Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wyb52zGEnneuzfD2tuztnuglkZM.roa
File: Wyb52zGEnneuzfD2tuztnuglkZM.roa (raw, json)
Hash identifier: pRaWUV+rJLCM+NItD33S9b/zkSegxof0Tte2Clq6a78=
Subject key identifier: 5B:26:F9:DB:31:84:9E:77:AE:CD:F0:F6:B6:EC:ED:9E:E8:25:91:93
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 0194221FA4ED5D5B8DA47ABDAF6322C6D4C0
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wyb52zGEnneuzfD2tuztnuglkZM.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39767
IP address blocks: 78.158.72.0/21 maxlen: 21
78.158.80.0/20 maxlen: 21
185.90.140.0/22 maxlen: 22
194.88.12.0/23 maxlen: 23
2a05:e200::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a4:ed:5d:5b:8d:a4:7a:bd:af:63:22:c6:d4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b26f9db31849e77aecdf0f6b6eced9ee8259193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:72:1a:c5:f7:84:1e:16:34:1e:61:45:db:76:
1e:34:2c:4d:96:13:a0:a8:84:79:10:c9:52:d5:dd:
b1:eb:0a:af:be:d0:a6:90:17:08:a2:94:1b:40:b4:
42:32:b0:9a:25:f9:27:98:ac:8d:68:80:e3:b2:aa:
d0:b3:37:36:35:a5:ce:59:f9:25:48:ff:a4:a4:87:
2c:70:30:33:4f:36:07:1d:69:ae:22:5f:aa:5d:83:
e7:83:fc:fe:c4:51:8b:98:87:aa:8d:84:31:c4:58:
6c:5b:7d:03:b9:17:33:dc:f9:b8:32:95:8e:9e:0f:
b7:c1:03:d2:2a:78:ec:47:89:ff:ef:98:5d:9a:31:
73:ca:45:87:a1:12:61:df:dd:6a:5d:c3:3f:b7:99:
ae:1e:61:35:6e:23:14:11:04:03:8e:b2:3a:44:8d:
23:44:c6:d0:81:16:36:9a:fa:06:ac:e4:60:84:e8:
ef:4d:36:7e:18:98:14:c0:a2:f0:c0:52:b0:0b:94:
31:1e:a9:c2:37:a2:f2:73:54:6d:71:7e:ed:31:90:
3d:a0:0e:8a:ff:bc:b1:80:73:c6:e0:f2:8e:8f:22:
b4:fc:98:2b:1e:84:d6:ba:4c:13:4a:1a:e3:e8:55:
1e:ed:48:78:ec:24:6b:10:5d:81:d2:f9:9a:d7:c5:
3c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:26:F9:DB:31:84:9E:77:AE:CD:F0:F6:B6:EC:ED:9E:E8:25:91:93
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wyb52zGEnneuzfD2tuztnuglkZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.72.0-78.158.95.255
185.90.140.0/22
194.88.12.0/23
IPv6:
2a05:e200::/29
Signature Algorithm: sha256WithRSAEncryption
23:a4:ba:04:07:34:b9:b4:cc:82:9a:ca:16:a6:3d:95:57:3f:
0f:4f:97:2b:70:3c:e9:6f:0d:2e:90:88:6c:a9:7a:d4:7f:40:
6d:d3:8b:d6:ab:2d:c7:97:c8:eb:c0:e8:9a:d2:41:af:27:57:
08:dd:c7:08:d9:2d:64:42:14:6a:ae:2f:b9:9c:d9:c6:6e:9e:
5d:3c:63:2b:07:56:37:ed:a2:12:c9:a4:30:1c:f9:fe:b3:e7:
a2:01:c2:f0:65:d9:59:0e:6d:a4:54:bf:a5:e6:f6:ba:f2:42:
05:15:2c:29:f6:b5:c1:12:d5:c1:53:ee:fd:00:5d:c1:e4:3b:
0e:39:b7:b4:ca:d5:b6:c3:51:bd:c0:7b:e7:42:5b:7b:98:91:
fb:1a:e6:58:fa:aa:33:fc:7f:c6:07:7b:5a:56:b5:de:ea:ab:
13:6b:6b:af:d3:58:43:d7:a6:26:1f:51:70:bb:fd:f9:9c:ac:
43:99:fc:9c:06:1c:e4:c2:f5:3a:cf:84:e5:46:41:b4:fe:1b:
a6:30:c3:65:93:84:54:bf:85:f6:c8:da:e1:04:52:37:9a:d6:
cf:5e:ea:39:41:27:91:b9:92:6c:d3:07:9f:12:32:ea:85:de:
c8:83:55:2b:9a:79:b6:5e:ee:dd:e5:b5:ca:cf:66:38:ff:8b:
3c:fd:d7:bc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQiH6TtXVuNpHq9r2MixtTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjI2ZjlkYjMxODQ5ZTc3YWVjZGYwZjZiNmVjZWQ5ZWU4MjU5MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HIaxfeEHhY0HmFF23YeNCxNlhOg
qIR5EMlS1d2x6wqvvtCmkBcIopQbQLRCMrCaJfknmKyNaIDjsqrQszc2NaXOWfkl
SP+kpIcscDAzTzYHHWmuIl+qXYPng/z+xFGLmIeqjYQxxFhsW30DuRcz3Pm4MpWO
ng+3wQPSKnjsR4n/75hdmjFzykWHoRJh391qXcM/t5muHmE1biMUEQQDjrI6RI0j
RMbQgRY2mvoGrORghOjvTTZ+GJgUwKLwwFKwC5QxHqnCN6Lyc1RtcX7tMZA9oA6K
/7yxgHPG4PKOjyK0/JgrHoTWukwTShrj6FUe7Uh47CRrEF2B0vma18U8bwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFsm+dsxhJ53rs3w9rbs7Z7oJZGTMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvV3liNTJ6R0VubmV1emZEMnR1enRudWdsa1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANOnkgD
BAVOnkADBAK5WowDBAHCWAwwDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcNAQELBQAD
ggEBACOkugQHNLm0zIKayhamPZVXPw9PlytwPOlvDS6QiGypetR/QG3Ti9arLceX
yOvA6JrSQa8nVwjdxwjZLWRCFGquL7mc2cZunl08YysHVjftohLJpDAc+f6z56IB
wvBl2VkObaRUv6Xm9rryQgUVLCn2tcES1cFT7v0AXcHkOw45t7TK1bbDUb3Ae+dC
W3uYkfsa5lj6qjP8f8YHe1pWtd7qqxNra6/TWEPXpiYfUXC7/fmcrEOZ/JwGHOTC
9TrPhOVGQbT+G6Yww2WThFS/hfbI2uEEUjea1s9e6jlBJ5G5kmzTB58SMuqF3siD
VSuaebZe7t3ltcrPZjj/izz917w=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:53 2025 by rpki-client