Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/wiMZyenwx3I7xwOHgp4nhnMI51s.roa
File: wiMZyenwx3I7xwOHgp4nhnMI51s.roa (raw, json)
Hash identifier: Qx/P/QV7oNsKOLP9lE01kMvoM8G9Aq9IlKHXWkjW/bo=
Subject key identifier: C2:23:19:C9:E9:F0:C7:72:3B:C7:03:87:82:9E:27:86:73:08:E7:5B
Certificate issuer: /CN=7f58bc086412f4d2c54fa0702d92ce25496ce479
Certificate serial: 0194266A10C869BFABD21696EF2D7980328A
Authority key identifier: 7F:58:BC:08:64:12:F4:D2:C5:4F:A0:70:2D:92:CE:25:49:6C:E4:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1i8CGQS9NLFT6BwLZLOJUls5Hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/wiMZyenwx3I7xwOHgp4nhnMI51s.roa
Signing time: Thu 02 Jan 2025 09:47:52 +0000
ROA not before: Thu 02 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 91.205.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/f1i8CGQS9NLFT6BwLZLOJUls5Hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/f1i8CGQS9NLFT6BwLZLOJUls5Hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/f1i8CGQS9NLFT6BwLZLOJUls5Hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:10:c8:69:bf:ab:d2:16:96:ef:2d:79:80:32:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f58bc086412f4d2c54fa0702d92ce25496ce479
Validity
Not Before: Jan 2 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c22319c9e9f0c7723bc70387829e27867308e75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:45:cd:51:59:c1:6a:30:c3:2e:0b:d2:bc:
d6:51:7c:2b:44:e1:3a:c5:fb:dd:6d:ba:30:50:94:
d6:5c:dc:fa:03:1f:40:47:fa:8f:66:8d:af:3b:d6:
d5:03:69:6a:21:a5:7e:52:fc:5d:c1:ba:9b:2b:54:
72:e3:1e:10:e7:92:fb:81:26:70:80:b0:f3:7a:cc:
3f:98:11:47:4e:e2:b4:84:cf:1c:50:e4:f1:25:a9:
d4:ed:f8:6d:d3:8b:32:d4:a5:be:97:f0:33:04:25:
bb:d7:15:4e:ad:ec:72:2e:a9:09:a8:f6:1e:38:b5:
c0:e0:99:b5:7b:21:13:7a:61:f7:e5:0b:ef:ac:9c:
df:dd:4a:f3:93:5c:8f:a2:47:2a:f3:e6:de:7a:8c:
3b:38:1f:6d:11:f2:ae:df:70:c5:6b:17:a0:32:df:
e7:69:78:e7:4c:e1:2d:dc:64:a8:fd:72:9b:f9:9d:
35:52:32:8a:d2:42:e2:92:3d:12:49:5b:7e:51:14:
b5:d8:da:42:47:ff:74:de:c4:4c:49:60:9e:b7:4b:
24:31:0e:77:64:9e:f7:11:89:fc:9f:67:da:f6:6d:
0d:c4:39:ee:71:20:03:c3:44:a8:d2:32:2a:3c:2b:
0e:84:36:7a:73:1b:e4:b9:61:24:b1:b4:e0:c5:12:
61:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:23:19:C9:E9:F0:C7:72:3B:C7:03:87:82:9E:27:86:73:08:E7:5B
X509v3 Authority Key Identifier:
keyid:7F:58:BC:08:64:12:F4:D2:C5:4F:A0:70:2D:92:CE:25:49:6C:E4:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1i8CGQS9NLFT6BwLZLOJUls5Hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/wiMZyenwx3I7xwOHgp4nhnMI51s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/530933-5915-4ff2-b1f9-5010d05f99a8/1/f1i8CGQS9NLFT6BwLZLOJUls5Hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.125.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:c1:17:68:d5:27:8f:31:95:ed:cc:2d:8e:80:1f:85:a5:b3:
