelHz5hwoZ+099hA78B8Vnc6Qr6/mtMaybjaWq
WKWIG2ttI7k3U0sRhEMDzGk1Em/6Kodva6vgbsRriWKfQcX83sd3vl+nTmEJARYw
fk+5Y/Wma/CStja2OLw7admFn9Ay36H5SvT2mFpEp7KqKWBHxYDMmg86iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMHmmGbSjdncl9eeKMN0hoF6CEY2MB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvd2VhWVp0S04yZHlYMTU0b3czU0dnWG9JUmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfwgAwQB
BfwiMA0GCSqGSIb3DQEBCwUAA4IBAQAd7GUi+DflDJmrHqHJO1n25/oN6ikMgqWs
qfoMnx56G9m8vslHPISj/r5PMIWv1ZGfQ2IH56sibLyL0rHaFrbXnT2/FJiwEWFD
2maAu9rmuKwlcmRcwrUjUQVH3qReKubKaYARxtraBN+/94r+ZNSUFgvXrB/IUW1N
HSXErnmNZUXWMKBK6yad/PqeDqk1goEDtp6zQ0kWdOJ+aSkMcCgXWRpBkLDfeTIt
yR07DcLj1mYyxpLyTRVePGY1I1buVA7ll5suiFY1bGE+QUAmAKadH3aLKbWsxbYK
m1wKuMty3QmS84SXUvRyLaODxFgMPArZZlLcSMJ+hrntLabY6re7
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:31:57 2025 by rpki-client