Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/W0bin1f1CMvgpKtT56TjILo2VZA.roa
File: W0bin1f1CMvgpKtT56TjILo2VZA.roa (raw, json)
Hash identifier: X82YsEeg1Z/7Sd+F8cKgkMOl6JvYCwSgMvIizshjpZc=
Subject key identifier: 5B:46:E2:9F:57:F5:08:CB:E0:A4:AB:53:E7:A4:E3:20:BA:36:55:90
Certificate issuer: /CN=c63d96aefc548024fa36fa5ce804a48bf7ca3a40
Certificate serial: 019422FB5EB198C3808887FC629DC819DE8B
Authority key identifier: C6:3D:96:AE:FC:54:80:24:FA:36:FA:5C:E8:04:A4:8B:F7:CA:3A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/W0bin1f1CMvgpKtT56TjILo2VZA.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56654
IP address blocks: 77.81.68.0/22 maxlen: 22
85.204.164.0/22 maxlen: 22
89.39.176.0/22 maxlen: 22
94.24.111.0/24 maxlen: 24
185.85.176.0/21 maxlen: 21
188.208.128.0/22 maxlen: 22
188.214.244.0/22 maxlen: 22
188.214.248.0/21 maxlen: 21
2a04:f980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5e:b1:98:c3:80:88:87:fc:62:9d:c8:19:de:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c63d96aefc548024fa36fa5ce804a48bf7ca3a40
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b46e29f57f508cbe0a4ab53e7a4e320ba365590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8f:fb:1d:4b:52:e5:27:89:c4:0f:c0:1a:83:
09:42:a7:ee:03:9a:7e:11:6d:e0:c9:d3:05:21:a5:
aa:b0:8d:83:aa:78:1f:ce:f1:be:04:f9:e1:36:9d:
41:a8:a2:3f:aa:3b:c1:92:61:ce:47:c4:5e:0e:87:
5c:d6:73:be:4a:52:de:12:28:00:5f:9b:cb:1a:3d:
aa:17:5b:af:f4:04:6d:7d:16:35:d7:9c:a9:bd:6f:
70:74:11:86:e7:6c:d3:21:73:6b:ac:64:91:49:c5:
67:0f:a7:af:bb:9f:ce:74:41:c8:21:bd:e6:bb:fc:
92:19:90:8a:ce:02:eb:19:81:2b:49:28:97:15:aa:
d6:eb:ee:44:a9:34:a9:30:7f:fb:dc:9d:75:e2:95:
bc:db:1f:1b:f0:6c:a5:ab:03:ec:98:ce:ae:f1:b7:
07:ae:29:90:d8:45:12:f6:4e:e9:b5:6b:88:fa:28:
c1:43:27:c1:87:e5:a0:57:60:59:31:ff:8d:f5:8a:
b0:ac:28:db:df:3f:fe:2d:f4:85:67:ca:c1:e2:c2:
1b:34:fe:46:94:f8:d1:1f:7e:be:b8:0d:bc:b2:6c:
57:91:eb:6d:b9:53:d1:9a:8a:f3:0c:61:90:70:56:
99:a5:68:01:4f:1f:e4:91:80:0d:db:e9:50:ee:24:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:46:E2:9F:57:F5:08:CB:E0:A4:AB:53:E7:A4:E3:20:BA:36:55:90
X509v3 Authority Key Identifier:
keyid:C6:3D:96:AE:FC:54:80:24:FA:36:FA:5C:E8:04:A4:8B:F7:CA:3A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/W0bin1f1CMvgpKtT56TjILo2VZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.68.0/22
85.204.164.0/22
89.39.176.0/22
94.24.111.0/24
185.85.176.0/21
188.208.128.0/22
188.214.244.0-188.214.255.255
IPv6:
2a04:f980::/29
Signature Algorithm: sha256WithRSAEncryption
