Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/U48ecbKwcHeg61Lsn-9oJV9fZ1M.roa
File: U48ecbKwcHeg61Lsn-9oJV9fZ1M.roa (raw, json)
Hash identifier: 4OZhDTAYRi1p6Bim6OrHHauK8Tj1XNwxbEYFfDDGDS8=
Subject key identifier: 53:8F:1E:71:B2:B0:70:77:A0:EB:52:EC:9F:EF:68:25:5F:5F:67:53
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 01942522382BC1D652C178E966291DFDBC5D
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/U48ecbKwcHeg61Lsn-9oJV9fZ1M.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13280
IP address blocks: 31.200.128.0/18 maxlen: 24
62.40.32.0/19 maxlen: 24
80.233.0.0/17 maxlen: 24
83.136.40.0/21 maxlen: 24
89.204.160.0/19 maxlen: 24
89.204.160.0/20 maxlen: 24
89.204.192.0/18 maxlen: 24
92.251.128.0/17 maxlen: 24
92.251.240.0/21 maxlen: 24
95.83.192.0/18 maxlen: 24
95.83.229.0/24 maxlen: 24
178.167.128.0/17 maxlen: 24
185.60.124.0/22 maxlen: 24
213.191.224.0/19 maxlen: 24
2a00:8680::/32 maxlen: 32
2a02:6880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:38:2b:c1:d6:52:c1:78:e9:66:29:1d:fd:bc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=538f1e71b2b07077a0eb52ec9fef68255f5f6753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b4:3a:11:0d:29:06:51:f6:ce:e2:ac:64:a0:
ec:70:4c:ad:48:a4:2a:3c:39:86:69:99:f9:55:bf:
ae:47:e4:3a:a4:ee:86:51:6c:c1:37:91:f7:b9:25:
17:52:17:57:45:ee:8e:d1:29:9e:72:44:11:9f:07:
15:ce:9f:14:2f:ae:34:64:6b:bc:7a:95:1b:5d:f5:
81:38:f0:39:28:0e:60:6b:d0:88:05:39:3f:1f:c3:
06:46:14:9c:44:07:31:1e:07:48:88:74:39:fe:2f:
63:b0:24:3e:0b:b5:26:c2:95:25:a6:68:2c:6b:4c:
8f:41:0f:4a:24:bd:27:8c:28:05:2e:00:7b:34:86:
b7:0b:e0:5a:42:10:61:d8:97:e5:2d:c1:ca:41:3f:
ab:e6:ad:31:85:55:33:7f:15:b2:9e:ce:13:49:e2:
9d:1f:7e:e6:98:42:bb:d6:6c:0c:7f:e2:78:ce:1a:
61:89:0e:81:e3:46:d6:51:33:a4:1e:1f:f9:28:f5:
3a:91:70:9b:08:b8:d4:b0:51:f3:83:e5:4e:e9:ce:
a8:ab:37:73:31:f5:d1:f7:61:3d:d9:db:71:1d:d8:
ea:a5:4d:e2:62:19:fa:c5:89:7b:36:f0:36:8f:21:
11:b0:aa:20:05:31:33:1f:88:7e:a1:a7:2b:aa:c3:
3e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8F:1E:71:B2:B0:70:77:A0:EB:52:EC:9F:EF:68:25:5F:5F:67:53
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/U48ecbKwcHeg61Lsn-9oJV9fZ1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.128.0/18
62.40.32.0/19
80.233.0.0/17
83.136.40.0/21
89.204.160.0-89.204.255.255
92.251.128.0/17
