Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/wz1d87RRsH1wKxGmJq_DN0PXswY.roa
File: wz1d87RRsH1wKxGmJq_DN0PXswY.roa (raw, json)
Hash identifier: UbFzX/CxroLQPhe2c4ynViKTu15Zs0MKcqpj4a9goDk=
Subject key identifier: C3:3D:5D:F3:B4:51:B0:7D:70:2B:11:A6:26:AF:C3:37:43:D7:B3:06
Certificate issuer: /CN=0ef250f66dd30c3b754430a85d53236f17331b7f
Certificate serial: 019421443702573E9F7B1C959488C377D3DD
Authority key identifier: 0E:F2:50:F6:6D:D3:0C:3B:75:44:30:A8:5D:53:23:6F:17:33:1B:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/wz1d87RRsH1wKxGmJq_DN0PXswY.roa
Signing time: Wed 01 Jan 2025 09:48:26 +0000
ROA not before: Wed 01 Jan 2025 09:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43885
IP address blocks: 31.210.144.0/22 maxlen: 22
37.143.120.0/21 maxlen: 21
91.200.116.0/22 maxlen: 22
185.60.40.0/22 maxlen: 22
185.211.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:37:02:57:3e:9f:7b:1c:95:94:88:c3:77:d3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef250f66dd30c3b754430a85d53236f17331b7f
Validity
Not Before: Jan 1 09:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c33d5df3b451b07d702b11a626afc33743d7b306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3d:72:b9:30:0d:1b:7c:4d:b3:ac:56:5b:62:
1f:93:01:69:63:ae:e8:de:e8:dc:4b:d4:88:46:f6:
a3:e3:76:23:a5:09:27:c3:d9:9c:49:d1:4b:11:53:
df:5d:ad:b6:6f:48:8e:19:49:7b:32:34:5d:23:54:
79:fb:20:a4:40:d7:fb:3d:13:d6:f2:d2:92:61:38:
c8:0d:ee:ca:65:c4:f7:43:b2:07:1a:0f:38:ed:f5:
3a:33:16:59:23:f5:62:b9:63:bb:3f:f9:09:e5:e6:
4d:92:9a:56:b0:2e:2c:3e:5f:f2:09:66:7d:a7:93:
de:57:b3:60:b9:a9:75:32:df:05:92:9d:33:0f:40:
c7:9a:5a:a8:15:4a:32:5f:82:1e:8d:b3:a9:b7:a9:
d8:4c:70:73:7f:4b:f7:13:75:8d:c4:68:29:44:70:
e5:94:5b:ff:42:92:56:23:f3:fc:99:bd:3b:d1:93:
47:49:03:4f:61:46:90:ec:0a:de:1f:2d:4d:3f:44:
d0:09:1b:19:d3:25:90:c6:b2:55:32:92:d2:fd:37:
00:91:cc:02:79:b4:db:b2:f3:e3:29:29:a0:13:08:
bf:f9:79:66:e2:df:7e:61:93:e1:55:e5:52:33:15:
e5:be:73:d3:2d:34:b8:1a:44:c2:98:ee:8b:d5:b4:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:3D:5D:F3:B4:51:B0:7D:70:2B:11:A6:26:AF:C3:37:43:D7:B3:06
X509v3 Authority Key Identifier:
keyid:0E:F2:50:F6:6D:D3:0C:3B:75:44:30:A8:5D:53:23:6F:17:33:1B:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/wz1d87RRsH1wKxGmJq_DN0PXswY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.144.0/22
37.143.120.0/21
91.200.116.0/22
185.60.40.0/22
185.211.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:7d:17:ad:12:c8:71:d3:ef:11:8d:1a:d7:90:98:41:71:12:
f5:4a:4d:c7:4d:6a:f8:83:63:9f:09:80:1a:d9:93:31:e5:58:
54:c5:9c:2f:36:83:0a:f5:2c:2c:94:1d:83:09:1c:f0:42:e0:
08:97:41:f3:a1:99:c9:b3:2a:a3:2b:f7:b8:83:46:df:b0:bd:
0c:45:32:4a:42:a1:72:de:a3:ce:4f:fe:2b:cd:d3:dc:c6:50:
6c:4a:23:1c:45:76:0f:a9:61:78:60:f7:25:18:9f:11:21:03:
b8:11:51:18:13:94:ac:d0:af:8c:79:fb:87:0b:a9:ea:9a:a7:
28:13:10:6d:28:d8:f4:07:29:09:71:08:27:a8:d8:d5:3a:9a:
92:d9:e0:45:42:73:69:06:a9:78:9e:83:b3:56:0f:fd:00:60:
6e:54:f1:34:00:c0:a8:5a:93:db:06:a1:3a:aa:a3:6b:f5:59:
31:9c:c8:04:a6:48:86:c4:ff:31:f2:e4:ab:5c:81:58:27:7b:
91:8d:a6:a7:20:ac:9f:ed:bc:d9:d0:e8:f5:fc:5b:69:e8:fc:
02:4a:4a:a0:0d:cc:0e:ce:81:d7:de:b3:ea:1d:23:33:f0:e9:
6b:0b:02:0b:e6:05:2b:4d:ae:9c:92:99:4c:ca:64:ea:c6:b0:
34:12:39:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhRDcCVz6fexyVlIjDd9PdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjI1MGY2NmRkMzBjM2I3NTQ0MzBhODVkNTMyMzZmMTcz
MzFiN2YwHhcNMjUwMTAxMDk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzNkNWRmM2I0NTFiMDdkNzAyYjExYTYyNmFmYzMzNzQzZDdiMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj1yuTANG3xNs6xWW2IfkwFpY67o
3ujcS9SIRvaj43YjpQknw9mcSdFLEVPfXa22b0iOGUl7MjRdI1R5+yCkQNf7PRPW
8tKSYTjIDe7KZcT3Q7IHGg847fU6MxZZI/ViuWO7P/kJ5eZNkppWsC4sPl/yCWZ9
p5PeV7Ngual1Mt8Fkp0zD0DHmlqoFUoyX4IejbOpt6nYTHBzf0v3E3WNxGgpRHDl
lFv/QpJWI/P8mb070ZNHSQNPYUaQ7AreHy1NP0TQCRsZ0yWQxrJVMpLS/TcAkcwC
ebTbsvPjKSmgEwi/+Xlm4t9+YZPhVeVSMxXlvnPTLTS4GkTCmO6L1bRD/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMM9XfO0UbB9cCsRpiavwzdD17MGMB8GA1UdIwQY
MBaAFA7yUPZt0ww7dUQwqF1TI28XMxt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZKUTltM1RERHQxUkRDb1hWTWpieGN6RzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85OTlkZDMtODhmNy00MmMyLWFmZjUt
ODFkNWFhYzAzNDk2LzEvd3oxZDg3UlJzSDF3S3hHbUpxX0ROMFBYc3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85OTlkZDMtODhmNy00MmMyLWFmZjUtODFkNWFhYzAzNDk2
LzEvRHZKUTltM1RERHQxUkRDb1hWTWpieGN6RzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH9KQAwQD
JY94AwQCW8h0AwQCuTwoAwQCudPEMA0GCSqGSIb3DQEBCwUAA4IBAQCpfRetEshx
0+8RjRrXkJhBcRL1Sk3HTWr4g2OfCYAa2ZMx5VhUxZwvNoMK9SwslB2DCRzwQuAI
l0HzoZnJsyqjK/e4g0bfsL0MRTJKQqFy3qPOT/4rzdPcxlBsSiMcRXYPqWF4YPcl
GJ8RIQO4EVEYE5Ss0K+MefuHC6nqmqcoExBtKNj0BykJcQgnqNjVOpqS2eBFQnNp
Bql4noOzVg/9AGBuVPE0AMCoWpPbBqE6qqNr9VkxnMgEpkiGxP8x8uSrXIFYJ3uR
jaanIKyf7bzZ0Oj1/Ftp6PwCSkqgDcwOzoHX3rPqHSMz8OlrCwIL5gUrTa6ckplM
ymTqxrA0Ejkw
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:01:04 2025 by rpki-client