Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/wmFwOwWe4TE9uLkEByUtzshEopU.roa
File: wmFwOwWe4TE9uLkEByUtzshEopU.roa (raw, json)
Hash identifier: QBlI2HpuFwgzwXYHTq+pMuExi7xAAtXFZ+n0JdzIy8U=
Subject key identifier: C2:61:70:3B:05:9E:E1:31:3D:B8:B9:04:07:25:2D:CE:C8:44:A2:95
Certificate issuer: /CN=75cb91b539fd7de8ac5538caf53bbf2fac1bb259
Certificate serial: 0194266BCF262D84D33AA20FCF7AB48DE305
Authority key identifier: 75:CB:91:B5:39:FD:7D:E8:AC:55:38:CA:F5:3B:BF:2F:AC:1B:B2:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dcuRtTn9feisVTjK9Tu_L6wbslk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/wmFwOwWe4TE9uLkEByUtzshEopU.roa
Signing time: Thu 02 Jan 2025 09:49:47 +0000
ROA not before: Thu 02 Jan 2025 09:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41660
IP address blocks: 193.219.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/dcuRtTn9feisVTjK9Tu_L6wbslk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/dcuRtTn9feisVTjK9Tu_L6wbslk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dcuRtTn9feisVTjK9Tu_L6wbslk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:cf:26:2d:84:d3:3a:a2:0f:cf:7a:b4:8d:e3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75cb91b539fd7de8ac5538caf53bbf2fac1bb259
Validity
Not Before: Jan 2 09:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c261703b059ee1313db8b90407252dcec844a295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b6:66:f1:ca:2d:a0:3c:84:81:98:4b:45:4a:
29:28:f5:25:58:24:ec:36:e7:be:8a:19:bb:69:47:
4c:f4:b3:a9:e9:13:23:fa:a3:59:07:72:fe:85:45:
8d:ae:d3:f3:6b:ec:86:07:30:2a:f7:c3:9b:5d:46:
35:65:0e:51:c8:7b:30:6d:e6:df:8a:b6:ad:8d:47:
19:82:e2:49:0b:92:53:d6:b9:d2:14:13:bb:a4:6a:
49:29:f5:56:52:81:cc:cc:37:32:74:8e:bd:ec:c3:
e3:44:98:c4:58:92:5b:e9:4a:6c:9d:9c:a7:6c:9c:
a8:cc:ea:ae:56:58:8e:a6:05:db:5c:6c:01:82:4a:
e1:bf:40:69:5f:63:b8:89:3d:19:f4:41:1a:78:c5:
96:be:d3:83:c7:98:ab:60:5a:79:1d:f3:25:13:06:
66:07:bb:0d:af:69:1b:09:34:13:e9:74:49:91:56:
59:82:7d:4c:c5:3b:4a:ca:27:2e:b9:31:1c:10:59:
b3:aa:38:90:86:55:bd:06:d1:bf:bf:c4:a4:d4:74:
76:64:90:14:fc:5e:6c:b2:51:0d:02:11:b8:29:49:
9c:43:17:a9:05:41:d1:81:e6:1f:06:a8:ce:07:9e:
67:3a:2f:77:a7:04:1c:3a:99:65:8a:a4:34:a9:92:
71:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:61:70:3B:05:9E:E1:31:3D:B8:B9:04:07:25:2D:CE:C8:44:A2:95
X509v3 Authority Key Identifier:
keyid:75:CB:91:B5:39:FD:7D:E8:AC:55:38:CA:F5:3B:BF:2F:AC:1B:B2:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dcuRtTn9feisVTjK9Tu_L6wbslk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/wmFwOwWe4TE9uLkEByUtzshEopU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/b3d25c-45ba-433f-8824-17e0a6869ced/1/dcuRtTn9feisVTjK9Tu_L6wbslk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.114.0/24
