Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WnWaIj4G2XjvWdcJREtRL9ZUI7E.roa
File: WnWaIj4G2XjvWdcJREtRL9ZUI7E.roa (raw, json)
Hash identifier: 6PwcF0gAK6spH4aO9sbOGzA4PRcoj/C4y+KD60SKANk=
Subject key identifier: 5A:75:9A:22:3E:06:D9:78:EF:59:D7:09:44:4B:51:2F:D6:54:23:B1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01963EB329D7CE7F9D457BDC86F79B55A3A7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WnWaIj4G2XjvWdcJREtRL9ZUI7E.roa
Signing time: Wed 16 Apr 2025 13:04:10 +0000
ROA not before: Wed 16 Apr 2025 13:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:b3:29:d7:ce:7f:9d:45:7b:dc:86:f7:9b:55:a3:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 16 13:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a759a223e06d978ef59d709444b512fd65423b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:88:0e:c5:c0:5e:6c:65:dd:83:58:08:4f:49:
ff:9e:ec:cb:2b:ff:19:78:04:39:93:89:c8:da:57:
e6:db:58:f0:d3:f7:16:c4:23:c8:15:b7:f3:94:27:
ad:a1:d7:35:41:8e:2a:f6:35:52:79:7e:1e:d8:6a:
5a:0d:a4:9c:46:b8:fd:a3:52:2c:52:ff:c6:2d:00:
80:bb:ef:28:25:b9:72:76:07:48:91:b5:86:0e:46:
66:54:f4:8d:c5:c8:71:11:48:0f:a6:93:8a:8a:3b:
66:67:7e:c7:f1:e7:36:11:9e:6a:1c:13:e1:d2:b2:
18:27:61:43:e0:9a:3f:b8:8a:a9:7a:c6:1e:5b:ac:
03:cf:13:e0:3f:ab:84:43:a3:55:fb:b2:71:98:71:
2d:ef:80:f8:c4:ed:8e:bc:76:6b:1b:d4:92:a9:22:
6d:fe:6e:32:a8:3b:d6:22:54:b6:b2:da:c1:e8:ca:
3a:80:14:8a:28:18:c2:4d:38:8a:a1:67:d2:09:53:
30:b7:26:3a:45:e4:58:69:20:c1:09:18:f6:0b:a0:
23:ba:3b:c0:d1:b6:e1:7e:4d:51:32:29:26:47:d3:
2c:34:84:ab:8e:39:6e:0a:a5:90:ff:47:01:c6:f0:
9e:1d:fa:39:82:7c:ea:2a:59:57:df:aa:02:2f:f4:
ba:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:75:9A:22:3E:06:D9:78:EF:59:D7:09:44:4B:51:2F:D6:54:23:B1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WnWaIj4G2XjvWdcJREtRL9ZUI7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.213.0/24
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
54:2a:40:ad:a1:08:b1:b1:fc:47:42:1d:b3:78:73:cb:4c:72:
ce:dc:f2:3f:b9:8b:68:9d:61:75:32:84:e5:87:3a:76:fa:a4:
d2:66:b0:d8:7c:6b:0d:41:97:a9:4a:ef:d1:45:39:8c:f3:60:
62:95:d3:ba:e2:68:e1:62:c3:10:d5:6f:52:78:7c:ca:1c:d7:
49:05:cb:a4:59:9b:f2:34:ac:68:28:a7:7c:bb:54:67:cc:b6:
16:a9:28:63:95:12:f7:37:0b:f6:37:9d:58:08:da:0f:3f:69:
9d:ba:50:83:dc:3a:e3:c3:a2:0d:e0:8c:6f:e1:75:65:0f:a1:
a9:45:7d:46:81:01:50:31:2d:d4:da:26:18:cd:29:e8:d4:c8:
85:49:96:51:94:0f:41:cc:6b:07:5d:8c:85:aa:0b:de:a7:6e:
6a:06:67:53:22:8b:f5:7d:ed:a2:f1:59:29:86:ac:db:fd:6e:
b7:48:f7:03:25:c1:00:4c:34:b8:d0:2b:d3:52:50:58:5f:b3:
e7:23:26:36:f5:da:ab:8e:a8:9c:31:89:50:e5:bd:7d:67:c0:
de:27:cc:3b:b4:1e:c9:c9:89:98:5c:0f:1c:f5:ff:e9:8c:9a:
be:37:4e:c2:95:11:09:6f:02:f0:6e:e9:9d:11:bd:15:22:bd:
13:1f:d0:1e
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZY+synXzn+dRXvchvebVaOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDE2MTMwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTc1OWEyMjNlMDZkOTc4ZWY1OWQ3MDk0NDRiNTEyZmQ2NTQyM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYgOxcBebGXdg1gIT0n/nuzLK/8Z
eAQ5k4nI2lfm21jw0/cWxCPIFbfzlCetodc1QY4q9jVSeX4e2GpaDaScRrj9o1Is
Uv/GLQCAu+8oJblydgdIkbWGDkZmVPSNxchxEUgPppOKijtmZ37H8ec2EZ5qHBPh
0rIYJ2FD4Jo/uIqpesYeW6wDzxPgP6uEQ6NV+7JxmHEt74D4xO2OvHZrG9SSqSJt
/m4yqDvWIlS2strB6Mo6gBSKKBjCTTiKoWfSCVMwtyY6ReRYaSDBCRj2C6AjujvA
0bbhfk1RMikmR9MsNISrjjluCqWQ/0cBxvCeHfo5gnzqKllX36oCL/S6twIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFFp1miI+Btl471nXCURLUS/WVCOxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV25XYUlqNEcyWGp2V2RjSlJFdFJMOVpVSTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBkQQCAAEwgYoDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAAtg9UDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBABV0YADBABncisDBABxHpoDBAC5eqsDBAC5
fkADBAC5fkIDBADBCNcDBADBF/UDBADBGxMDBADCIR0DBADDnsAwGAQCAAIwEgMH
ACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEAVCpAraEIsbH8R0Id
s3hzy0xyztzyP7mLaJ1hdTKE5Yc6dvqk0maw2HxrDUGXqUrv0UU5jPNgYpXTuuJo
4WLDENVvUnh8yhzXSQXLpFmb8jSsaCinfLtUZ8y2FqkoY5US9zcL9jedWAjaDz9p
nbpQg9w648OiDeCMb+F1ZQ+hqUV9RoEBUDEt1NomGM0p6NTIhUmWUZQPQcxrB12M
haoL3qduagZnUyKL9X3tovFZKYas2/1ut0j3AyXBAEw0uNAr01JQWF+z5yMmNvXa
q46onDGJUOW9fWfA3ifMO7QeycmJmFwPHPX/6YyavjdOwpURCW8C8G7pnRG9FSK9
Ex/QHg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:32 2025 by rpki-client