Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/wciPWRp0S7jDGsgBUMCQv3rtcf0.roa
File: wciPWRp0S7jDGsgBUMCQv3rtcf0.roa (raw, json)
Hash identifier: nUbkTnm2+bif0gS51JkC+xvx+yRO0T+FclDoI4aytYY=
Subject key identifier: C1:C8:8F:59:1A:74:4B:B8:C3:1A:C8:01:50:C0:90:BF:7A:ED:71:FD
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 019424B3D95DA11757DC8A5561347036A1CD
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/wciPWRp0S7jDGsgBUMCQv3rtcf0.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207996
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
2a09:2940::/29 maxlen: 48
2a0a:e5c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d9:5d:a1:17:57:dc:8a:55:61:34:70:36:a1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1c88f591a744bb8c31ac80150c090bf7aed71fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:81:26:eb:7c:7d:77:30:34:c4:7f:d9:8e:3b:
e4:f7:af:a2:fa:63:9f:88:d8:d8:fc:a6:6b:29:fe:
f6:a2:ca:ee:39:ef:27:0d:1b:33:e9:2d:66:ec:7b:
11:62:23:89:2e:6a:5f:af:c7:cc:51:75:b1:87:3b:
07:38:cf:2d:68:ee:9e:17:50:36:1d:f0:45:a8:26:
bb:90:fc:51:a7:18:f2:f0:b3:bb:10:73:e3:4b:18:
13:92:38:d3:7f:0e:3e:26:7f:d5:fa:9b:19:65:bc:
07:2c:07:e7:f3:25:17:81:1e:16:ed:32:7f:83:98:
48:be:eb:36:3c:a3:5f:d4:2b:78:38:c9:f0:11:b2:
63:4c:1e:b3:29:7f:81:76:2c:8b:68:bf:c7:26:0a:
2f:68:e1:92:6b:5a:ee:4b:43:b3:38:f0:6b:b0:42:
73:70:fe:73:ca:2a:b7:bf:b4:ff:42:07:c5:53:dd:
46:c3:3f:dc:6b:60:46:7e:e4:68:2c:e9:a5:4f:b1:
b5:48:27:d9:01:dd:0a:3a:1e:11:b0:a4:da:6a:aa:
b0:69:68:ef:8e:f1:d3:a3:1b:8a:17:6d:2e:f4:ae:
7d:ee:da:fa:5c:85:18:63:b7:1e:23:14:50:cb:99:
2d:e7:c7:5c:4f:42:00:10:35:8c:38:7c:c6:ed:9a:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C8:8F:59:1A:74:4B:B8:C3:1A:C8:01:50:C0:90:BF:7A:ED:71:FD
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/wciPWRp0S7jDGsgBUMCQv3rtcf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:24:a2:dd:12:64:c9:ee:b7:be:56:61:20:bc:5e:28:f9:29:
82:13:b3:ef:ac:91:53:be:57:0c:33:bd:8d:72:b4:9e:9f:d4:
9e:bb:43:ea:90:50:0e:72:ed:f7:0d:70:06:81:40:af:23:3a:
ec:20:76:7f:25:56:c7:e0:1f:39:a3:8e:49:76:27:85:44:55:
01:52:c5:7d:c6:c0:dd:d1:ac:6c:1e:f6:fd:fe:30:55:7c:e0:
38:f3:36:a9:27:bf:7d:f7:90:b2:49:e8:fa:f2:cd:bf:21:7a:
eb:bb:81:1c:f5:40:3c:1e:ba:16:17:cd:5b:25:ba:f5:3e:89:
7d:6f:ad:75:6c:53:0d:71:82:d9:4b:65:62:a4:94:97:90:a2:
d3:90:4b:e6:7b:6d:a9:07:1c:0e:3b:72:a8:39:10:bc:2a:4e:
41:56:e4:be:c8:b6:88:8e:2f:ba:c5:ad:04:e3:de:27:87:ba:
0e:66:84:5c:7d:af:62:25:fd:b4:d8:eb:21:4a:0b:d3:25:e5:
f2:ce:49:77:35:db:2e:d1:32:40:c1:4c:19:aa:35:08:56:d6:
05:d3:f2:48:00:05:17:74:a4:bf:04:3e:ed:93:0a:d2:27:82:
3e:f9:a6:94:dc:4a:25:21:ed:24:d0:a7:0f:ac:8b:85:d9:f3:
45:7a:a5:41
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQks9ldoRdX3IpVYTRwNqHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM4OGY1OTFhNzQ0YmI4YzMxYWM4MDE1MGMwOTBiZjdhZWQ3MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oEm63x9dzA0xH/Zjjvk96+i+mOf
iNjY/KZrKf72osruOe8nDRsz6S1m7HsRYiOJLmpfr8fMUXWxhzsHOM8taO6eF1A2
HfBFqCa7kPxRpxjy8LO7EHPjSxgTkjjTfw4+Jn/V+psZZbwHLAfn8yUXgR4W7TJ/
g5hIvus2PKNf1Ct4OMnwEbJjTB6zKX+BdiyLaL/HJgovaOGSa1ruS0OzOPBrsEJz
cP5zyiq3v7T/QgfFU91Gwz/ca2BGfuRoLOmlT7G1SCfZAd0KOh4RsKTaaqqwaWjv
jvHToxuKF20u9K597tr6XIUYY7ceIxRQy5kt58dcT0IAEDWMOHzG7ZqbWwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMHIj1kadEu4wxrIAVDAkL967XH9MB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvd2NpUFdScDBTN2pER3NnQlVNQ1F2M3J0Y2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW8KLAwQB
k07CMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOCAQEAcySi
3RJkye63vlZhILxeKPkpghOz76yRU75XDDO9jXK0np/UnrtD6pBQDnLt9w1wBoFA
ryM67CB2fyVWx+AfOaOOSXYnhURVAVLFfcbA3dGsbB72/f4wVXzgOPM2qSe/ffeQ
skno+vLNvyF667uBHPVAPB66FhfNWyW69T6JfW+tdWxTDXGC2UtlYqSUl5Ci05BL
5nttqQccDjtyqDkQvCpOQVbkvsi2iI4vusWtBOPeJ4e6DmaEXH2vYiX9tNjrIUoL
0yXl8s5JdzXbLtEyQMFMGao1CFbWBdPySAAFF3SkvwQ+7ZMK0ieCPvmmlNxKJSHt
JNCnD6yLhdnzRXqlQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:23:06 2025 by rpki-client