Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/W9Inx9ixKUML_LOXnUHyVFrXNZE.roa
File: W9Inx9ixKUML_LOXnUHyVFrXNZE.roa (raw, json)
Hash identifier: Hce+QeLL7wTflcLdNV6AIKOI7Oh5vFKC0Lzm+giAD4k=
Subject key identifier: 5B:D2:27:C7:D8:B1:29:43:0B:FC:B3:97:9D:41:F2:54:5A:D7:35:91
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 019492FBDA55C8732C78B8E1C5EA07A3D28A
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/W9Inx9ixKUML_LOXnUHyVFrXNZE.roa
Signing time: Thu 23 Jan 2025 11:46:06 +0000
ROA not before: Thu 23 Jan 2025 11:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60042
IP address blocks: 79.133.178.0/24 maxlen: 24
176.118.208.0/22 maxlen: 22
176.118.209.0/24 maxlen: 24
176.118.213.0/24 maxlen: 24
176.118.214.0/23 maxlen: 23
176.118.216.0/22 maxlen: 22
176.118.220.0/22 maxlen: 22
185.42.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:fb:da:55:c8:73:2c:78:b8:e1:c5:ea:07:a3:d2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 23 11:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bd227c7d8b129430bfcb3979d41f2545ad73591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:44:b8:d2:ce:61:6b:38:96:92:67:a4:26:
ba:03:2e:55:af:18:e3:68:20:31:db:bf:38:14:3e:
9b:cc:b9:f0:7f:17:92:98:b9:f8:98:f0:4f:70:67:
95:e2:8b:a2:c6:e4:a9:ba:cf:09:57:63:52:e1:57:
28:61:a9:be:e7:bd:82:9d:78:30:bb:d0:1b:cc:a0:
95:19:07:3c:70:99:55:29:7d:00:08:9a:c4:5b:16:
30:1a:d0:6d:85:11:6a:5a:a6:74:a1:06:32:45:76:
7e:10:85:07:f2:df:32:b7:5e:bb:03:f4:90:06:27:
16:c5:5d:2c:29:29:ce:71:71:56:8b:64:0a:1c:e2:
b9:d9:88:e4:ca:0f:e7:cf:d8:9a:74:ba:2a:b1:18:
f2:8c:ba:c2:de:ff:11:8b:15:e9:f7:e8:6f:45:39:
fe:9d:fe:36:0d:d1:43:79:ca:98:3b:1d:ee:13:4f:
8d:c7:1e:7f:e4:4b:9c:3f:c2:02:c5:92:0c:24:a4:
65:4a:cc:63:d4:23:f7:af:60:8c:c2:68:41:fc:be:
55:c3:00:78:92:f9:01:7a:25:2f:1d:6b:cf:ae:32:
f6:57:76:aa:b1:4a:ac:95:55:68:c4:d6:db:b6:bb:
05:33:5f:e4:d4:bc:b0:4a:88:e6:50:fc:f0:eb:25:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D2:27:C7:D8:B1:29:43:0B:FC:B3:97:9D:41:F2:54:5A:D7:35:91
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/W9Inx9ixKUML_LOXnUHyVFrXNZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.178.0/24
176.118.208.0/22
176.118.213.0-176.118.223.255
185.42.228.0/22
Signature Algorithm: sha256WithRSAEncryption
15:9a:65:12:65:f3:e5:15:2e:49:a8:2a:5e:6f:f2:a3:13:bb:
3c:c4:de:07:41:af:9b:00:7f:69:5f:c4:6a:9d:b5:69:ee:fb:
6d:52:af:68:52:3e:dd:54:f4:54:af:1e:03:9b:d6:fc:d6:96:
97:a7:b9:a2:ea:4a:e2:00:b7:51:2b:3d:a3:dc:94:08:81:76:
88:2b:1e:a8:13:ba:5e:bd:b2:49:fc:e5:9b:27:a7:56:05:cd:
4f:15:90:5a:ec:35:4f:1d:3c:89:97:ee:4a:84:df:99:3c:2b:
1b:9e:3c:a1:a4:a8:a2:c0:7a:8b:75:9d:e1:75:70:ef:24:70:
42:dd:04:80:77:79:26:cf:62:3b:d7:85:6e:52:17:fe:ce:3f:
c0:3c:89:e9:f1:87:2e:cf:fe:48:7d:da:52:06:cf:68:7d:dc:
3b:86:28:07:b7:38:de:d9:49:ee:26:0c:9c:d2:88:11:83:e0:
51:be:67:46:50:c4:b4:c1:ee:11:3b:c4:55:0c:0b:ea:87:81:
8b:5d:14:2f:e9:d5:23:52:33:3b:6c:4b:0b:e2:b8:ce:e6:e7:
0d:4f:0a:ec:b4:e1:86:dd:c1:b1:d6:17:1b:37:cf:28:ef:9d:
38:1a:3e:30:60:66:a2:85:d1:62:a3:ac:9f:ac:29:2d:7a:58:
9c:f6:05:ef
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZSS+9pVyHMseLjhxeoHo9KKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjUwMTIzMTE0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQyMjdjN2Q4YjEyOTQzMGJmY2IzOTc5ZDQxZjI1NDVhZDczNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRlEuNLOYWs4lpJnpCa6Ay5Vrxjj
aCAx2784FD6bzLnwfxeSmLn4mPBPcGeV4ouixuSpus8JV2NS4VcoYam+572CnXgw
u9AbzKCVGQc8cJlVKX0ACJrEWxYwGtBthRFqWqZ0oQYyRXZ+EIUH8t8yt167A/SQ
BicWxV0sKSnOcXFWi2QKHOK52Yjkyg/nz9iadLoqsRjyjLrC3v8RixXp9+hvRTn+
nf42DdFDecqYOx3uE0+Nxx5/5EucP8ICxZIMJKRlSsxj1CP3r2CMwmhB/L5VwwB4
kvkBeiUvHWvPrjL2V3aqsUqslVVoxNbbtrsFM1/k1LywSojmUPzw6yV4xQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFvSJ8fYsSlDC/yzl51B8lRa1zWRMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvVzlJbng5aXhLVU1MX0xPWG5VSHlWRnJYTlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAT4WyAwQC
sHbQMAwDBACwdtUDBAWwdsADBAK5KuQwDQYJKoZIhvcNAQELBQADggEBABWaZRJl
8+UVLkmoKl5v8qMTuzzE3gdBr5sAf2lfxGqdtWnu+21Sr2hSPt1U9FSvHgOb1vzW
lpenuaLqSuIAt1ErPaPclAiBdogrHqgTul69skn85Zsnp1YFzU8VkFrsNU8dPImX
7kqE35k8KxuePKGkqKLAeot1neF1cO8kcELdBIB3eSbPYjvXhW5SF/7OP8A8ienx
hy7P/kh92lIGz2h93DuGKAe3ON7ZSe4mDJzSiBGD4FG+Z0ZQxLTB7hE7xFUMC+qH
gYtdFC/p1SNSMztsSwviuM7m5w1PCuy04YbdwbHWFxs3zyjvnTgaPjBgZqKF0WKj
rJ+sKS16WJz2Be8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:18:36 2025 by rpki-client