67:6b:e1:28:db:ca:a7:0b:46:3b:f4:77:51:e4:b2:fd:b6:15:
cb:bc:ca:8a:08:86:b1:81:71:9b:e3:61:8c:72:72:06:50:49:
49:f0:0d:07:7b:9d:22:28:43:8c:58:e7:0a:20:47:c8:66:6d:
e9:42:7e:53:da:dd:b3:49:76:12:c4:a9:60:71:f7:96:6c:88:
c8:60:f9:68:25:6a:aa:51:cf:0a:3f:55:bc:26:fd:e3:05:b1:
f5:99:c1:73:13:8a:8f:95:f2:31:e9:70:b0:aa:bd:f0:f5:ac:
76:5c:22:a6:94:2d:ee:ea:e9:61:08:fd:cc:20:7f:b6:c5:ce:
da:cb:48:3a:c6:c1:db:9a:92:7e:b5:df:45:43:10:cb:3a:b6:
b8:e1:eb:33:5a:79:50:3f:52:a7:bb:f0:17:46:f8:26:ca:6d:
99:4e:35:26:86:b9:10:25:e3:68:a2:bd:16:7b:85:b6:31:3c:
f6:5d:b5:8e:92:35:6a:83:de:c0:f0:20:ba:96:d3:5e:23:86:
d7:c5:a7:36:79:81:18:58:36:02:83:b3:1b:02:bc:6a:75:83:
c9:3c:4e:b3:a0:e5:f6:d8:1c:47:2b:30:c1:b4:c9:88:be:02:
d6:d1:17:af:63:75:01:ea:6b:38:0b:79:29:14:89:9a:66:34:
ae:7c:18:11
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQi+16xmMOAiIf8Yp3IGd6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2M2Q5NmFlZmM1NDgwMjRmYTM2ZmE1Y2U4MDRhNDhiZjdj
YTNhNDAwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ2ZTI5ZjU3ZjUwOGNiZTBhNGFiNTNlN2E0ZTMyMGJhMzY1NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI/7HUtS5SeJxA/AGoMJQqfuA5p+
EW3gydMFIaWqsI2DqngfzvG+BPnhNp1BqKI/qjvBkmHOR8ReDodc1nO+SlLeEigA
X5vLGj2qF1uv9ARtfRY115ypvW9wdBGG52zTIXNrrGSRScVnD6evu5/OdEHIIb3m
u/ySGZCKzgLrGYErSSiXFarW6+5EqTSpMH/73J114pW82x8b8GylqwPsmM6u8bcH
rimQ2EUS9k7ptWuI+ijBQyfBh+WgV2BZMf+N9YqwrCjb3z/+LfSFZ8rB4sIbNP5G
lPjRH36+uA28smxXkettuVPRmorzDGGQcFaZpWgBTx/kkYAN2+lQ7iRtNQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFtG4p9X9QjL4KSrU+ek4yC6NlWQMB8GA1UdIwQY
MBaAFMY9lq78VIAk+jb6XOgEpIv3yjpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGoyV3J2eFVnQ1Q2TnZwYzZBU2tpX2ZLT2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lZGQ2YjgtYWJiZC00YjgxLTk3MDct
OTcxZDI4ZDQzYzE0LzEvVzBiaW4xZjFDTXZncEt0VDU2VGpJTG8yVlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lZGQ2YjgtYWJiZC00YjgxLTk3MDctOTcxZDI4ZDQzYzE0
LzEveGoyV3J2eFVnQ1Q2TnZwYzZBU2tpX2ZLT2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQCTVFEAwQC
VcykAwQCWSewAwQAXhhvAwQDuVWwAwQCvNCAMAsDBAK81vQDAwC81jANBAIAAjAH
AwUDKgT5gDANBgkqhkiG9w0BAQsFAAOCAQEAZ2vhKNvKpwtGO/R3UeSy/bYVy7zK
igiGsYFxm+NhjHJyBlBJSfANB3udIihDjFjnCiBHyGZt6UJ+U9rds0l2EsSpYHH3
lmyIyGD5aCVqqlHPCj9VvCb94wWx9ZnBcxOKj5XyMelwsKq98PWsdlwippQt7urp
YQj9zCB/tsXO2stIOsbB25qSfrXfRUMQyzq2uOHrM1p5UD9Sp7vwF0b4JsptmU41
Joa5ECXjaKK9FnuFtjE89l21jpI1aoPewPAgupbTXiOG18WnNnmBGFg2AoOzGwK8
anWDyTxOs6Dl9tgcRyswwbTJiL4C1tEXr2N1AeprOAt5KRSJmmY0rnwYEQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:11 2025 by rpki-client