50:ed:45:a6:fd:72:98:df:60:7b:af:19:14:66:8f:95:c6:49:
8a:a2:e5:b8:66:b7:8e:fe:cf:40:28:7b:11:f6:4b:95:97:95:
d4:7a:a7:ab:92:0f:46:89:2b:b9:a8:35:4a:d6:bf:84:18:d0:
64:59:2e:d1:6f:8e:9d:a0:71:4c:d5:1c:8f:62:c9:67:84:36:
d6:48:0e:d8:7a:d9:03:a7:cc:3a:99:b1:75:4c:8d:82:d6:10:
a2:11:86:2b:1b:4f:bc:20:b2:31:97:5a:11:37:41:54:41:4a:
f1:95:72:b9:97:c8:17:8a:21:3d:e7:0c:8e:60:28:d0:0c:9c:
b8:a5:59:e7:64:dd:89:8f:1f:10:e3:f7:15:6e:1b:55:95:0e:
4f:7d:c5:c9:97:20:46:bd:cc:53:06:4b:56:dd:80:92:58:c9:
1d:57:6e:c7:a4:3f:23:72:89:81:22:4a:16:e8:f8:2f:1f:36:
fa:48:44:ba:e1:75:89:65:13:e9:18:f1:61:f1:57:48:55:93:
98:e9:9d:3f:87:46:65:fc:85:93:a0:ab:2a:87:c7:83:b5:c4:
d9:a8:5c:d1:e2:fc:ce:ba:4d:ee:02:d3:ca:60:25:2d:88:ad:
dc:9a:e7:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmahDIab+r0haW7y15gDKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNThiYzA4NjQxMmY0ZDJjNTRmYTA3MDJkOTJjZTI1NDk2
Y2U0NzkwHhcNMjUwMTAyMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjIzMTljOWU5ZjBjNzcyM2JjNzAzODc4MjllMjc4NjczMDhlNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH1FzVFZwWowwy4L0rzWUXwrROE6
xfvdbbowUJTWXNz6Ax9AR/qPZo2vO9bVA2lqIaV+UvxdwbqbK1Ry4x4Q55L7gSZw
gLDzesw/mBFHTuK0hM8cUOTxJanU7fht04sy1KW+l/AzBCW71xVOrexyLqkJqPYe
OLXA4Jm1eyETemH35QvvrJzf3Urzk1yPokcq8+beeow7OB9tEfKu33DFaxegMt/n
aXjnTOEt3GSo/XKb+Z01UjKK0kLikj0SSVt+URS12NpCR/903sRMSWCet0skMQ53
ZJ73EYn8n2fa9m0NxDnucSADw0So0jIqPCsOhDZ6cxvkuWEksbTgxRJh6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIjGcnp8MdyO8cDh4KeJ4ZzCOdbMB8GA1UdIwQY
MBaAFH9YvAhkEvTSxU+gcC2SziVJbOR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFpOENHUVM5TkxGVDZCd0xaTE9KVWxzNUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy81MzA5MzMtNTkxNS00ZmYyLWIxZjkt
NTAxMGQwNWY5OWE4LzEvd2lNWnllbnd4M0k3eHdPSGdwNG5obk1JNTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy81MzA5MzMtNTkxNS00ZmYyLWIxZjktNTAxMGQwNWY5OWE4
LzEvZjFpOENHUVM5TkxGVDZCd0xaTE9KVWxzNUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW819MA0G
CSqGSIb3DQEBCwUAA4IBAQBbwRdo1SePMZXtzC2OgB+FpbNQ7UWm/XKY32B7rxkU
Zo+VxkmKouW4ZreO/s9AKHsR9kuVl5XUeqerkg9GiSu5qDVK1r+EGNBkWS7Rb46d
oHFM1RyPYslnhDbWSA7YetkDp8w6mbF1TI2C1hCiEYYrG0+8ILIxl1oRN0FUQUrx
lXK5l8gXiiE95wyOYCjQDJy4pVnnZN2Jjx8Q4/cVbhtVlQ5PfcXJlyBGvcxTBktW
3YCSWMkdV27HpD8jcomBIkoW6PgvHzb6SES64XWJZRPpGPFh8VdIVZOY6Z0/h0Zl
/IWToKsqh8eDtcTZqFzR4vzOuk3uAtPKYCUtiK3cmufA
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:15 2025 by rpki-client