Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/wFmITchCOTh-4_pkSKxt-DBDXmI.roa
File: wFmITchCOTh-4_pkSKxt-DBDXmI.roa (raw, json)
Hash identifier: 0czxK7spC8QNTMDj8fqbhsYijXl48ZLs3CZRQQWgFNg=
Subject key identifier: C0:59:88:4D:C8:42:39:38:7E:E3:FA:64:48:AC:6D:F8:30:43:5E:62
Certificate issuer: /CN=8faccbac71477b940e5cd4103e3eee61db615915
Certificate serial: 019425FDED392B3706E9A054BD49883039F4
Authority key identifier: 8F:AC:CB:AC:71:47:7B:94:0E:5C:D4:10:3E:3E:EE:61:DB:61:59:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j6zLrHFHe5QOXNQQPj7uYdthWRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/wFmITchCOTh-4_pkSKxt-DBDXmI.roa
Signing time: Thu 02 Jan 2025 07:49:45 +0000
ROA not before: Thu 02 Jan 2025 07:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214618
IP address blocks: 2a14:7240:a10::/48 maxlen: 48
2a14:7240:e02::/48 maxlen: 48
2a14:7240:a01c::/48 maxlen: 48
2a14:7240:e01c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/j6zLrHFHe5QOXNQQPj7uYdthWRU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/j6zLrHFHe5QOXNQQPj7uYdthWRU.mft
rsync://rpki.ripe.net/repository/DEFAULT/j6zLrHFHe5QOXNQQPj7uYdthWRU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ed:39:2b:37:06:e9:a0:54:bd:49:88:30:39:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8faccbac71477b940e5cd4103e3eee61db615915
Validity
Not Before: Jan 2 07:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c059884dc84239387ee3fa6448ac6df830435e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:11:94:a8:3e:18:01:9a:21:98:d0:78:f2:58:
a1:00:4e:6e:df:f7:c4:27:04:2d:1a:9f:a2:48:a3:
91:cd:99:f7:e0:8d:09:c5:eb:2c:bf:7f:44:f2:0a:
77:94:9d:f8:15:1b:f6:ab:ec:43:3f:3c:25:c0:7b:
55:c5:d2:0b:e0:00:d1:06:c5:b0:7f:f3:97:e5:1f:
52:f6:a3:7f:2b:33:99:f5:36:70:ce:cc:6d:f6:7c:
17:90:28:f8:9b:ff:65:23:ab:93:89:e5:9e:33:d7:
3a:7d:a4:25:be:87:70:8a:4d:70:02:b3:14:05:43:
39:e3:ec:39:0b:ae:78:d3:3a:64:e4:f3:1d:56:aa:
a0:63:d4:65:40:67:06:ff:ca:f1:58:62:74:2d:4a:
e5:03:2f:43:9a:82:5f:b6:77:a7:11:c6:2e:78:86:
30:dd:3d:6f:a6:3a:14:81:52:85:36:57:27:72:3d:
e4:8f:48:c4:cd:03:4b:f9:0a:e5:7d:d8:dc:24:1f:
84:3b:8a:f9:b1:f3:ef:7b:6d:11:53:33:80:2e:12:
00:76:bf:33:de:71:b7:a9:07:09:4d:ab:c2:b6:f7:
70:06:91:ab:1f:59:cf:15:ec:f8:a2:63:56:68:05:
2a:ac:5d:86:36:0a:79:d8:fa:b1:fa:e4:d6:62:b3:
09:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:59:88:4D:C8:42:39:38:7E:E3:FA:64:48:AC:6D:F8:30:43:5E:62
X509v3 Authority Key Identifier:
keyid:8F:AC:CB:AC:71:47:7B:94:0E:5C:D4:10:3E:3E:EE:61:DB:61:59:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6zLrHFHe5QOXNQQPj7uYdthWRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/wFmITchCOTh-4_pkSKxt-DBDXmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/017eef-c49e-47a7-9ed3-098db3a24ff0/1/j6zLrHFHe5QOXNQQPj7uYdthWRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7240:a10::/48
