Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_WXNgxKtAk-_IqWSseGvcYdCxuY.roa
File: _WXNgxKtAk-_IqWSseGvcYdCxuY.roa (raw, json)
Hash identifier: Q9sj6XzSL0evfQFks9MtHwc90Tu+JKnLA5bSNQy6UIg=
Subject key identifier: FD:65:CD:83:12:AD:02:4F:BF:22:A5:92:B1:E1:AF:71:87:42:C6:E6
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBB0645ED0F17D6B2E25001CB8DE95
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_WXNgxKtAk-_IqWSseGvcYdCxuY.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36618
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b0:64:5e:d0:f1:7d:6b:2e:25:00:1c:b8:de:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd65cd8312ad024fbf22a592b1e1af718742c6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6f:a6:a9:96:c4:87:e9:52:02:18:47:ca:fd:
14:1b:e0:ca:1e:43:f6:3e:19:fd:a4:68:72:4b:12:
32:b7:1d:23:7d:5f:47:1b:75:de:3d:2c:ae:8f:3c:
eb:24:5d:78:19:b7:c4:ca:38:b9:ea:20:da:48:24:
25:a0:b2:21:04:a5:94:4a:4f:95:89:b8:c8:38:65:
fe:bf:96:cf:eb:27:51:21:91:c0:30:4e:b2:75:b6:
6e:38:9c:e0:dd:6a:90:d8:ed:1d:92:38:50:22:26:
3a:88:45:2e:27:37:39:c7:b4:47:7b:bd:60:dc:fa:
95:2d:8e:ba:15:fa:f2:82:7d:fd:b6:e3:94:16:15:
3c:34:b3:e6:8f:58:b0:9b:a0:77:96:9a:e1:79:d0:
69:11:62:2e:b5:1f:c0:39:b6:02:5f:6c:ac:5f:b7:
c7:51:9d:e6:17:d8:fe:3a:b6:1b:a3:65:17:c5:fb:
b4:e5:df:69:f4:6c:ea:03:0d:1e:a4:d0:67:45:be:
d1:17:1d:19:53:da:37:2b:57:40:c4:97:45:4d:1b:
a0:1b:57:b6:a4:3b:39:be:b3:9c:aa:dc:d4:ac:b1:
3e:e4:72:97:e6:7b:6f:2c:99:b5:00:94:fb:50:e1:
fd:8a:6f:ed:f0:22:30:1b:6e:11:2c:90:78:f5:53:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:65:CD:83:12:AD:02:4F:BF:22:A5:92:B1:E1:AF:71:87:42:C6:E6
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_WXNgxKtAk-_IqWSseGvcYdCxuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
4d:9f:09:c3:2a:0f:fe:6f:ee:ad:bf:2b:4b:fe:bf:8f:af:f1:
60:39:41:9d:b3:18:77:d4:50:f3:3f:ee:b0:25:59:aa:08:c9:
4b:bd:2e:da:61:c2:49:a9:55:e2:92:8d:de:b8:82:08:71:5f:
93:36:03:1a:a5:96:35:24:ef:32:fc:23:fd:ab:5a:1f:81:d3:
10:f1:7d:43:06:9d:cb:62:77:8b:8e:b7:08:5e:79:5b:d7:49:
31:a1:89:3d:a8:02:7f:97:8f:f3:65:86:52:6f:90:29:4d:c4:
9c:97:20:3d:0a:42:97:63:d5:fa:a5:e4:5e:65:21:5e:f5:f9:
3a:f4:a8:02:22:59:fb:57:b6:7b:6c:e5:82:9a:d3:69:6a:7b:
c5:2c:94:bf:f5:93:c0:3f:86:c1:ee:7f:02:8f:60:32:1e:59:
22:fa:82:a6:23:aa:df:4d:82:5f:a1:c5:a7:4d:41:46:2e:89:
1b:7c:ee:ab:ee:cf:51:1d:6e:ab:e4:8b:e2:95:4e:20:2b:30:
15:27:ff:21:5a:bf:80:38:2a:ea:47:23:67:bd:03:07:e6:4c:
73:79:8f:22:75:a7:e8:d0:54:8d:c5:6c:66:0f:51:53:96:e9:
e2:6d:d5:a0:39:16:01:21:69:1f:ad:23:58:15:2b:4f:d4:63:
67:6f:e0:8c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+7BkXtDxfWsuJQAcuN6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY1Y2Q4MzEyYWQwMjRmYmYyMmE1OTJiMWUxYWY3MTg3NDJjNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG+mqZbEh+lSAhhHyv0UG+DKHkP2
Phn9pGhySxIytx0jfV9HG3XePSyujzzrJF14GbfEyji56iDaSCQloLIhBKWUSk+V
ibjIOGX+v5bP6ydRIZHAME6ydbZuOJzg3WqQ2O0dkjhQIiY6iEUuJzc5x7RHe71g
3PqVLY66Ffrygn39tuOUFhU8NLPmj1iwm6B3lprhedBpEWIutR/AObYCX2ysX7fH
UZ3mF9j+OrYbo2UXxfu05d9p9GzqAw0epNBnRb7RFx0ZU9o3K1dAxJdFTRugG1e2
pDs5vrOcqtzUrLE+5HKX5ntvLJm1AJT7UOH9im/t8CIwG24RLJB49VM7KwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP1lzYMSrQJPvyKlkrHhr3GHQsbmMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvX1dYTmd4S3RBay1fSXFXU3NlR3ZjWWRDeHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAE2fCcMqD/5v7q2/K0v+v4+v8WA5QZ2z
GHfUUPM/7rAlWaoIyUu9LtphwkmpVeKSjd64gghxX5M2AxqlljUk7zL8I/2rWh+B
0xDxfUMGnctid4uOtwheeVvXSTGhiT2oAn+Xj/NlhlJvkClNxJyXID0KQpdj1fql
5F5lIV71+Tr0qAIiWftXtnts5YKa02lqe8UslL/1k8A/hsHufwKPYDIeWSL6gqYj
qt9Ngl+hxadNQUYuiRt87qvuz1Edbqvki+KVTiArMBUn/yFav4A4KupHI2e9Awfm
THN5jyJ1p+jQVI3FbGYPUVOW6eJt1aA5FgEhaR+tI1gVK0/UY2dv4Iw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:18 2025 by rpki-client