Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/wlqxE5iuLQB304PN7hVNM4_5h14.roa
File: wlqxE5iuLQB304PN7hVNM4_5h14.roa (raw, json)
Hash identifier: xdHQ2e13Tky6CrFmxy2+w5Er25IzDfQGHtx/iyo+wSA=
Subject key identifier: C2:5A:B1:13:98:AE:2D:00:77:D3:83:CD:EE:15:4D:33:8F:F9:87:5E
Certificate issuer: /CN=a0a154441df9623eeb5a196138d21bef5824b441
Certificate serial: 019421B19EF8B6DDBD2137BD0CFCCC97F1F6
Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/wlqxE5iuLQB304PN7hVNM4_5h14.roa
Signing time: Wed 01 Jan 2025 11:47:56 +0000
ROA not before: Wed 01 Jan 2025 11:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34049
IP address blocks: 77.240.181.0/24 maxlen: 24
81.19.12.0/23 maxlen: 23
81.19.14.0/24 maxlen: 24
2a02:e98:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9e:f8:b6:dd:bd:21:37:bd:0c:fc:cc:97:f1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441
Validity
Not Before: Jan 1 11:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c25ab11398ae2d0077d383cdee154d338ff9875e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:8c:80:05:d9:51:33:51:92:50:c0:c3:5e:
b5:32:9d:fc:aa:3f:41:09:12:6e:38:3a:2e:37:32:
80:90:6e:16:96:41:63:81:d6:c2:ec:7a:1f:be:67:
03:2b:b3:72:07:3a:14:0a:2b:06:91:78:57:16:3c:
3a:6d:18:a1:e7:5a:9d:7d:c5:3b:31:ab:2b:53:c5:
2e:d1:b1:18:2a:24:81:71:1e:a7:a2:7b:68:d1:09:
ff:72:70:d8:2e:24:95:05:8e:bd:d9:38:84:27:e6:
cd:56:06:ca:76:2d:36:1f:01:23:f3:98:fd:e1:21:
06:4d:87:1a:e0:d6:10:38:75:57:16:5f:ab:2a:12:
dc:c4:09:79:24:d5:45:b6:55:0d:48:35:a7:b7:b7:
0d:0b:b0:61:43:b3:e3:21:17:cb:d0:a8:9d:19:67:
1a:5c:17:8b:c8:f4:d9:95:10:0f:29:b3:f2:5f:82:
33:0e:3e:5f:a8:f6:5a:c6:68:bd:5b:c2:12:8f:5c:
f8:bf:ec:cb:68:d8:43:7e:1c:55:47:27:24:6f:b8:
f4:83:a1:94:c9:9e:b8:fa:ab:a6:26:95:e4:73:b2:
71:a8:7c:31:a8:fc:50:ea:b9:02:1c:e4:ff:92:5f:
e6:4f:05:36:d1:a2:05:14:2d:76:29:68:52:56:77:
96:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5A:B1:13:98:AE:2D:00:77:D3:83:CD:EE:15:4D:33:8F:F9:87:5E
X509v3 Authority Key Identifier:
keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/wlqxE5iuLQB304PN7hVNM4_5h14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.181.0/24
81.19.12.0-81.19.14.255
IPv6:
2a02:e98:c000::/34
Signature Algorithm: sha256WithRSAEncryption
4d:e8:5c:62:ec:dc:87:0f:95:23:8f:7d:fc:12:63:e5:44:d3:
74:c3:f4:1b:e7:4c:79:40:86:bd:77:b1:b4:3b:1f:8a:81:8a:
16:fc:ad:64:56:da:21:c4:50:05:de:da:2a:93:5b:78:30:28:
aa:1a:d3:00:49:cd:98:ee:ea:15:ae:0f:c6:1c:6f:4b:ef:cc:
08:47:cb:99:dd:b0:8b:0c:67:85:f8:4a:5f:88:10:98:62:8c:
5c:62:53:82:03:4e:2e:86:d3:87:9f:fc:42:12:8c:cb:fc:fe:
59:36:07:7a:2f:86:c0:38:cc:da:29:2a:90:d0:04:00:02:eb:
94:c4:d6:98:c8:b8:27:3b:95:d6:f8:60:bb:b4:f6:fa:f7:92:
c0:36:94:69:b3:26:8d:f6:a2:d4:15:90:bf:13:33:c2:93:83:
c6:5d:a8:ce:7f:80:d6:60:e9:6e:e0:d4:09:14:42:29:f3:70:
18:40:37:51:8e:4b:f9:02:a0:ca:32:f2:a1:6a:16:79:ce:4f:
65:4f:8d:39:e8:97:e2:fb:40:ae:5a:04:7d:f4:9c:73:b5:1a:
97:7d:0a:a3:ee:56:b3:06:7c:d8:d3:56:be:c5:e7:90:38:ec:
1c:50:57:fb:83:c7:bd:71:7f:1d:d3:ed:5b:b2:64:5b:f9:b6:
2c:4d:fa:e2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhsZ74tt29ITe9DPzMl/H2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy
NGI0NDEwHhcNMjUwMTAxMTE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjVhYjExMzk4YWUyZDAwNzdkMzgzY2RlZTE1NGQzMzhmZjk4NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3SMgAXZUTNRklDAw161Mp38qj9B
CRJuODouNzKAkG4WlkFjgdbC7HofvmcDK7NyBzoUCisGkXhXFjw6bRih51qdfcU7
MasrU8Uu0bEYKiSBcR6nonto0Qn/cnDYLiSVBY692TiEJ+bNVgbKdi02HwEj85j9
4SEGTYca4NYQOHVXFl+rKhLcxAl5JNVFtlUNSDWnt7cNC7BhQ7PjIRfL0KidGWca
XBeLyPTZlRAPKbPyX4IzDj5fqPZaxmi9W8ISj1z4v+zLaNhDfhxVRyckb7j0g6GU
yZ64+qumJpXkc7JxqHwxqPxQ6rkCHOT/kl/mTwU20aIFFC12KWhSVneWmQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMJasROYri0Ad9ODze4VTTOP+YdeMB8GA1UdIwQY
MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt
OWQ5NDM2NzFhOGEzLzEvd2xxeEU1aXVMUUIzMDRQTjdoVk5NNF81aDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz
LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQATfC1MAwD
BAJREwwDBABREw4wDgQCAAIwCAMGBioCDpjAMA0GCSqGSIb3DQEBCwUAA4IBAQBN
6Fxi7NyHD5Ujj338EmPlRNN0w/Qb50x5QIa9d7G0Ox+KgYoW/K1kVtohxFAF3toq
k1t4MCiqGtMASc2Y7uoVrg/GHG9L78wIR8uZ3bCLDGeF+EpfiBCYYoxcYlOCA04u
htOHn/xCEozL/P5ZNgd6L4bAOMzaKSqQ0AQAAuuUxNaYyLgnO5XW+GC7tPb695LA
NpRpsyaN9qLUFZC/EzPCk4PGXajOf4DWYOlu4NQJFEIp83AYQDdRjkv5AqDKMvKh
ahZ5zk9lT4056Jfi+0CuWgR99JxztRqXfQqj7lazBnzY01a+xeeQOOwcUFf7g8e9
cX8d0+1bsmRb+bYsTfri
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:36 2025 by rpki-client