2a14:7240:e02::/48
2a14:7240:a01c::/48
2a14:7240:e01c::/48
Signature Algorithm: sha256WithRSAEncryption
31:2e:d6:3e:1d:3a:ae:45:fa:55:f1:4b:38:47:bd:74:9d:7b:
6d:ed:c3:11:40:33:41:81:17:30:ab:d7:1b:1b:08:69:a7:5e:
9b:46:f0:90:f8:1a:22:a4:33:fa:c5:de:c0:d3:d9:3c:18:db:
ed:34:7b:4e:0e:a0:dd:ef:5b:8a:2e:b8:f0:39:8c:27:4d:9c:
62:b3:15:7e:3b:ad:6a:a8:ee:f3:f5:51:8a:6d:8e:95:8d:76:
d6:4a:98:63:f6:ec:b4:94:07:18:1d:30:1c:eb:ac:5b:a8:49:
87:5d:78:84:f1:74:3d:e5:bc:cc:c0:cc:88:7c:c2:9b:af:b3:
a3:1b:8c:64:cc:f4:77:63:0a:07:b0:58:1e:95:98:c8:8e:4c:
2d:83:6b:33:77:c4:c1:8f:cd:10:9a:9c:78:80:3c:f6:09:08:
97:c4:9f:98:7a:18:89:df:b8:13:7a:ee:ed:a4:d3:23:06:73:
95:30:0d:a8:8c:2c:50:c8:2e:54:51:76:b4:3e:3a:bf:06:56:
94:f4:a6:5f:34:15:08:7a:ad:36:3b:eb:59:a0:d4:a1:d9:2b:
ff:36:ed:28:8c:bc:9e:de:63:21:d1:6a:d0:be:45:69:33:ae:
dc:44:e9:27:6c:b6:1d:fe:e2:f1:ea:3b:29:5c:36:24:84:8e:
36:7c:2e:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/e05KzcG6aBUvUmIMDn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYWNjYmFjNzE0NzdiOTQwZTVjZDQxMDNlM2VlZTYxZGI2
MTU5MTUwHhcNMjUwMTAyMDc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU5ODg0ZGM4NDIzOTM4N2VlM2ZhNjQ0OGFjNmRmODMwNDM1ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xGUqD4YAZohmNB48lihAE5u3/fE
JwQtGp+iSKORzZn34I0Jxessv39E8gp3lJ34FRv2q+xDPzwlwHtVxdIL4ADRBsWw
f/OX5R9S9qN/KzOZ9TZwzsxt9nwXkCj4m/9lI6uTieWeM9c6faQlvodwik1wArMU
BUM54+w5C6540zpk5PMdVqqgY9RlQGcG/8rxWGJ0LUrlAy9DmoJftnenEcYueIYw
3T1vpjoUgVKFNlcncj3kj0jEzQNL+QrlfdjcJB+EO4r5sfPve20RUzOALhIAdr8z
3nG3qQcJTavCtvdwBpGrH1nPFez4omNWaAUqrF2GNgp52Pqx+uTWYrMJ4wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMBZiE3IQjk4fuP6ZEisbfgwQ15iMB8GA1UdIwQY
MBaAFI+sy6xxR3uUDlzUED4+7mHbYVkVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajZ6THJIRkhlNVFPWE5RUVBqN3VZZHRoV1JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8wMTdlZWYtYzQ5ZS00N2E3LTllZDMt
MDk4ZGIzYTI0ZmYwLzEvd0ZtSVRjaENPVGgtNF9wa1NLeHQtREJEWG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8wMTdlZWYtYzQ5ZS00N2E3LTllZDMtMDk4ZGIzYTI0ZmYw
LzEvajZ6THJIRkhlNVFPWE5RUVBqN3VZZHRoV1JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKhRyQAoQ
AwcAKhRyQA4CAwcAKhRyQKAcAwcAKhRyQOAcMA0GCSqGSIb3DQEBCwUAA4IBAQAx
LtY+HTquRfpV8Us4R710nXtt7cMRQDNBgRcwq9cbGwhpp16bRvCQ+BoipDP6xd7A
09k8GNvtNHtODqDd71uKLrjwOYwnTZxisxV+O61qqO7z9VGKbY6VjXbWSphj9uy0
lAcYHTAc66xbqEmHXXiE8XQ95bzMwMyIfMKbr7OjG4xkzPR3YwoHsFgelZjIjkwt
g2szd8TBj80Qmpx4gDz2CQiXxJ+YehiJ37gTeu7tpNMjBnOVMA2ojCxQyC5UUXa0
Pjq/BlaU9KZfNBUIeq02O+tZoNSh2Sv/Nu0ojLye3mMh0WrQvkVpM67cROknbLYd
/uLx6jspXDYkhI42fC7b
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:50:38 2025 by rpki-client