Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WbOAYKCYkC5iJ9tKawFHBba0MWo.roa
File: WbOAYKCYkC5iJ9tKawFHBba0MWo.roa (raw, json)
Hash identifier: yOQ7X5NoW/EewzCxAIQsBdeK+jZYDlI8JDGQtQ8t4bE=
Subject key identifier: 59:B3:80:60:A0:98:90:2E:62:27:DB:4A:6B:01:47:05:B6:B4:31:6A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0195F2A0A7C4B35D5BE7EE221DFEEE26335D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WbOAYKCYkC5iJ9tKawFHBba0MWo.roa
Signing time: Tue 01 Apr 2025 18:32:49 +0000
ROA not before: Tue 01 Apr 2025 18:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134176
IP address blocks: 45.138.109.0/24 maxlen: 32
85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
194.49.108.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f2:a0:a7:c4:b3:5d:5b:e7:ee:22:1d:fe:ee:26:33:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 1 18:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59b38060a098902e6227db4a6b014705b6b4316a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:99:21:f1:07:eb:88:59:e5:ab:bf:68:fa:
58:e3:d7:fe:33:69:95:e3:90:18:65:f0:98:23:7f:
4f:de:5e:4e:41:a7:82:35:58:0f:33:df:1b:3b:12:
15:f6:5f:5b:90:d8:b0:c3:88:5e:21:28:be:ad:af:
0d:53:5a:45:a3:af:a0:6d:8a:e1:59:0d:7c:25:e9:
b3:16:0c:c7:ed:b4:96:9b:73:fa:a3:05:c0:47:23:
7a:ad:88:b5:dd:86:a9:8a:88:eb:c4:de:94:4e:89:
23:2f:fb:9d:9c:c8:cb:b5:00:b1:74:9f:0b:35:84:
7d:3d:c1:1b:44:14:67:62:90:e1:d8:29:08:39:72:
95:bc:6b:49:46:06:91:4e:30:4f:bb:f1:47:49:94:
05:53:89:c2:66:64:22:b0:27:ba:fc:77:2e:ae:d9:
79:45:e2:cf:de:aa:e9:bf:16:b6:0c:6e:90:55:62:
cf:80:4c:74:de:56:8a:f4:60:31:cb:3e:a1:4d:52:
be:8e:a6:71:f7:60:c6:94:a8:5e:f2:ac:10:53:10:
53:bb:d4:7a:ae:87:4c:fa:44:aa:4f:58:cd:c7:8e:
87:eb:a9:34:6a:20:90:98:6f:b7:83:a2:ea:74:d5:
36:dc:65:3d:9b:fd:ae:7c:24:c0:24:7f:45:22:b2:
74:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B3:80:60:A0:98:90:2E:62:27:DB:4A:6B:01:47:05:B6:B4:31:6A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WbOAYKCYkC5iJ9tKawFHBba0MWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.109.0/24
85.209.254.0/24
185.190.81.0/24
194.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
01:04:a6:4f:df:ba:a5:d2:3a:0d:00:e0:d2:4f:02:fe:f4:00:
3f:5a:f5:ca:89:0d:90:b6:91:19:e9:ff:ef:bb:a0:b2:59:14:
49:04:04:2e:0c:4b:bb:a6:15:64:c9:a6:72:ee:ca:64:1c:eb:
25:52:2d:e5:e4:4d:0e:f3:cd:e0:2d:e1:80:b1:a6:76:a1:66:
65:43:f5:1a:69:16:6f:98:f3:f3:bb:48:7d:60:6f:fd:9e:85:
b9:5f:19:79:e3:92:bf:6d:57:04:8e:73:72:58:44:a2:be:bb:
3d:0b:91:73:58:7c:0f:e5:ed:28:44:8e:79:82:d3:5c:06:53:
86:f7:34:62:c8:5d:f0:2c:0f:c0:00:09:36:e4:50:e6:21:77:
e0:9c:bc:2a:93:4c:8c:37:6f:d6:4f:e1:ca:c4:47:97:13:cf:
07:29:19:54:bf:87:45:f0:5a:ab:5e:38:0a:b1:c0:a8:ff:77:
2d:a1:43:55:98:1a:06:f8:49:37:55:8d:83:29:cf:f5:6c:66:
95:a8:4a:dd:cd:ba:c1:f0:14:87:81:04:74:29:9b:9d:78:21:
bd:9e:30:84:9e:a1:33:81:f2:65:6a:6c:26:34:aa:55:d6:fe:
6a:8f:15:2c:88:f8:a8:9f:0a:12:28:c0:67:db:5d:05:11:1d:
d1:24:61:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXyoKfEs11b5+4iHf7uJjNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNDAxMTgzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIzODA2MGEwOTg5MDJlNjIyN2RiNGE2YjAxNDcwNWI2YjQzMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7eZIfEH64hZ5au/aPpY49f+M2mV
45AYZfCYI39P3l5OQaeCNVgPM98bOxIV9l9bkNiww4heISi+ra8NU1pFo6+gbYrh
WQ18JemzFgzH7bSWm3P6owXARyN6rYi13YapiojrxN6UTokjL/udnMjLtQCxdJ8L
NYR9PcEbRBRnYpDh2CkIOXKVvGtJRgaRTjBPu/FHSZQFU4nCZmQisCe6/Hcurtl5
ReLP3qrpvxa2DG6QVWLPgEx03laK9GAxyz6hTVK+jqZx92DGlKhe8qwQUxBTu9R6
rodM+kSqT1jNx46H66k0aiCQmG+3g6LqdNU23GU9m/2ufCTAJH9FIrJ0ywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFmzgGCgmJAuYifbSmsBRwW2tDFqMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvV2JPQVlLQ1lrQzVpSjl0S2F3RkhCYmEwTVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYptAwQA
VdH+AwQAub5RAwQAwjFsMA0GCSqGSIb3DQEBCwUAA4IBAQABBKZP37ql0joNAODS
TwL+9AA/WvXKiQ2QtpEZ6f/vu6CyWRRJBAQuDEu7phVkyaZy7spkHOslUi3l5E0O
883gLeGAsaZ2oWZlQ/UaaRZvmPPzu0h9YG/9noW5Xxl545K/bVcEjnNyWESivrs9
C5FzWHwP5e0oRI55gtNcBlOG9zRiyF3wLA/AAAk25FDmIXfgnLwqk0yMN2/WT+HK
xEeXE88HKRlUv4dF8FqrXjgKscCo/3ctoUNVmBoG+Ek3VY2DKc/1bGaVqErdzbrB
8BSHgQR0KZudeCG9njCEnqEzgfJlamwmNKpV1v5qjxUsiPionwoSKMBn210FER3R
JGG3
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:39 2025 by rpki-client