95.83.192.0/18
178.167.128.0/17
185.60.124.0/22
213.191.224.0/19
IPv6:
2a00:8680::/32
2a02:6880::/32
Signature Algorithm: sha256WithRSAEncryption
36:42:47:09:eb:e2:f3:43:a4:6e:7f:e3:14:f5:e0:e1:34:0d:
f0:2a:cd:47:31:30:c9:9e:41:d8:5a:05:08:49:1e:0a:6b:93:
a2:34:09:5e:c7:0f:9c:fe:62:b9:22:d7:d9:6c:94:21:fe:3b:
71:30:d2:6c:fd:d5:2d:54:ff:8f:87:1b:75:87:12:5f:04:8c:
90:7a:9d:3d:e8:9a:4b:17:e3:e5:bf:2a:28:d8:b8:49:a9:dc:
05:69:f7:d0:5d:25:d4:4e:05:38:b2:92:7d:9f:15:fc:e8:31:
66:04:e6:53:3e:e4:66:86:8e:2b:db:d3:6e:ad:82:69:13:8b:
21:82:8f:16:6b:21:d7:3f:4a:9f:a3:fe:84:a5:03:f3:73:b5:
e0:f7:cf:2a:cd:f5:df:b1:5c:f9:81:df:1e:c0:62:d2:fa:6b:
58:d3:a8:3e:e9:17:e6:38:be:f6:4a:66:5d:3d:df:be:db:12:
b0:f8:f5:30:ad:f2:a4:42:60:02:70:69:00:0e:ca:7f:59:66:
32:86:02:ad:82:a0:3f:cf:4f:02:71:39:be:9c:4c:b3:00:fe:
d0:d3:3c:dd:cc:a1:b9:eb:3f:01:bf:41:c1:3b:cc:8e:7e:6e:
15:1f:13:b5:0d:31:dd:64:34:1d:3b:31:ff:49:ac:8e:43:5e:
62:c7:8b:d8
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQlIjgrwdZSwXjpZikd/bxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhmMWU3MWIyYjA3MDc3YTBlYjUyZWM5ZmVmNjgyNTVmNWY2NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibQ6EQ0pBlH2zuKsZKDscEytSKQq
PDmGaZn5Vb+uR+Q6pO6GUWzBN5H3uSUXUhdXRe6O0SmeckQRnwcVzp8UL640ZGu8
epUbXfWBOPA5KA5ga9CIBTk/H8MGRhScRAcxHgdIiHQ5/i9jsCQ+C7UmwpUlpmgs
a0yPQQ9KJL0njCgFLgB7NIa3C+BaQhBh2JflLcHKQT+r5q0xhVUzfxWyns4TSeKd
H37mmEK71mwMf+J4zhphiQ6B40bWUTOkHh/5KPU6kXCbCLjUsFHzg+VO6c6oqzdz
MfXR92E92dtxHdjqpU3iYhn6xYl7NvA2jyERsKogBTEzH4h+oacrqsM+twIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFFOPHnGysHB3oOtS7J/vaCVfX2dTMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvVTQ4ZWNiS3djSGVnNjFMc24tOW9KVjlmWjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBJBAIAATBDAwQGH8iAAwQF
PiggAwQHUOkAAwQDU4goMAsDBAVZzKADAwBZzAMEB1z7gAMEBl9TwAMEB7KngAME
Ark8fAMEBdW/4DAUBAIAAjAOAwUAKgCGgAMFACoCaIAwDQYJKoZIhvcNAQELBQAD
ggEBADZCRwnr4vNDpG5/4xT14OE0DfAqzUcxMMmeQdhaBQhJHgprk6I0CV7HD5z+
Yrki19lslCH+O3Ew0mz91S1U/4+HG3WHEl8EjJB6nT3omksX4+W/KijYuEmp3AVp
99BdJdROBTiykn2fFfzoMWYE5lM+5GaGjivb026tgmkTiyGCjxZrIdc/Sp+j/oSl
A/NzteD3zyrN9d+xXPmB3x7AYtL6a1jTqD7pF+Y4vvZKZl09377bErD49TCt8qRC
YAJwaQAOyn9ZZjKGAq2CoD/PTwJxOb6cTLMA/tDTPN3MobnrPwG/QcE7zI5+bhUf
E7UNMd1kNB07Mf9JrI5DXmLHi9g=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:36:59 2025 by rpki-client