Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/wUNIEVtYpwrG63HG0eeD7I7tvcM.roa
File: wUNIEVtYpwrG63HG0eeD7I7tvcM.roa (raw, json)
Hash identifier: oXVfh0sTirB6aA53rQRtUtH/R5Wu4DiNaIy7B2RuTkE=
Subject key identifier: C1:43:48:11:5B:58:A7:0A:C6:EB:71:C6:D1:E7:83:EC:8E:ED:BD:C3
Certificate issuer: /CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Certificate serial: 019422FC40048100D01DA53184BD42536028
Authority key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/wUNIEVtYpwrG63HG0eeD7I7tvcM.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47927
IP address blocks: 46.28.120.0/21 maxlen: 21
94.126.8.0/21 maxlen: 21
159.255.140.0/22 maxlen: 22
159.255.152.0/22 maxlen: 22
185.63.40.0/22 maxlen: 22
188.95.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:40:04:81:00:d0:1d:a5:31:84:bd:42:53:60:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c14348115b58a70ac6eb71c6d1e783ec8eedbdc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cb:4f:b3:a0:28:f8:37:ab:ba:16:b8:fb:5b:
8d:ef:de:35:e4:3a:d4:0c:db:08:d2:1c:85:e7:ac:
d2:d8:0e:58:34:3f:ef:1f:8f:9c:ec:15:87:38:d9:
ae:9c:e4:54:fc:da:be:b2:fc:db:f4:2b:03:4f:1e:
73:fb:4e:ae:c8:d1:db:70:0c:0b:77:d7:f1:14:68:
5b:98:0e:f7:61:99:da:5b:b9:d8:67:11:c2:73:39:
dc:cc:34:4e:df:5e:20:33:59:c6:7f:11:f6:56:45:
e8:90:54:11:13:08:2c:41:49:be:4b:29:0c:3f:ad:
b4:97:06:dc:4d:95:6b:dd:f8:ac:ee:4c:2e:1a:48:
7b:55:b5:76:d7:13:ce:81:38:fc:94:64:f1:14:13:
cc:74:71:48:c8:88:2d:4b:2f:d5:f3:9e:48:2f:2d:
41:0d:8d:d4:e3:b3:92:d8:a7:35:0a:12:22:f0:99:
01:60:a8:fd:68:d5:fb:f0:68:92:1d:92:4d:22:d1:
30:ad:d9:15:97:58:eb:26:a0:31:64:f2:a5:10:00:
1a:64:7d:63:9e:d5:aa:d5:50:97:9e:2a:69:90:f7:
1c:f4:b7:fe:1b:66:9e:cd:c3:91:ab:39:65:6f:23:
f4:25:da:94:72:c1:43:af:5d:43:87:23:52:ab:df:
8e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:43:48:11:5B:58:A7:0A:C6:EB:71:C6:D1:E7:83:EC:8E:ED:BD:C3
X509v3 Authority Key Identifier:
keyid:75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/wUNIEVtYpwrG63HG0eeD7I7tvcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.120.0/21
94.126.8.0/21
159.255.140.0/22
159.255.152.0/22
185.63.40.0/22
188.95.72.0/21
Signature Algorithm: sha256WithRSAEncryption
04:a7:27:46:81:44:5f:16:67:e3:68:6e:1d:07:2b:ea:bd:4c:
65:74:37:fd:d9:c4:5f:15:48:7f:ba:43:5b:13:80:ec:7c:0e:
91:f6:03:da:ca:80:5d:6a:6b:7b:01:78:ad:67:b1:95:1b:61:
36:84:75:97:94:6b:85:96:e9:47:40:81:f2:f6:60:65:dd:b4:
d3:30:df:7a:6c:7c:e3:79:18:2c:fd:8d:77:20:5d:40:5f:76:
cb:76:2b:23:3e:a7:2d:7f:20:7a:8f:4f:46:e6:84:95:c5:82:
d7:a4:84:c7:38:60:19:6f:44:bb:b3:23:b2:d1:4e:d8:20:2b:
56:6b:6b:d6:c3:e1:da:8d:e9:6e:0a:b5:18:59:aa:7c:37:5a:
5b:35:71:e5:05:96:2a:a4:3e:86:82:70:85:c1:47:18:0e:c8:
c2:66:97:07:da:69:22:5d:79:9d:4d:cb:e0:9c:b7:14:cc:8d:
bd:60:7b:1a:47:58:b3:e6:d3:39:ea:09:c8:c0:33:57:11:2a:
bf:88:f0:4b:da:c0:b8:fb:bf:8d:dd:53:7e:ab:ed:28:a7:ed:
5e:19:3b:d4:e7:45:7e:43:f4:60:10:af:bb:7a:87:d0:74:86:
7c:32:79:b3:a7:05:c6:de:97:11:ad:ff:ee:83:01:50:74:45:
74:89:1d:06
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQi/EAEgQDQHaUxhL1CU2AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZmFjYjA3ZjJjY2I5MmVlYmE4Nzg1NGM5NDI0MGU0ZjVh
YzhmNTIwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQzNDgxMTViNThhNzBhYzZlYjcxYzZkMWU3ODNlYzhlZWRiZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0stPs6Ao+Deruha4+1uN79415DrU
DNsI0hyF56zS2A5YND/vH4+c7BWHONmunORU/Nq+svzb9CsDTx5z+06uyNHbcAwL
d9fxFGhbmA73YZnaW7nYZxHCcznczDRO314gM1nGfxH2VkXokFQREwgsQUm+SykM
P620lwbcTZVr3fis7kwuGkh7VbV21xPOgTj8lGTxFBPMdHFIyIgtSy/V855ILy1B
DY3U47OS2Kc1ChIi8JkBYKj9aNX78GiSHZJNItEwrdkVl1jrJqAxZPKlEAAaZH1j
ntWq1VCXnippkPcc9Lf+G2aezcORqzllbyP0JdqUcsFDr11DhyNSq9+OfwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMFDSBFbWKcKxutxxtHng+yO7b3DMB8GA1UdIwQY
MBaAFHX6ywfyzLku66h4VMlCQOT1rI9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQt
YzkxMTQ4M2RhNzhjLzEvd1VOSUVWdFlwd3JHNjNIRzBlZUQ3STd0dmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQtYzkxMTQ4M2RhNzhj
LzEvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLhx4AwQD
Xn4IAwQCn/+MAwQCn/+YAwQCuT8oAwQDvF9IMA0GCSqGSIb3DQEBCwUAA4IBAQAE
pydGgURfFmfjaG4dByvqvUxldDf92cRfFUh/ukNbE4DsfA6R9gPayoBdamt7AXit
Z7GVG2E2hHWXlGuFlulHQIHy9mBl3bTTMN96bHzjeRgs/Y13IF1AX3bLdisjPqct
fyB6j09G5oSVxYLXpITHOGAZb0S7syOy0U7YICtWa2vWw+HajeluCrUYWap8N1pb
NXHlBZYqpD6GgnCFwUcYDsjCZpcH2mkiXXmdTcvgnLcUzI29YHsaR1iz5tM56gnI
wDNXESq/iPBL2sC4+7+N3VN+q+0op+1eGTvU50V+Q/RgEK+7eofQdIZ8MnmzpwXG
3pcRrf/ugwFQdEV0iR0G
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:28 2025 by rpki-client