Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/KS6dCLyooTXECMEWhNs8e8nnvQE.roa
File: KS6dCLyooTXECMEWhNs8e8nnvQE.roa (raw, json)
Hash identifier: +Poxy3eTZLT+TdWI7DhmRiVZys0n/8CE6RQOVl+/Vy4=
Subject key identifier: 29:2E:9D:08:BC:A8:A1:35:C4:08:C1:16:84:DB:3C:7B:C9:E7:BD:01
Certificate issuer: /CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Certificate serial: 0194244575C2EF0A602357A5CA0159E9D2EF
Authority key identifier: 72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/KS6dCLyooTXECMEWhNs8e8nnvQE.roa
Signing time: Wed 01 Jan 2025 23:48:39 +0000
ROA not before: Wed 01 Jan 2025 23:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206521
IP address blocks: 185.183.200.0/24 maxlen: 24
185.183.201.0/24 maxlen: 24
185.183.202.0/24 maxlen: 24
185.183.203.0/24 maxlen: 24
2a0b:1b80::/32 maxlen: 32
2a0b:1b81::/32 maxlen: 32
2a0b:1b82::/32 maxlen: 32
2a0b:1b83::/32 maxlen: 32
2a0b:1b84::/32 maxlen: 32
2a0b:1b85::/32 maxlen: 32
2a0b:1b86::/32 maxlen: 32
2a0b:1b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:75:c2:ef:0a:60:23:57:a5:ca:01:59:e9:d2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Validity
Not Before: Jan 1 23:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=292e9d08bca8a135c408c11684db3c7bc9e7bd01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:09:af:49:c0:bd:b0:d2:35:20:5d:ab:30:98:
b2:6e:9f:61:f5:ec:a4:2a:43:94:46:87:86:9c:e8:
ef:60:f7:29:69:c3:bd:4e:29:a1:06:f9:05:53:54:
3f:57:2c:13:ba:32:fc:83:e3:95:2d:f6:54:d1:88:
f6:ac:30:7f:c9:0b:a7:c4:51:79:16:bb:cf:04:d0:
35:21:ed:e9:69:ef:b7:04:e9:c8:ac:7f:0b:f1:dc:
c9:05:bc:56:e9:38:4d:5f:42:98:bb:83:9c:1c:28:
5e:a0:56:5f:72:26:df:b0:be:09:32:5e:7a:04:e3:
27:2f:4b:55:81:d6:e4:b6:de:23:d0:69:d7:f3:d5:
a4:2d:cc:0f:8c:dc:32:d6:61:c0:b8:a8:fe:e6:c1:
79:de:8d:92:c6:8d:be:91:f6:63:12:d2:c4:b7:59:
c4:63:92:d0:01:d1:9c:5c:e7:d2:c1:63:ca:e3:69:
40:5d:1f:e9:8f:e6:3f:a1:ce:8b:5f:53:58:07:75:
1b:9b:11:cb:0b:ff:60:1e:be:00:8b:38:24:73:8d:
ec:0b:9a:53:e4:dd:ee:d0:88:f2:3e:fc:40:e9:5b:
cf:5e:50:c5:ed:5b:b9:0c:c6:b7:98:fe:1a:f0:e1:
4e:91:30:95:b1:70:65:af:2a:f7:f6:39:98:db:f6:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2E:9D:08:BC:A8:A1:35:C4:08:C1:16:84:DB:3C:7B:C9:E7:BD:01
X509v3 Authority Key Identifier:
keyid:72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/KS6dCLyooTXECMEWhNs8e8nnvQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.200.0/22
