Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/dwjCitSclr7fGwprU9bQVIbfmCg.roa
File: dwjCitSclr7fGwprU9bQVIbfmCg.roa (raw, json)
Hash identifier: p2lC46dhETK6ft6AVZYruiB24S2hxZ7wuf8RUwFJV9o=
Subject key identifier: 77:08:C2:8A:D4:9C:96:BE:DF:1B:0A:6B:53:D6:D0:54:86:DF:98:28
Certificate issuer: /CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
Certificate serial: 0194222039F558E4F0760ED9074875A344AB
Authority key identifier: 95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/dwjCitSclr7fGwprU9bQVIbfmCg.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59807
IP address blocks: 164.10.0.0/16 maxlen: 24
164.10.0.0/24 maxlen: 24
164.10.26.0/24 maxlen: 24
164.10.29.0/24 maxlen: 24
164.10.30.0/24 maxlen: 24
164.10.32.0/24 maxlen: 24
164.10.45.0/24 maxlen: 24
164.10.46.0/24 maxlen: 24
164.10.47.0/24 maxlen: 24
164.10.48.0/24 maxlen: 24
164.10.49.0/24 maxlen: 24
164.10.50.0/24 maxlen: 24
164.10.60.0/24 maxlen: 24
164.10.61.0/24 maxlen: 24
164.10.79.0/24 maxlen: 24
164.10.252.0/24 maxlen: 24
164.10.255.0/24 maxlen: 24
185.181.88.0/22 maxlen: 24
2a03:2520::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/lWhmVi2fJYMewKzoqdjNDllNcfw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/lWhmVi2fJYMewKzoqdjNDllNcfw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:39:f5:58:e4:f0:76:0e:d9:07:48:75:a3:44:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7708c28ad49c96bedf1b0a6b53d6d05486df9828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e3:ff:d5:6e:b8:31:32:03:0f:01:04:04:4e:
cb:67:3c:4f:54:47:8d:b2:4a:66:2c:ca:29:f3:38:
d7:2b:7c:b1:70:8c:56:55:b3:7e:b6:13:d0:25:02:
42:3d:68:85:c3:50:0f:3d:01:a2:bc:8c:bd:14:b5:
0f:bc:91:45:c0:d8:ff:f1:6c:60:4f:ad:b9:87:1c:
58:5a:ac:97:16:d1:25:c1:79:88:84:f5:36:35:30:
8e:f5:5e:5e:03:bb:29:cd:d5:3f:02:4b:b7:a7:f8:
e3:e2:61:9e:a2:31:e4:b7:0e:f9:18:12:5d:77:7a:
20:a7:f9:a5:b9:3f:93:21:b8:1c:81:b9:79:09:89:
12:8c:a5:97:77:08:93:82:0b:4e:fd:54:f3:e0:22:
70:df:c5:7b:91:c6:5f:91:39:5b:1d:bf:c6:78:5d:
df:3c:37:dd:9b:b7:2d:13:2c:db:b9:97:5a:42:8f:
c0:c1:73:82:83:2b:6a:0a:1f:a2:ae:d5:f6:89:bd:
dc:8e:47:0e:e0:b5:6b:23:73:1d:7f:de:f3:ad:13:
40:2a:c4:77:cb:86:25:ff:dc:a7:6a:58:ed:dd:bc:
a2:3d:f6:27:3b:a2:c6:e6:3f:7d:64:2f:15:1f:61:
19:e6:37:6e:fc:98:6f:c8:7e:3c:42:49:d6:21:d8:
c0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:08:C2:8A:D4:9C:96:BE:DF:1B:0A:6B:53:D6:D0:54:86:DF:98:28
X509v3 Authority Key Identifier:
keyid:95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/dwjCitSclr7fGwprU9bQVIbfmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/lWhmVi2fJYMewKzoqdjNDllNcfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.10.0.0/16
185.181.88.0/22
IPv6:
2a03:2520::/32
Signature Algorithm: sha256WithRSAEncryption
6f:88:0b:63:34:23:d7:c0:f9:da:52:62:ea:d9:27:26:33:20:
67:8d:2b:fd:0d:ac:4a:12:40:b9:b0:5a:a1:95:a0:cb:c4:e2:
a3:22:16:ee:4c:2d:2b:8f:b5:17:5f:aa:32:e2:3b:bd:9f:86:
69:1e:13:9b:9c:cb:3e:65:c2:69:59:0d:25:e2:fd:dc:8f:a6:
24:9f:62:b8:4d:c1:d1:11:0b:87:b1:3e:aa:23:fa:02:8a:a1:
fa:06:ed:48:09:d1:e1:09:fd:d8:c3:cd:db:60:39:4d:52:36:
11:05:30:14:f4:0c:3a:73:52:3a:cc:a0:bf:2a:b1:06:a0:72:
14:59:64:7c:fd:c2:76:a8:3f:e4:53:6b:86:d7:72:e7:bc:bc:
f0:42:37:9d:12:58:98:e5:c7:9f:f0:72:17:f7:19:0b:29:c4:
d7:2f:1f:19:3b:d4:f0:10:66:ac:c4:65:16:95:ee:63:e8:68:
1f:e5:02:3a:83:5f:6f:64:5a:4a:fc:38:99:29:b4:5d:05:c6:
a5:70:83:67:1f:c8:38:2a:93:79:c7:03:81:35:e1:bc:f2:b3:
c7:19:6e:ec:72:b6:1f:74:01:92:af:94:69:d3:9c:f3:0b:a6:
90:87:0f:2f:6e:09:04:1d:94:87:d3:65:ec:43:cd:87:af:fe:
b8:49:58:93
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiIDn1WOTwdg7ZB0h1o0SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njg2NjU2MmQ5ZjI1ODMxZWMwYWNlOGE5ZDhjZDBlNTk0
ZDcxZmMwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA4YzI4YWQ0OWM5NmJlZGYxYjBhNmI1M2Q2ZDA1NDg2ZGY5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOP/1W64MTIDDwEEBE7LZzxPVEeN
skpmLMop8zjXK3yxcIxWVbN+thPQJQJCPWiFw1APPQGivIy9FLUPvJFFwNj/8Wxg
T625hxxYWqyXFtElwXmIhPU2NTCO9V5eA7spzdU/Aku3p/jj4mGeojHktw75GBJd
d3ogp/mluT+TIbgcgbl5CYkSjKWXdwiTggtO/VTz4CJw38V7kcZfkTlbHb/GeF3f
PDfdm7ctEyzbuZdaQo/AwXOCgytqCh+irtX2ib3cjkcO4LVrI3Mdf97zrRNAKsR3
y4Yl/9ynaljt3byiPfYnO6LG5j99ZC8VH2EZ5jdu/JhvyH48QknWIdjAmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHcIworUnJa+3xsKa1PW0FSG35goMB8GA1UdIwQY
MBaAFJVoZlYtnyWDHsCs6KnYzQ5ZTXH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmIt
OWQ3Zjg2ZjBkNDc3LzEvZHdqQ2l0U2NscjdmR3dwclU5YlFWSWJmbUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmItOWQ3Zjg2ZjBkNDc3
LzEvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMApAoDBAK5
tVgwDQQCAAIwBwMFACoDJSAwDQYJKoZIhvcNAQELBQADggEBAG+IC2M0I9fA+dpS
YurZJyYzIGeNK/0NrEoSQLmwWqGVoMvE4qMiFu5MLSuPtRdfqjLiO72fhmkeE5uc
yz5lwmlZDSXi/dyPpiSfYrhNwdERC4exPqoj+gKKofoG7UgJ0eEJ/djDzdtgOU1S
NhEFMBT0DDpzUjrMoL8qsQagchRZZHz9wnaoP+RTa4bXcue8vPBCN50SWJjlx5/w
chf3GQspxNcvHxk71PAQZqzEZRaV7mPoaB/lAjqDX29kWkr8OJkptF0FxqVwg2cf
yDgqk3nHA4E14bzys8cZbuxyth90AZKvlGnTnPMLppCHDy9uCQQdlIfTZexDzYev
/rhJWJM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:07:41 2025 by rpki-client