Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/wkRan0gCCPqjhSya1MCejtYVUwQ.roa
File: wkRan0gCCPqjhSya1MCejtYVUwQ.roa (raw, json)
Hash identifier: CcC9CLeeg2oAb+UFqiFxA3SwU8cWbyT2GAOTTlHtPbo=
Subject key identifier: C2:44:5A:9F:48:02:08:FA:A3:85:2C:9A:D4:C0:9E:8E:D6:15:53:04
Certificate issuer: /CN=0f92c52f86009879c177092f7cd83418b4df8cab
Certificate serial: 01942747D3F395655D15A17B8C260F82CB0F
Authority key identifier: 0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/wkRan0gCCPqjhSya1MCejtYVUwQ.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 81.28.112.0/20 maxlen: 24
82.212.64.0/18 maxlen: 24
185.175.248.0/22 maxlen: 24
188.123.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d3:f3:95:65:5d:15:a1:7b:8c:26:0f:82:cb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f92c52f86009879c177092f7cd83418b4df8cab
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2445a9f480208faa3852c9ad4c09e8ed6155304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:58:99:7e:22:82:22:89:77:81:d8:9f:4b:83:
57:7a:a8:cd:11:e2:8f:3c:83:32:57:24:ae:54:8c:
9d:85:69:79:6d:68:ca:02:4e:40:40:12:17:26:31:
a0:a4:ef:96:31:e1:b9:22:88:26:fa:31:91:06:d5:
4e:f1:f1:3b:ed:43:79:20:1b:45:e1:bd:36:e6:f5:
23:a2:30:c2:c4:92:ac:35:d7:95:08:66:19:7a:87:
da:90:dc:15:78:14:0d:f9:83:2f:23:3b:04:e7:b0:
20:10:ac:c1:a1:39:37:bd:3d:ec:8d:72:66:14:8d:
cc:c3:c1:6e:a4:a7:b5:4a:d5:59:b9:4e:83:53:e1:
2a:3a:8b:39:de:78:87:16:e7:23:01:63:7c:f0:0e:
cf:91:ab:c8:8d:c8:ad:79:82:9c:36:16:ef:c3:ab:
1e:87:9d:e0:40:99:4f:9c:72:48:3c:6e:3e:af:d1:
e5:aa:48:5e:bf:7e:7c:4a:64:05:13:15:1d:2a:6c:
a5:d6:56:a3:3f:16:00:2f:f5:f8:f7:63:3e:a6:89:
cd:0d:84:0c:2b:45:1f:20:8c:97:07:2e:3b:e0:6a:
8b:61:60:37:48:ca:35:01:ec:b1:b3:9c:82:72:e3:
11:b8:2e:d1:a4:b5:b6:b2:0a:c8:d4:d7:b6:ec:df:
bd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:44:5A:9F:48:02:08:FA:A3:85:2C:9A:D4:C0:9E:8E:D6:15:53:04
X509v3 Authority Key Identifier:
keyid:0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/wkRan0gCCPqjhSya1MCejtYVUwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.112.0/20
82.212.64.0/18
185.175.248.0/22
188.123.160.0/19
Signature Algorithm: sha256WithRSAEncryption
02:1f:af:af:82:e5:f0:35:24:a1:9b:b5:2a:72:84:f1:01:8f:
65:14:51:6a:77:87:64:73:9a:04:a7:90:94:08:f0:19:c7:57:
ae:48:9c:2d:31:a7:79:cc:bc:e0:1c:b3:34:7a:35:b5:42:dc:
ad:58:89:81:58:0a:24:48:5b:d7:76:eb:82:66:02:8e:c4:ae:
02:9a:89:bb:4a:60:1f:71:06:34:21:e8:1f:20:3b:d8:6a:b7:
21:6c:6e:a6:8b:de:7e:f5:be:3d:8a:75:af:48:5b:9d:83:83:
9e:00:6b:05:49:62:3b:37:11:77:5d:bf:06:c9:40:4f:bc:ac:
be:18:3f:90:d5:48:14:80:08:e8:3b:b5:b4:a9:35:90:2c:7c:
7e:41:d0:0e:88:88:b5:ab:70:ed:b6:a2:a8:1e:0f:19:05:d3:
7b:51:2a:f7:b0:30:44:af:73:be:3a:34:05:31:f7:ac:1f:1c:
b5:b0:53:99:a4:f8:d4:bd:90:9f:e8:0c:fd:4d:a6:0b:19:ef:
f2:1e:4a:e2:ce:02:43:08:8f:35:70:dd:31:59:14:4c:c5:df:
9e:52:9e:c2:0c:1e:fd:18:69:33:a0:8c:cc:8e:13:c2:2f:7a:
fd:3f:ee:d0:b0:de:53:48:5e:30:fb:c1:9d:47:2e:4d:91:c7:
17:44:1a:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnR9PzlWVdFaF7jCYPgssPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTJjNTJmODYwMDk4NzljMTc3MDkyZjdjZDgzNDE4YjRk
ZjhjYWIwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ0NWE5ZjQ4MDIwOGZhYTM4NTJjOWFkNGMwOWU4ZWQ2MTU1MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxliZfiKCIol3gdifS4NXeqjNEeKP
PIMyVySuVIydhWl5bWjKAk5AQBIXJjGgpO+WMeG5Iogm+jGRBtVO8fE77UN5IBtF
4b025vUjojDCxJKsNdeVCGYZeofakNwVeBQN+YMvIzsE57AgEKzBoTk3vT3sjXJm
FI3Mw8FupKe1StVZuU6DU+EqOos53niHFucjAWN88A7PkavIjciteYKcNhbvw6se
h53gQJlPnHJIPG4+r9Hlqkhev358SmQFExUdKmyl1lajPxYAL/X492M+ponNDYQM
K0UfIIyXBy474GqLYWA3SMo1Aeyxs5yCcuMRuC7RpLW2sgrI1Ne27N+9PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMJEWp9IAgj6o4UsmtTAno7WFVMEMB8GA1UdIwQY
MBaAFA+SxS+GAJh5wXcJL3zYNBi034yrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWIt
MGJlMjA5ZmZiYWVjLzEvd2tSYW4wZ0NDUHFqaFN5YTFNQ2VqdFlWVXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWItMGJlMjA5ZmZiYWVj
LzEvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEURxwAwQG
UtRAAwQCua/4AwQFvHugMA0GCSqGSIb3DQEBCwUAA4IBAQACH6+vguXwNSShm7Uq
coTxAY9lFFFqd4dkc5oEp5CUCPAZx1euSJwtMad5zLzgHLM0ejW1QtytWImBWAok
SFvXduuCZgKOxK4Cmom7SmAfcQY0IegfIDvYarchbG6mi95+9b49inWvSFudg4Oe
AGsFSWI7NxF3Xb8GyUBPvKy+GD+Q1UgUgAjoO7W0qTWQLHx+QdAOiIi1q3DttqKo
Hg8ZBdN7USr3sDBEr3O+OjQFMfesHxy1sFOZpPjUvZCf6Az9TaYLGe/yHkrizgJD
CI81cN0xWRRMxd+eUp7CDB79GGkzoIzMjhPCL3r9P+7QsN5TSF4w+8GdRy5NkccX
RBqb
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:34:44 2025 by rpki-client