Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/oWWO6Pva3OKGYV4SbuU_A-N5y1U.roa
File: oWWO6Pva3OKGYV4SbuU_A-N5y1U.roa (raw, json)
Hash identifier: wiPRw1JJ6JQ3Y/GXPGUGO3wdWm/JMB2trum1N3IbVAQ=
Subject key identifier: A1:65:8E:E8:FB:DA:DC:E2:86:61:5E:12:6E:E5:3F:03:E3:79:CB:55
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745D27F1A279287140A262E208C88F8
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/oWWO6Pva3OKGYV4SbuU_A-N5y1U.roa
Signing time: Thu 02 Jan 2025 13:47:54 +0000
ROA not before: Thu 02 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d2:7f:1a:27:92:87:14:0a:26:2e:20:8c:88:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1658ee8fbdadce286615e126ee53f03e379cb55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:99:3b:d0:79:a5:b1:20:ca:0f:19:26:d0:3a:
4a:74:45:cf:7a:02:4c:9b:32:df:76:23:ae:84:06:
b8:1c:d8:b6:53:2e:01:39:dd:2d:01:9d:e4:7b:16:
0f:98:5f:61:7a:e3:d1:53:28:78:c8:73:24:5c:c2:
dd:db:6d:80:31:95:3b:80:61:a5:f9:cf:38:e8:9d:
dd:8b:ea:3d:94:30:2e:11:3b:0d:a4:d2:c7:ee:4d:
e2:7f:d6:e6:d7:e5:8b:b4:da:f5:b6:c5:03:69:2d:
27:f2:7b:cb:3c:44:85:5b:3e:4a:c1:43:22:06:d7:
ed:a1:7d:77:41:87:16:eb:4a:b8:b3:11:15:63:b0:
9a:72:54:cc:3b:27:bb:f7:05:16:2c:b9:3f:2f:bc:
1b:f0:62:f3:96:b9:f4:6e:91:03:54:56:f5:66:27:
d2:33:b1:86:25:da:1c:a2:aa:b1:1e:bb:f8:92:fd:
51:a3:89:5b:2d:c0:da:ce:b0:26:dc:e5:67:cf:20:
25:d6:2e:f0:b4:04:db:ea:70:93:39:e0:47:fb:db:
6f:43:85:19:00:cc:ab:73:2e:49:3e:10:a2:66:22:
42:a2:ce:6c:7b:17:a0:53:ac:e1:cb:87:e7:15:b7:
79:6f:af:50:b7:24:44:1f:5e:f7:36:7d:92:92:e1:
11:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:65:8E:E8:FB:DA:DC:E2:86:61:5E:12:6E:E5:3F:03:E3:79:CB:55
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/oWWO6Pva3OKGYV4SbuU_A-N5y1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.152.0/24
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
21:b9:69:71:11:34:5c:e4:2a:37:d4:08:d5:d3:f6:24:d2:e2:
49:81:e1:ec:23:db:3e:30:40:f8:05:c4:38:c3:21:3a:7e:a5:
3c:c1:69:2c:ce:2c:1f:d8:cc:0e:8f:c9:6a:64:e9:ad:d0:5f:
9d:04:2b:07:e7:28:4d:45:34:5d:3d:43:83:1c:ed:5c:35:db:
f2:4c:50:f3:ea:19:8e:f3:20:dd:91:65:71:75:9c:bf:33:ab:
25:4c:34:aa:74:ab:86:83:0d:e7:15:18:ba:cd:f0:4a:56:dd:
3a:79:35:3a:55:76:c8:90:ba:10:ff:d7:16:d5:8c:ff:d2:b1:
f1:94:66:cd:5d:de:00:af:50:c4:a0:ba:3a:5f:de:25:b6:c1:
0b:09:0b:f4:ad:37:de:b7:e9:ed:46:5b:30:90:27:88:cb:1a:
cd:a7:eb:8d:b9:19:48:2c:c1:fe:01:09:15:96:93:7d:5d:6a:
71:41:36:b3:9a:f8:66:68:ca:ec:b7:f8:2b:ac:fb:f3:27:d7:
8e:18:d4:ac:0d:35:8f:70:4d:57:5c:79:cd:a7:d6:2d:57:bd:
2b:6f:9e:24:c6:8e:49:c6:a7:93:69:eb:76:62:89:3f:a5:cd:
83:4c:69:4d:7e:b4:88:27:40:02:4d:60:ee:e8:86:70:44:05:
7c:a7:3f:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnRdJ/GieShxQKJi4gjIj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY1OGVlOGZiZGFkY2UyODY2MTVlMTI2ZWU1M2YwM2UzNzljYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupk70HmlsSDKDxkm0DpKdEXPegJM
mzLfdiOuhAa4HNi2Uy4BOd0tAZ3kexYPmF9heuPRUyh4yHMkXMLd222AMZU7gGGl
+c846J3di+o9lDAuETsNpNLH7k3if9bm1+WLtNr1tsUDaS0n8nvLPESFWz5KwUMi
BtftoX13QYcW60q4sxEVY7CaclTMOye79wUWLLk/L7wb8GLzlrn0bpEDVFb1ZifS
M7GGJdocoqqxHrv4kv1Ro4lbLcDazrAm3OVnzyAl1i7wtATb6nCTOeBH+9tvQ4UZ
AMyrcy5JPhCiZiJCos5sexegU6zhy4fnFbd5b69QtyREH173Nn2SkuERZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFljuj72tzihmFeEm7lPwPjectVMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvb1dXTzZQdmEzT0tHWVY0U2J1VV9BLU41eTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfyOAwQA
WfyYAwQAWfydAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQAhuWlxETRc5Co31AjV
0/Yk0uJJgeHsI9s+MED4BcQ4wyE6fqU8wWksziwf2MwOj8lqZOmt0F+dBCsH5yhN
RTRdPUODHO1cNdvyTFDz6hmO8yDdkWVxdZy/M6slTDSqdKuGgw3nFRi6zfBKVt06
eTU6VXbIkLoQ/9cW1Yz/0rHxlGbNXd4Ar1DEoLo6X94ltsELCQv0rTfet+ntRlsw
kCeIyxrNp+uNuRlILMH+AQkVlpN9XWpxQTazmvhmaMrst/grrPvzJ9eOGNSsDTWP
cE1XXHnNp9YtV70rb54kxo5JxqeTaet2Yok/pc2DTGlNfrSIJ0ACTWDu6IZwRAV8
pz9h
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:29:53 2025 by rpki-client