Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/W-gPHpmpBiVpNwoTM89LZF-6eKQ.roa
File: W-gPHpmpBiVpNwoTM89LZF-6eKQ.roa (raw, json)
Hash identifier: 1KJlUjxdJ+ruVUfDwdtSoFOvk+NECBzB6oYJ432Oeqo=
Subject key identifier: 5B:E8:0F:1E:99:A9:06:25:69:37:0A:13:33:CF:4B:64:5F:BA:78:A4
Certificate issuer: /CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Certificate serial: 019424B3870C50D8DB3489368330586D4BA7
Authority key identifier: BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/W-gPHpmpBiVpNwoTM89LZF-6eKQ.roa
Signing time: Thu 02 Jan 2025 01:48:52 +0000
ROA not before: Thu 02 Jan 2025 01:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209605
IP address blocks: 91.224.92.0/24 maxlen: 24
185.36.81.0/24 maxlen: 24
185.169.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 10:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:87:0c:50:d8:db:34:89:36:83:30:58:6d:4b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Validity
Not Before: Jan 2 01:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5be80f1e99a9062569370a1333cf4b645fba78a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d9:24:8f:dc:d1:ab:10:63:b3:d4:d7:00:5a:
a0:8d:b7:5b:92:59:d4:85:c9:3b:28:b3:81:e8:34:
55:40:75:ad:f8:1c:de:46:92:69:6f:71:64:e4:85:
1c:c5:72:e8:27:f3:ea:07:43:90:8f:e9:0d:cd:6c:
cc:6f:0c:67:fe:1f:a1:2e:79:70:66:5e:45:58:e0:
7f:47:ab:d2:72:77:68:00:bb:7c:e2:ca:8b:26:66:
81:4f:9d:6f:85:a3:7a:a5:da:be:d1:15:11:9b:c7:
3c:78:89:33:fb:f9:bc:65:62:3c:bf:dd:90:f8:10:
7b:f0:df:8a:88:ca:5a:64:a1:65:e6:ca:9a:ad:3b:
5d:b9:bf:44:d4:17:fd:96:34:21:a7:2a:3c:9d:de:
29:25:84:ba:9a:34:92:43:52:9a:11:50:db:6f:9d:
ab:95:e5:f5:23:34:df:8d:49:b8:dc:8b:a3:52:0d:
d9:5f:c7:90:64:e5:f9:21:92:8b:76:ea:49:3b:84:
2a:4b:25:fc:61:74:80:40:8a:80:58:ae:6e:31:da:
79:83:40:4b:44:d7:e7:e4:ec:28:7f:87:59:fa:3f:
c7:36:c3:c7:bd:da:5a:d2:dd:88:93:50:fc:90:c3:
18:a9:7c:8b:14:65:09:b6:d5:c7:b6:c3:3f:0c:02:
8d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E8:0F:1E:99:A9:06:25:69:37:0A:13:33:CF:4B:64:5F:BA:78:A4
X509v3 Authority Key Identifier:
keyid:BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/W-gPHpmpBiVpNwoTM89LZF-6eKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.92.0/24
185.36.81.0/24
185.169.4.0/24
Signature Algorithm: sha256WithRSAEncryption
83:40:fc:4d:26:da:7d:19:a6:fe:b2:0b:97:0d:38:8d:65:5a:
fa:2f:10:d0:25:60:5c:28:28:58:f8:be:e7:f8:e4:aa:e4:aa:
73:2d:6d:d2:d3:98:86:aa:6c:9e:ac:b7:9e:ae:4f:2b:82:04:
39:d1:7c:e8:63:6c:8b:32:e7:de:12:20:3f:e2:c3:67:dc:20:
bb:de:97:42:d7:34:0c:39:6e:b5:0e:d0:72:ce:4f:93:00:d2:
3f:be:fc:61:91:6b:be:93:b7:a8:b4:cb:8a:e9:66:e3:71:ff:
f4:18:e0:14:55:24:3b:fa:4e:59:ca:4c:f8:76:85:4f:61:34:
68:c3:9a:dd:2d:4e:a8:48:31:d6:bb:2c:a6:a8:83:f1:09:96:
23:5b:fc:d9:d7:cb:38:a5:73:71:38:74:1c:c1:04:ad:c9:37:
60:80:18:28:85:53:f7:f5:37:8d:e0:76:cc:52:6f:d1:9f:88:
c1:21:59:4f:a8:fc:11:31:1b:ed:c5:ca:2e:4f:3f:cd:94:28:
00:2b:17:27:14:c1:0d:c8:4d:08:d6:a1:35:46:cf:fd:c2:f7:
97:7d:ea:0a:9b:63:c0:fa:47:36:c1:9f:fc:ef:a0:1c:1c:a6:
94:47:39:7f:4e:ed:ea:31:7c:30:5d:c6:d5:70:bc:79:37:5f:
d0:b4:ab:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks4cMUNjbNIk2gzBYbUunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDlmYjE5MGY0YmQwZjU4MTVhOGU1NzlmMzY2YWQ1OGQ1
ZDQxZjkwHhcNMjUwMTAyMDE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU4MGYxZTk5YTkwNjI1NjkzNzBhMTMzM2NmNGI2NDVmYmE3OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkkj9zRqxBjs9TXAFqgjbdbklnU
hck7KLOB6DRVQHWt+BzeRpJpb3Fk5IUcxXLoJ/PqB0OQj+kNzWzMbwxn/h+hLnlw
Zl5FWOB/R6vScndoALt84sqLJmaBT51vhaN6pdq+0RURm8c8eIkz+/m8ZWI8v92Q
+BB78N+KiMpaZKFl5sqarTtdub9E1Bf9ljQhpyo8nd4pJYS6mjSSQ1KaEVDbb52r
leX1IzTfjUm43IujUg3ZX8eQZOX5IZKLdupJO4QqSyX8YXSAQIqAWK5uMdp5g0BL
RNfn5Owof4dZ+j/HNsPHvdpa0t2Ik1D8kMMYqXyLFGUJttXHtsM/DAKN/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFvoDx6ZqQYlaTcKEzPPS2RfunikMB8GA1UdIwQY
MBaAFL5J+xkPS9D1gVqOV582atWNXUH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDct
NWU2NTZmMWI0ODc2LzEvVy1nUEhwbXBCaVZwTndvVE04OUxaRi02ZUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDctNWU2NTZmMWI0ODc2
LzEvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+BcAwQA
uSRRAwQAuakEMA0GCSqGSIb3DQEBCwUAA4IBAQCDQPxNJtp9Gab+sguXDTiNZVr6
LxDQJWBcKChY+L7n+OSq5KpzLW3S05iGqmyerLeerk8rggQ50XzoY2yLMufeEiA/
4sNn3CC73pdC1zQMOW61DtByzk+TANI/vvxhkWu+k7eotMuK6Wbjcf/0GOAUVSQ7
+k5Zykz4doVPYTRow5rdLU6oSDHWuyymqIPxCZYjW/zZ18s4pXNxOHQcwQStyTdg
gBgohVP39TeN4HbMUm/Rn4jBIVlPqPwRMRvtxcouTz/NlCgAKxcnFMENyE0I1qE1
Rs/9wveXfeoKm2PA+kc2wZ/876AcHKaURzl/Tu3qMXwwXcbVcLx5N1/QtKse
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:24:42 2025 by rpki-client