Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/WW1zYqOtAv6xpztxCe41pJBmBcI.roa
File: WW1zYqOtAv6xpztxCe41pJBmBcI.roa (raw, json)
Hash identifier: ANkEAvSjUZh7Q55af7iPjLdQ2+UV7wXRW5HhuWBQ4lo=
Subject key identifier: 59:6D:73:62:A3:AD:02:FE:B1:A7:3B:71:09:EE:35:A4:90:66:05:C2
Certificate issuer: /CN=6b4cb3cd35efbc84f2a89a2f5d2c162c3d7ce15b
Certificate serial: 019421B1E4E319E64E439A28F8ADD7C7E039
Authority key identifier: 6B:4C:B3:CD:35:EF:BC:84:F2:A8:9A:2F:5D:2C:16:2C:3D:7C:E1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0yzzTXvvITyqJovXSwWLD184Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/WW1zYqOtAv6xpztxCe41pJBmBcI.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44968
IP address blocks: 195.5.165.0/24 maxlen: 24
2001:67c:149c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/a0yzzTXvvITyqJovXSwWLD184Vs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/a0yzzTXvvITyqJovXSwWLD184Vs.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0yzzTXvvITyqJovXSwWLD184Vs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:e3:19:e6:4e:43:9a:28:f8:ad:d7:c7:e0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4cb3cd35efbc84f2a89a2f5d2c162c3d7ce15b
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=596d7362a3ad02feb1a73b7109ee35a4906605c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d9:e1:08:cd:77:9d:d3:79:92:5b:a9:6d:18:
60:67:2c:db:59:49:c8:60:b1:76:ec:f9:63:0c:3a:
8a:27:86:79:59:27:08:82:85:b0:f4:20:74:b9:c7:
ea:77:98:81:01:db:ee:ae:9c:9b:bd:78:5b:73:27:
7e:d1:6c:50:29:bb:99:fe:64:dd:58:0d:b8:a5:6e:
5f:7b:15:98:55:87:5d:f9:db:fb:87:5d:c0:3b:30:
c6:c5:17:58:19:0f:2e:a8:64:4d:da:3b:b8:23:07:
47:e5:74:df:98:26:92:1f:39:25:ff:d6:66:11:e8:
9e:0c:4d:5a:16:e7:69:33:a4:db:62:66:6c:fe:ce:
53:70:9b:31:8b:27:92:c7:cb:23:66:7a:64:7d:06:
fc:4e:a4:85:7e:b3:5a:ce:08:42:0a:6a:3f:a2:6c:
7f:47:f7:98:f4:a3:36:4e:d7:54:c3:43:9e:75:b2:
b3:26:d7:04:a8:23:cc:f8:b0:54:67:a4:69:fd:25:
9a:39:78:95:33:b0:eb:6f:ac:f0:63:bf:6d:d0:80:
03:a4:c1:1f:c6:68:cd:c4:d9:c3:97:3f:7d:41:95:
cc:30:54:98:a4:23:a5:de:a5:6e:b8:d7:88:1a:d4:
22:d6:eb:be:c0:7a:3a:79:90:c4:9e:ad:dd:19:cd:
ef:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:6D:73:62:A3:AD:02:FE:B1:A7:3B:71:09:EE:35:A4:90:66:05:C2
X509v3 Authority Key Identifier:
keyid:6B:4C:B3:CD:35:EF:BC:84:F2:A8:9A:2F:5D:2C:16:2C:3D:7C:E1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0yzzTXvvITyqJovXSwWLD184Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/WW1zYqOtAv6xpztxCe41pJBmBcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c69493-5264-49a4-b4da-63ae74bb203b/1/a0yzzTXvvITyqJovXSwWLD184Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.165.0/24
