Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/WfonxlLMZwy-HhCvndkmDlWeP1U.roa
File: WfonxlLMZwy-HhCvndkmDlWeP1U.roa (raw, json)
Hash identifier: D2to2wlUfQBqZmE9EvBIj/W3y3+jGxVEf6JIb4l/qG8=
Subject key identifier: 59:FA:27:C6:52:CC:67:0C:BE:1E:10:AF:9D:D9:26:0E:55:9E:3F:55
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D751B6ABF0172E1378B791FD25FBC0
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/WfonxlLMZwy-HhCvndkmDlWeP1U.roa
Signing time: Wed 01 Jan 2025 21:48:21 +0000
ROA not before: Wed 01 Jan 2025 21:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198404
IP address blocks: 89.140.152.0/24 maxlen: 24
95.39.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:51:b6:ab:f0:17:2e:13:78:b7:91:fd:25:fb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59fa27c652cc670cbe1e10af9dd9260e559e3f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:4c:67:39:e7:2e:e7:34:c9:91:c9:af:32:
ba:86:b3:ad:80:78:20:6f:1a:7d:c6:b9:cf:c1:3f:
07:db:0b:c7:3c:0b:36:e6:7c:49:5f:22:e2:01:29:
7d:14:dd:c3:7a:1a:ea:9e:9d:cf:36:de:8a:d2:a2:
3c:3b:e3:14:be:4f:8f:4a:bc:23:28:28:ff:d5:d7:
5d:74:c3:6a:ba:68:33:0a:58:d5:a3:fc:11:6c:9a:
4c:b5:16:3a:fa:f6:1a:50:32:35:97:e7:06:d4:31:
b5:f6:c8:aa:0b:f6:db:eb:01:39:2c:28:1d:e0:92:
fc:b8:31:41:6b:6e:0a:48:b3:ee:b7:52:6b:75:0f:
da:fb:31:aa:60:51:1b:a3:98:d9:8d:63:44:4e:7a:
eb:a8:ca:1d:92:29:70:5b:f9:f3:2f:5c:eb:a1:d6:
7d:9a:e7:4a:19:42:24:10:a8:42:32:e0:3b:e4:82:
07:d8:65:de:1d:28:f5:1d:4b:f4:02:4d:63:df:b5:
86:62:e2:0f:55:de:29:1a:c1:16:d9:10:22:b8:e2:
34:36:bf:36:a3:2f:ae:d2:7b:90:bf:4c:87:27:c4:
93:95:2e:be:d0:40:4f:f7:af:11:57:4f:22:97:b7:
9c:b4:d2:c3:65:c8:55:0a:98:95:89:1a:e1:03:15:
78:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FA:27:C6:52:CC:67:0C:BE:1E:10:AF:9D:D9:26:0E:55:9E:3F:55
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/WfonxlLMZwy-HhCvndkmDlWeP1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.140.152.0/24
95.39.49.0/24
Signature Algorithm: sha256WithRSAEncryption
63:36:41:4f:27:44:1f:eb:5d:b4:cc:62:29:be:17:ff:c7:22:
69:2f:5c:2d:01:5e:b3:af:74:71:38:6d:fe:21:c2:95:f6:ec:
6a:78:4a:8d:dd:74:af:ec:55:2b:b2:23:14:18:a7:e1:93:97:
a0:03:cc:d0:08:6c:db:1d:64:f6:7f:41:c7:c7:10:38:7d:02:
40:37:1e:b9:d5:d0:23:fb:88:f7:bd:ac:ce:4b:24:fc:65:b1:
d5:2e:a5:87:6f:41:a3:50:39:4e:f4:33:17:71:a4:81:1f:69:
35:ca:b9:a4:46:23:aa:79:c9:29:97:16:8a:63:e3:96:e0:9e:
4a:39:68:c1:12:ac:fc:a8:0d:21:4e:04:46:42:f2:71:27:d3:
10:50:61:f6:e4:63:80:f1:6d:ca:8c:bb:e4:df:10:d3:06:de:
a3:30:6d:18:ee:98:80:e7:2e:90:5d:b1:40:8c:c7:18:74:5b:
51:bb:df:93:6c:c6:a5:94:5b:2d:6f:1f:1a:42:5d:20:02:83:
4d:81:0e:73:57:56:51:9a:57:53:a9:8e:9f:2b:db:96:bf:8c:
2f:53:72:b5:9b:eb:d3:cb:e9:e6:e7:1c:d7:82:50:e2:09:69:
37:70:f7:4f:4e:3b:bd:30:68:84:ce:29:1c:4e:98:fb:48:ef:
30:1f:94:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj11G2q/AXLhN4t5H9JfvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZhMjdjNjUyY2M2NzBjYmUxZTEwYWY5ZGQ5MjYwZTU1OWUzZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXtMZznnLuc0yZHJrzK6hrOtgHgg
bxp9xrnPwT8H2wvHPAs25nxJXyLiASl9FN3Dehrqnp3PNt6K0qI8O+MUvk+PSrwj
KCj/1ddddMNqumgzCljVo/wRbJpMtRY6+vYaUDI1l+cG1DG19siqC/bb6wE5LCgd
4JL8uDFBa24KSLPut1JrdQ/a+zGqYFEbo5jZjWNETnrrqModkilwW/nzL1zrodZ9
mudKGUIkEKhCMuA75IIH2GXeHSj1HUv0Ak1j37WGYuIPVd4pGsEW2RAiuOI0Nr82
oy+u0nuQv0yHJ8STlS6+0EBP968RV08il7ectNLDZchVCpiViRrhAxV4PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFn6J8ZSzGcMvh4Qr53ZJg5Vnj9VMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvV2ZvbnhsTE1ad3ktSGhDdm5ka21EbFdlUDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWYyYAwQA
XycxMA0GCSqGSIb3DQEBCwUAA4IBAQBjNkFPJ0Qf6120zGIpvhf/xyJpL1wtAV6z
r3RxOG3+IcKV9uxqeEqN3XSv7FUrsiMUGKfhk5egA8zQCGzbHWT2f0HHxxA4fQJA
Nx651dAj+4j3vazOSyT8ZbHVLqWHb0GjUDlO9DMXcaSBH2k1yrmkRiOqeckplxaK
Y+OW4J5KOWjBEqz8qA0hTgRGQvJxJ9MQUGH25GOA8W3KjLvk3xDTBt6jMG0Y7piA
5y6QXbFAjMcYdFtRu9+TbMallFstbx8aQl0gAoNNgQ5zV1ZRmldTqY6fK9uWv4wv
U3K1m+vTy+nm5xzXglDiCWk3cPdPTju9MGiEzikcTpj7SO8wH5RC
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:26 2025 by rpki-client