Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wpwHC6-Poxu6SDJgu8vGH-m4Ioo.roa
File: wpwHC6-Poxu6SDJgu8vGH-m4Ioo.roa (raw, json)
Hash identifier: WmqHKfyX/TMrPdPMBnH6rTehuBzS9Hw/upM81OWelH8=
Subject key identifier: C2:9C:07:0B:AF:8F:A3:1B:BA:48:32:60:BB:CB:C6:1F:E9:B8:22:8A
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA595749A826FC35B51D484B66F69D
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wpwHC6-Poxu6SDJgu8vGH-m4Ioo.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204650
IP address blocks: 62.220.118.0/23 maxlen: 24
81.12.43.0/24 maxlen: 24
81.12.77.0/24 maxlen: 24
81.12.100.0/24 maxlen: 24
81.12.102.0/23 maxlen: 23
87.107.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:59:57:49:a8:26:fc:35:b5:1d:48:4b:66:f6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c29c070baf8fa31bba483260bbcbc61fe9b8228a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ab:b8:da:70:01:aa:32:fb:ea:dc:16:9f:79:
62:69:3e:bf:96:47:3d:34:a4:41:0f:49:b7:9c:a7:
f8:96:95:42:e9:9d:29:ac:cb:93:8a:ed:a0:2d:8f:
07:7a:73:65:e5:67:95:ce:ce:94:0c:27:c5:21:d6:
8f:89:8d:56:e6:d3:e1:a6:80:c3:11:df:95:c2:d2:
23:8a:df:b5:89:1a:18:6e:1f:4c:e5:01:3f:be:5a:
73:ca:91:2c:e9:b4:a5:4d:b6:b7:ad:b5:20:ac:49:
35:b5:cb:b9:20:03:4d:64:4d:16:49:7a:a9:d3:10:
5b:f9:47:08:23:b3:d5:f7:d5:84:2c:56:27:2f:ca:
f0:01:d7:98:2f:cf:55:e7:70:b6:e0:58:60:3c:73:
b1:ee:34:78:ea:58:64:1c:8c:45:66:b8:60:d7:79:
01:8d:67:4e:1a:28:cb:78:a6:6d:90:bd:c7:fe:7f:
c4:49:b8:87:2b:a3:cd:d0:37:94:b0:f0:53:2a:4b:
04:34:b0:04:67:1e:05:00:7d:d9:f8:30:d7:da:18:
91:f0:26:24:96:39:6e:b3:92:cd:7d:41:eb:dc:7a:
a2:49:23:e2:73:1b:22:d8:1e:c4:ed:df:b4:17:84:
96:27:d0:40:fb:35:06:e1:dd:d8:94:02:e3:72:b5:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9C:07:0B:AF:8F:A3:1B:BA:48:32:60:BB:CB:C6:1F:E9:B8:22:8A
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wpwHC6-Poxu6SDJgu8vGH-m4Ioo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.118.0/23
81.12.43.0/24
81.12.77.0/24
81.12.100.0/24
81.12.102.0/23
87.107.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:33:7c:19:cc:e0:12:33:2f:7e:57:32:32:8c:00:c4:c3:c3:
1a:6e:3c:8a:c9:bf:51:a6:98:58:68:f5:da:73:4b:8b:b1:18:
31:99:d8:d9:c7:d5:d6:95:91:26:c5:2c:75:1c:e6:3e:61:d9:
1c:11:89:1d:28:d1:cc:11:fb:94:c4:93:17:5e:97:cb:52:a0:
da:63:90:34:45:26:23:db:f0:97:95:7f:79:5c:c3:e3:4b:05:
2d:39:18:e8:2c:a0:19:1b:8f:75:eb:ec:2e:48:d3:de:85:05:
2d:08:e0:db:95:3d:24:43:17:92:76:fd:bf:b1:71:38:41:e6:
2c:ae:5c:7f:a2:f3:8d:65:1f:71:b8:b7:98:e4:e8:17:f4:53:
50:ac:4f:4e:e1:a8:0c:95:d7:cd:1a:55:f3:76:25:26:f6:b3:
54:a6:a6:7d:6d:12:25:33:63:2c:bb:af:7d:bd:e4:00:0e:47:
36:9b:a7:9e:c8:ac:ad:35:fb:53:32:2c:67:6a:fa:ff:d8:e8:
1a:6d:cb:49:22:94:bc:dc:32:45:06:20:27:62:de:11:8f:3e:
58:62:82:e6:60:df:f5:bc:5d:a0:ae:82:69:f1:6c:90:06:7f:
62:4e:4d:d1:5b:be:a0:92:25:ec:b1:69:31:37:27:37:77:11:
e0:a9:6f:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+llXSagm/DW1HUhLZvadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjljMDcwYmFmOGZhMzFiYmE0ODMyNjBiYmNiYzYxZmU5YjgyMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKu42nABqjL76twWn3liaT6/lkc9
NKRBD0m3nKf4lpVC6Z0prMuTiu2gLY8HenNl5WeVzs6UDCfFIdaPiY1W5tPhpoDD
Ed+VwtIjit+1iRoYbh9M5QE/vlpzypEs6bSlTba3rbUgrEk1tcu5IANNZE0WSXqp
0xBb+UcII7PV99WELFYnL8rwAdeYL89V53C24FhgPHOx7jR46lhkHIxFZrhg13kB
jWdOGijLeKZtkL3H/n/ESbiHK6PN0DeUsPBTKksENLAEZx4FAH3Z+DDX2hiR8CYk
ljlus5LNfUHr3HqiSSPicxsi2B7E7d+0F4SWJ9BA+zUG4d3YlALjcrUjbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMKcBwuvj6MbukgyYLvLxh/puCKKMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvd3B3SEM2LVBveHU2U0RKZ3U4dkdILW00SW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPtx2AwQA
UQwrAwQAUQxNAwQAUQxkAwQBUQxmAwQCV2tkMA0GCSqGSIb3DQEBCwUAA4IBAQCi
M3wZzOASMy9+VzIyjADEw8MabjyKyb9RpphYaPXac0uLsRgxmdjZx9XWlZEmxSx1
HOY+YdkcEYkdKNHMEfuUxJMXXpfLUqDaY5A0RSYj2/CXlX95XMPjSwUtORjoLKAZ
G4916+wuSNPehQUtCODblT0kQxeSdv2/sXE4QeYsrlx/ovONZR9xuLeY5OgX9FNQ
rE9O4agMldfNGlXzdiUm9rNUpqZ9bRIlM2Msu699veQADkc2m6eeyKytNftTMixn
avr/2OgabctJIpS83DJFBiAnYt4Rjz5YYoLmYN/1vF2groJp8WyQBn9iTk3RW76g
kiXssWkxNyc3dxHgqW8+
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:44:56 2025 by rpki-client