IPv6:
2001:67c:149c::/48
Signature Algorithm: sha256WithRSAEncryption
49:6a:73:90:97:15:0f:4b:bd:dd:30:b6:17:63:e2:f5:40:6c:
91:c0:72:d5:21:0f:16:68:e6:6a:b8:5f:0e:54:86:ad:1f:a5:
db:ed:31:bf:3c:e1:99:31:91:2e:f3:2b:2d:17:8a:84:be:43:
e5:e6:c9:5b:58:61:19:ea:80:74:cf:43:f8:4a:68:04:14:8a:
ab:24:d5:48:af:6b:54:a3:04:2b:48:d8:2d:66:f6:d9:c1:3e:
95:f3:c4:d2:a3:c4:e7:fc:1a:b2:3e:6c:d7:02:70:2c:57:85:
e0:b3:07:52:70:fa:b6:cd:ae:9a:33:1e:aa:c1:cb:2a:01:e5:
8f:de:f1:0b:aa:09:41:60:21:24:5f:b1:6b:6e:8e:b7:70:7f:
95:35:85:1d:80:b8:55:bd:40:ea:26:82:f5:9a:4f:bf:99:f7:
1a:15:3f:38:82:03:85:f3:18:09:73:ed:99:23:fa:10:42:fe:
b3:d0:8b:40:98:c4:1b:49:ad:6c:69:08:82:fc:3a:5f:b9:df:
1a:a4:58:a6:83:b9:f5:6b:6e:ea:64:0a:0d:cb:38:58:92:be:
d1:e6:92:ac:75:d0:cc:f0:fc:ce:8b:df:b2:2e:f9:da:7b:62:
7a:58:d6:29:5d:21:41:e1:57:d4:19:ef:47:b8:a6:a8:29:13:
4d:f5:56:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhseTjGeZOQ5oo+K3Xx+A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGNiM2NkMzVlZmJjODRmMmE4OWEyZjVkMmMxNjJjM2Q3
Y2UxNWIwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTZkNzM2MmEzYWQwMmZlYjFhNzNiNzEwOWVlMzVhNDkwNjYwNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dnhCM13ndN5klupbRhgZyzbWUnI
YLF27PljDDqKJ4Z5WScIgoWw9CB0ucfqd5iBAdvurpybvXhbcyd+0WxQKbuZ/mTd
WA24pW5fexWYVYdd+dv7h13AOzDGxRdYGQ8uqGRN2ju4IwdH5XTfmCaSHzkl/9Zm
EeieDE1aFudpM6TbYmZs/s5TcJsxiyeSx8sjZnpkfQb8TqSFfrNazghCCmo/omx/
R/eY9KM2TtdUw0OedbKzJtcEqCPM+LBUZ6Rp/SWaOXiVM7Drb6zwY79t0IADpMEf
xmjNxNnDlz99QZXMMFSYpCOl3qVuuNeIGtQi1uu+wHo6eZDEnq3dGc3vOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFltc2KjrQL+sac7cQnuNaSQZgXCMB8GA1UdIwQY
MBaAFGtMs80177yE8qiaL10sFiw9fOFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTB5enpUWHZ2SVR5cUpvdlhTd1dMRDE4NFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jNjk0OTMtNTI2NC00OWE0LWI0ZGEt
NjNhZTc0YmIyMDNiLzEvV1cxellxT3RBdjZ4cHp0eENlNDFwSkJtQmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jNjk0OTMtNTI2NC00OWE0LWI0ZGEtNjNhZTc0YmIyMDNi
LzEvYTB5enpUWHZ2SVR5cUpvdlhTd1dMRDE4NFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwwWlMA8E
AgACMAkDBwAgAQZ8FJwwDQYJKoZIhvcNAQELBQADggEBAElqc5CXFQ9Lvd0wthdj
4vVAbJHActUhDxZo5mq4Xw5Uhq0fpdvtMb884ZkxkS7zKy0XioS+Q+XmyVtYYRnq
gHTPQ/hKaAQUiqsk1Uiva1SjBCtI2C1m9tnBPpXzxNKjxOf8GrI+bNcCcCxXheCz
B1Jw+rbNrpozHqrByyoB5Y/e8QuqCUFgISRfsWtujrdwf5U1hR2AuFW9QOomgvWa
T7+Z9xoVPziCA4XzGAlz7Zkj+hBC/rPQi0CYxBtJrWxpCIL8Ol+53xqkWKaDufVr
bupkCg3LOFiSvtHmkqx10Mzw/M6L37Iu+dp7YnpY1ildIUHhV9QZ70e4pqgpE031
VnA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:50:15 2025 by rpki-client