Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/wg8apK3BDTweN5QY23srhQ2Ha3w.roa
File: wg8apK3BDTweN5QY23srhQ2Ha3w.roa (raw, json)
Hash identifier: DjFhm8ALq6AqJb+G3kbd5fS8BkGacsBJVQ0HGsFeBZM=
Subject key identifier: C2:0F:1A:A4:AD:C1:0D:3C:1E:37:94:18:DB:7B:2B:85:0D:87:6B:7C
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 0196A0FE6BA841CC04AFE37748A3C693F505
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/wg8apK3BDTweN5QY23srhQ2Ha3w.roa
Signing time: Mon 05 May 2025 15:09:10 +0000
ROA not before: Mon 05 May 2025 15:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211274
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/32 maxlen: 32
2a0b:4741::/32 maxlen: 32
2a0b:4742::/32 maxlen: 32
2a0b:4743::/32 maxlen: 32
2a0b:4744::/32 maxlen: 32
2a0b:4745::/32 maxlen: 32
2a0b:4746::/32 maxlen: 32
2a0b:4747::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 09:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:fe:6b:a8:41:cc:04:af:e3:77:48:a3:c6:93:f5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: May 5 15:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c20f1aa4adc10d3c1e379418db7b2b850d876b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:11:fb:d3:ec:cc:ee:5d:9e:e6:f8:54:4d:7e:
bc:7c:af:92:a1:72:96:45:f0:20:5b:e8:eb:41:d0:
7f:f3:b8:78:bf:43:f2:80:86:43:3d:af:ac:da:70:
23:7c:c6:dc:51:c3:77:17:7c:39:b5:a3:ac:a9:c5:
4f:bd:46:3e:5d:a9:69:88:68:18:2d:20:65:14:61:
a3:d3:e3:a2:f3:be:f1:d6:2c:66:39:46:9f:40:86:
9c:6d:a1:c8:f0:55:de:56:64:9d:bb:93:82:11:c7:
5a:a2:2b:88:71:67:aa:6d:57:9d:35:e7:8f:d1:74:
3f:39:9f:11:f3:06:02:4d:73:49:2d:32:38:7e:44:
16:12:1c:8a:17:1b:c9:ed:16:9c:4e:ef:e0:aa:86:
3b:c9:32:8b:70:f2:95:3f:d2:b1:48:c0:c7:56:c0:
14:2d:79:ea:d8:76:23:97:f0:33:55:e5:92:d8:01:
a4:17:d8:b5:7e:3b:8e:05:5c:ff:eb:df:ad:1a:e4:
e3:41:6e:8d:bd:62:64:9e:aa:b2:5f:a7:b6:b1:ad:
47:2b:88:0c:34:2d:7f:43:ec:e1:52:60:b1:c4:55:
90:09:30:07:ef:ab:6c:00:f1:5a:d1:bb:c7:7f:60:
b0:da:a0:c3:60:84:d2:8e:0b:88:1a:44:e0:0b:26:
ac:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0F:1A:A4:AD:C1:0D:3C:1E:37:94:18:DB:7B:2B:85:0D:87:6B:7C
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/wg8apK3BDTweN5QY23srhQ2Ha3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
2f:a9:5f:49:ca:2b:97:36:90:d2:26:78:0a:8f:c1:d9:58:c3:
c9:a5:f8:b9:96:65:a1:1a:8d:97:e6:b3:b1:c5:4d:99:6b:2e:
52:ee:d8:19:9c:46:24:9f:8e:20:b2:6c:99:1d:bd:fc:e2:d8:
d5:36:2b:8a:f9:63:ef:de:ba:47:35:b1:9a:7c:65:70:0a:86:
c7:fa:03:85:16:1f:3f:31:7f:52:45:93:cd:90:4c:21:14:42:
41:da:d0:35:69:db:ea:18:74:03:67:8c:9e:5b:27:84:40:b1:
91:5e:62:a1:f5:67:c4:61:72:79:c3:b3:e9:d3:bb:ad:25:51:
ee:29:cd:bb:42:d5:f6:59:b1:3b:36:d1:e4:67:b6:a9:3c:04:
91:b2:b5:ef:c3:5e:25:e8:89:a1:70:cd:8b:83:80:e1:2a:54:
5b:53:75:38:12:d5:6f:3c:79:90:1d:ab:44:a4:7e:0d:8a:74:
41:17:40:5b:93:a9:72:2a:53:e6:9d:c7:ea:e5:d3:9b:88:20:
e8:3e:15:b4:8b:e0:8d:9e:a8:80:43:aa:84:aa:c9:f7:58:fb:
ba:00:b1:43:24:dd:e8:8a:96:bd:31:52:92:3c:b4:82:6e:3c:
26:3e:5a:5f:33:67:70:86:f7:53:71:2c:1f:a1:4a:d9:c5:38:
0f:c3:1b:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZag/muoQcwEr+N3SKPGk/UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjUwNTA1MTUwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBmMWFhNGFkYzEwZDNjMWUzNzk0MThkYjdiMmI4NTBkODc2YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RH70+zM7l2e5vhUTX68fK+SoXKW
RfAgW+jrQdB/87h4v0PygIZDPa+s2nAjfMbcUcN3F3w5taOsqcVPvUY+XalpiGgY
LSBlFGGj0+Oi877x1ixmOUafQIacbaHI8FXeVmSdu5OCEcdaoiuIcWeqbVedNeeP
0XQ/OZ8R8wYCTXNJLTI4fkQWEhyKFxvJ7RacTu/gqoY7yTKLcPKVP9KxSMDHVsAU
LXnq2HYjl/AzVeWS2AGkF9i1fjuOBVz/69+tGuTjQW6NvWJknqqyX6e2sa1HK4gM
NC1/Q+zhUmCxxFWQCTAH76tsAPFa0bvHf2Cw2qDDYITSjguIGkTgCyasLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMIPGqStwQ08HjeUGNt7K4UNh2t8MB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEvd2c4YXBLM0JEVHdlTjVRWTIzc3JoUTJIYTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQAvqV9JyiuXNpDSJngKj8HZ
WMPJpfi5lmWhGo2X5rOxxU2Zay5S7tgZnEYkn44gsmyZHb384tjVNiuK+WPv3rpH
NbGafGVwCobH+gOFFh8/MX9SRZPNkEwhFEJB2tA1advqGHQDZ4yeWyeEQLGRXmKh
9WfEYXJ5w7Pp07utJVHuKc27QtX2WbE7NtHkZ7apPASRsrXvw14l6ImhcM2Lg4Dh
KlRbU3U4EtVvPHmQHatEpH4NinRBF0Bbk6lyKlPmncfq5dObiCDoPhW0i+CNnqiA
Q6qEqsn3WPu6ALFDJN3oipa9MVKSPLSCbjwmPlpfM2dwhvdTcSwfoUrZxTgPwxv9
-----END CERTIFICATE-----
Generated at Tue May 6 17:35:50 2025 by rpki-client