Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ww6bcPmbLKJQ-zUk2p5-Wy9lucY.roa
File: ww6bcPmbLKJQ-zUk2p5-Wy9lucY.roa (raw, json)
Hash identifier: QH892e9WGTDQLQHZzSGe7wEs2TBzNNNbOYNdRKOwJKc=
Subject key identifier: C3:0E:9B:70:F9:9B:2C:A2:50:FB:35:24:DA:9E:7E:5B:2F:65:B9:C6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01948E2C790EE377B606F52843BB557BF392
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ww6bcPmbLKJQ-zUk2p5-Wy9lucY.roa
Signing time: Wed 22 Jan 2025 13:21:06 +0000
ROA not before: Wed 22 Jan 2025 13:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214216
IP address blocks: 2a10:32c0::/29 maxlen: 29
2a10:5400::/29 maxlen: 29
2a11:7a40::/29 maxlen: 29
2a11:cb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:2c:79:0e:e3:77:b6:06:f5:28:43:bb:55:7b:f3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 22 13:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c30e9b70f99b2ca250fb3524da9e7e5b2f65b9c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9b:65:1a:6d:c9:90:32:8d:77:23:02:cc:70:
48:3a:9e:02:1f:47:b5:b7:22:af:93:39:9b:4b:08:
e7:77:18:53:8e:d7:d3:c4:5e:52:0f:65:50:a9:4d:
85:3e:75:fa:18:b2:a7:9a:cb:0e:22:4c:95:20:87:
40:aa:ea:77:04:d5:0e:49:45:47:ad:28:37:a5:3f:
7a:7c:34:ab:58:ea:33:08:71:83:0f:65:d6:29:73:
44:72:4d:f9:1e:26:f8:73:69:d4:80:aa:26:fb:5b:
fc:49:de:44:50:a5:1a:c5:90:f4:20:75:e6:e5:3d:
ea:5d:35:4c:d1:ac:3a:bd:cc:0d:85:12:a3:0e:70:
70:7b:f9:f8:95:ab:8f:69:85:f0:61:ae:6a:63:98:
a7:a3:ab:37:c0:e6:cf:69:ad:5e:0d:80:3f:67:8a:
a5:6b:3b:f5:2b:f8:b8:7d:85:11:d2:c9:1e:53:a0:
e5:af:96:2c:ba:80:f5:e3:fb:c1:2a:86:ea:e0:81:
e8:02:66:07:b1:bc:c8:30:68:3d:73:73:59:ed:a5:
bf:fa:d7:6f:9e:fb:92:3f:f1:8b:7b:c0:47:24:9f:
8a:38:cd:66:5f:f4:76:eb:90:76:f6:5f:f7:fd:70:
7c:b8:76:5c:68:f0:51:b2:a4:34:9b:8d:0b:f5:c6:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:0E:9B:70:F9:9B:2C:A2:50:FB:35:24:DA:9E:7E:5B:2F:65:B9:C6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ww6bcPmbLKJQ-zUk2p5-Wy9lucY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:32c0::/29
2a10:5400::/29
2a11:7a40::/29
2a11:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:81:47:fe:3d:8a:b6:de:89:ae:87:6c:49:5f:c5:03:7b:c9:
ac:06:17:77:da:91:b0:aa:a3:79:0e:f1:17:36:e4:6b:2d:bd:
a4:8e:a9:84:d8:b1:d9:79:06:22:d6:06:c9:dc:2a:63:92:9c:
85:13:bf:44:27:0b:df:44:f4:f5:b1:d5:03:7f:84:41:7f:d9:
d9:3b:fe:62:22:6d:a9:04:63:85:47:56:56:ac:5c:2e:9e:77:
65:7a:4b:98:03:9a:42:60:3e:c1:e2:0d:a1:d9:d2:60:f1:1c:
4c:39:08:c8:c5:2c:33:d3:6c:31:ad:ed:85:57:f0:b5:20:db:
9d:56:fd:8e:da:5b:15:00:92:b4:55:86:5f:f8:53:f8:c4:a5:
e4:87:43:f8:f3:6a:40:ed:63:b4:14:d2:65:43:89:1c:6d:c3:
0a:ad:ca:16:e6:9d:79:76:a5:ab:5a:86:d5:ef:97:80:7b:15:
32:c8:83:76:14:40:95:7d:3f:61:60:6b:9f:4b:68:ac:a8:71:
b5:7a:21:61:ba:cd:13:b5:68:9d:f6:2f:33:b0:2f:6f:d2:71:
c5:70:64:61:98:c8:f0:52:16:62:31:f9:ef:83:11:d9:69:4f:
30:d5:8a:e3:96:14:25:d3:ec:a1:8a:d6:32:60:4a:2d:9e:45:
76:e6:4e:7d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZSOLHkO43e2BvUoQ7tVe/OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTIyMTMyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzBlOWI3MGY5OWIyY2EyNTBmYjM1MjRkYTllN2U1YjJmNjViOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45tlGm3JkDKNdyMCzHBIOp4CH0e1
tyKvkzmbSwjndxhTjtfTxF5SD2VQqU2FPnX6GLKnmssOIkyVIIdAqup3BNUOSUVH
rSg3pT96fDSrWOozCHGDD2XWKXNEck35Hib4c2nUgKom+1v8Sd5EUKUaxZD0IHXm
5T3qXTVM0aw6vcwNhRKjDnBwe/n4lauPaYXwYa5qY5ino6s3wObPaa1eDYA/Z4ql
azv1K/i4fYUR0skeU6Dlr5YsuoD14/vBKobq4IHoAmYHsbzIMGg9c3NZ7aW/+tdv
nvuSP/GLe8BHJJ+KOM1mX/R265B29l/3/XB8uHZcaPBRsqQ0m40L9caeTQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMMOm3D5myyiUPs1JNqeflsvZbnGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvd3c2YmNQbWJMS0pRLXpVazJwNS1XeTlsdWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhAywAMF
AyoQVAADBQMqEXpAAwUDKhHLQDANBgkqhkiG9w0BAQsFAAOCAQEAbYFH/j2Ktt6J
rodsSV/FA3vJrAYXd9qRsKqjeQ7xFzbkay29pI6phNix2XkGItYGydwqY5KchRO/
RCcL30T09bHVA3+EQX/Z2Tv+YiJtqQRjhUdWVqxcLp53ZXpLmAOaQmA+weINodnS
YPEcTDkIyMUsM9NsMa3thVfwtSDbnVb9jtpbFQCStFWGX/hT+MSl5IdD+PNqQO1j
tBTSZUOJHG3DCq3KFuadeXalq1qG1e+XgHsVMsiDdhRAlX0/YWBrn0torKhxtXoh
YbrNE7VonfYvM7Avb9JxxXBkYZjI8FIWYjH574MR2WlPMNWK45YUJdPsoYrWMmBK
LZ5FduZOfQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:53:29 2025 by rpki-client