Signature Algorithm: sha256WithRSAEncryption
95:1f:73:65:b0:c1:9b:6a:53:94:c4:1b:56:9e:07:25:bd:67:
0a:d0:2f:ee:2a:22:dd:cd:53:f8:b8:ba:da:5a:9f:f8:fc:97:
fd:cf:e1:54:2e:a4:01:5c:bb:17:1d:97:5d:c3:7f:7a:cf:0c:
3e:46:26:40:ef:99:5e:cb:1f:d3:55:7f:c9:dc:2b:be:55:4b:
07:6e:c6:9f:bb:8b:fd:af:6f:59:dd:01:4f:b3:8e:e0:b3:db:
00:db:a2:09:e5:ec:c1:13:70:82:84:45:35:43:86:39:29:e2:
a1:fb:cc:8e:c2:44:2f:f5:6f:b8:61:fa:f0:c8:90:30:cf:9b:
32:91:6c:0e:30:93:d2:37:02:62:55:34:16:d7:3d:12:39:3a:
a1:ef:7f:08:14:d2:6d:55:8b:ff:a5:1c:6f:38:b7:e0:1a:67:
cb:79:c0:6a:e7:d1:d2:de:cb:af:87:52:85:d3:6e:88:a3:77:
71:59:a6:1c:df:c9:b2:44:61:58:a2:55:c5:e8:53:e7:e7:ca:
d8:35:ba:e0:ef:23:ec:ac:ec:6f:e6:69:00:71:9a:3a:30:37:
9e:ce:a7:4d:19:c5:8e:97:d0:93:f4:0c:3e:ec:9e:89:49:e2:
81:00:73:4b:d2:f7:b1:31:76:10:d2:8a:77:85:55:06:bf:12:
89:5b:8b:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma88mLYTTOqIPz3q0jeMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Y2I5MWI1MzlmZDdkZThhYzU1MzhjYWY1M2JiZjJmYWMx
YmIyNTkwHhcNMjUwMTAyMDk0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjYxNzAzYjA1OWVlMTMxM2RiOGI5MDQwNzI1MmRjZWM4NDRhMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrZm8cotoDyEgZhLRUopKPUlWCTs
Nue+ihm7aUdM9LOp6RMj+qNZB3L+hUWNrtPza+yGBzAq98ObXUY1ZQ5RyHswbebf
iratjUcZguJJC5JT1rnSFBO7pGpJKfVWUoHMzDcydI697MPjRJjEWJJb6UpsnZyn
bJyozOquVliOpgXbXGwBgkrhv0BpX2O4iT0Z9EEaeMWWvtODx5irYFp5HfMlEwZm
B7sNr2kbCTQT6XRJkVZZgn1MxTtKyicuuTEcEFmzqjiQhlW9BtG/v8Sk1HR2ZJAU
/F5sslENAhG4KUmcQxepBUHRgeYfBqjOB55nOi93pwQcOplliqQ0qZJxJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJhcDsFnuExPbi5BAclLc7IRKKVMB8GA1UdIwQY
MBaAFHXLkbU5/X3orFU4yvU7vy+sG7JZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGN1UnRUbjlmZWlzVlRqSzlUdV9MNndic2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9iM2QyNWMtNDViYS00MzNmLTg4MjQt
MTdlMGE2ODY5Y2VkLzEvd21Gd093V2U0VEU5dUxrRUJ5VXR6c2hFb3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9iM2QyNWMtNDViYS00MzNmLTg4MjQtMTdlMGE2ODY5Y2Vk
LzEvZGN1UnRUbjlmZWlzVlRqSzlUdV9MNndic2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwdtyMA0G
CSqGSIb3DQEBCwUAA4IBAQCVH3NlsMGbalOUxBtWngclvWcK0C/uKiLdzVP4uLra
Wp/4/Jf9z+FULqQBXLsXHZddw396zww+RiZA75leyx/TVX/J3Cu+VUsHbsafu4v9
r29Z3QFPs47gs9sA26IJ5ezBE3CChEU1Q4Y5KeKh+8yOwkQv9W+4YfrwyJAwz5sy
kWwOMJPSNwJiVTQW1z0SOTqh738IFNJtVYv/pRxvOLfgGmfLecBq59HS3suvh1KF
026Io3dxWaYc38myRGFYolXF6FPn58rYNbrg7yPsrOxv5mkAcZo6MDeezqdNGcWO
l9CT9Aw+7J6JSeKBAHNL0vexMXYQ0op3hVUGvxKJW4ul
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:56 2025 by rpki-client