IPv6:
2a0b:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
29:fb:79:a4:d1:83:bd:72:0a:7c:fe:fe:f6:c9:73:80:63:68:
6a:1d:4c:fa:91:68:96:97:4b:65:62:43:bc:e4:8a:c8:8a:71:
a1:fe:6a:fc:5c:47:ab:f7:b2:b6:4f:8d:ea:55:ed:d3:de:8d:
4e:ac:9a:24:36:0e:58:c1:bf:48:33:ff:eb:1d:67:31:00:1a:
a7:91:8b:98:8b:b0:20:0a:16:04:b7:fe:80:69:1e:a8:d8:72:
48:8d:c3:76:6c:8c:a7:f8:a1:a4:0c:ca:56:ef:f9:e0:9f:0f:
01:4c:92:bc:2b:b6:db:e2:39:b2:bf:f4:e0:6b:4a:6e:78:06:
ac:9e:10:fb:fb:e8:5d:08:2d:b2:36:ba:ec:5d:43:db:b5:8c:
55:d5:55:fe:2e:82:a9:bc:ee:70:67:82:c0:b5:1e:4c:95:d1:
6c:2f:63:25:47:59:e5:d4:da:b8:0a:04:ec:bd:11:1f:45:ca:
43:95:6b:98:55:d5:20:83:68:3e:82:c1:a9:fe:cd:ec:92:74:
c5:9b:1d:4a:2d:ce:f1:cb:50:4f:54:2c:1f:1c:f3:f7:05:21:
df:7f:64:e4:e0:57:d8:ec:5c:3d:1f:d0:9d:6f:0e:b6:ab:5c:
c0:18:b9:d8:46:de:e7:ff:09:a7:ae:c4:70:5f:cf:d7:39:60:
61:37:de:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRXXC7wpgI1elygFZ6dLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOGMyYmZkNmJiNTAzYTAxZDAxODYwMmJkYTE1MmQ3MzRl
ZDU2ZjAwHhcNMjUwMTAxMjM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTJlOWQwOGJjYThhMTM1YzQwOGMxMTY4NGRiM2M3YmM5ZTdiZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/QmvScC9sNI1IF2rMJiybp9h9eyk
KkOURoeGnOjvYPcpacO9TimhBvkFU1Q/VywTujL8g+OVLfZU0Yj2rDB/yQunxFF5
FrvPBNA1Ie3pae+3BOnIrH8L8dzJBbxW6ThNX0KYu4OcHCheoFZfcibfsL4JMl56
BOMnL0tVgdbktt4j0GnX89WkLcwPjNwy1mHAuKj+5sF53o2Sxo2+kfZjEtLEt1nE
Y5LQAdGcXOfSwWPK42lAXR/pj+Y/oc6LX1NYB3UbmxHLC/9gHr4Aizgkc43sC5pT
5N3u0IjyPvxA6VvPXlDF7Vu5DMa3mP4a8OFOkTCVsXBlryr39jmY2/ZjIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCkunQi8qKE1xAjBFoTbPHvJ570BMB8GA1UdIwQY
MBaAFHKMK/1rtQOgHQGGAr2hUtc07VbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDIt
OTM0OWYxMGEyNjQ5LzEvS1M2ZENMeW9vVFhFQ01FV2hOczhlOG5udlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDItOTM0OWYxMGEyNjQ5
LzEvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubfIMA0E
AgACMAcDBQMqCxuAMA0GCSqGSIb3DQEBCwUAA4IBAQAp+3mk0YO9cgp8/v72yXOA
Y2hqHUz6kWiWl0tlYkO85IrIinGh/mr8XEer97K2T43qVe3T3o1OrJokNg5Ywb9I
M//rHWcxABqnkYuYi7AgChYEt/6AaR6o2HJIjcN2bIyn+KGkDMpW7/ngnw8BTJK8
K7bb4jmyv/Tga0pueAasnhD7++hdCC2yNrrsXUPbtYxV1VX+LoKpvO5wZ4LAtR5M
ldFsL2MlR1nl1Nq4CgTsvREfRcpDlWuYVdUgg2g+gsGp/s3sknTFmx1KLc7xy1BP
VCwfHPP3BSHff2Tk4FfY7Fw9H9Cdbw62q1zAGLnYRt7n/wmnrsRwX8/XOWBhN949
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:45:36 2025 by rpki-client