Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/wpo37Wm8Zrjq6WOjV-Utovw4RnU.roa
File: wpo37Wm8Zrjq6WOjV-Utovw4RnU.roa (raw, json)
Hash identifier: 3lxmCw9oNQcd5iapsWAsPZTQ1ZkWY5buGodasHlf5rI=
Subject key identifier: C2:9A:37:ED:69:BC:66:B8:EA:E9:63:A3:57:E5:2D:A2:FC:38:46:75
Certificate issuer: /CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Certificate serial: 01966218471011120D0AAEDC6E6BED03407B
Authority key identifier: 58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/wpo37Wm8Zrjq6WOjV-Utovw4RnU.roa
Signing time: Wed 23 Apr 2025 10:01:20 +0000
ROA not before: Wed 23 Apr 2025 10:01:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208208
IP address blocks: 84.252.120.0/24 maxlen: 24
84.252.121.0/24 maxlen: 24
84.252.122.0/24 maxlen: 24
84.252.123.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
185.230.161.0/24 maxlen: 24
185.230.162.0/24 maxlen: 24
185.230.163.0/24 maxlen: 24
185.240.241.0/24 maxlen: 24
185.240.242.0/24 maxlen: 24
185.240.243.0/24 maxlen: 24
2a09:6301::/32 maxlen: 32
2a09:6302::/32 maxlen: 32
2a09:6305::/32 maxlen: 32
2a09:6306::/32 maxlen: 32
2a09:6307::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:18:47:10:11:12:0d:0a:ae:dc:6e:6b:ed:03:40:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Validity
Not Before: Apr 23 10:01:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c29a37ed69bc66b8eae963a357e52da2fc384675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e1:95:bd:53:19:15:69:c9:16:8a:db:7c:16:
1c:90:d8:19:1a:54:c8:a9:4c:89:3c:76:c6:82:6c:
ee:1c:c7:ad:78:40:fa:41:40:92:56:10:f3:32:fd:
3b:24:dc:fd:59:de:b5:07:b6:ec:ef:21:1a:0d:04:
a0:a2:0c:15:cb:b1:f2:6d:ef:39:e6:80:4a:12:92:
1f:e7:37:70:ed:da:74:a5:01:40:98:0e:fc:18:a7:
b9:6c:fc:50:62:df:32:fd:aa:de:8c:4b:33:11:5d:
8d:c9:86:92:41:9b:bf:1d:4d:1c:88:78:f5:0c:92:
11:ea:6b:0c:da:e8:cb:79:53:8f:be:59:44:b3:41:
ab:f7:ca:96:ca:ef:a5:e7:cb:8a:3f:c6:7f:f3:5f:
cb:cc:6f:3d:eb:48:4f:41:b1:ee:84:c1:e7:5f:76:
52:ef:ca:e4:3b:ad:c9:4c:47:bb:c0:b1:17:57:9a:
de:bc:58:7d:93:cc:7c:ec:b5:50:ff:e3:19:76:18:
ed:66:7a:e7:b5:5c:83:f6:03:6c:e6:94:3d:f4:95:
b3:18:a6:f5:a9:af:01:f7:23:c6:78:5c:0b:0a:e7:
07:d3:2e:25:c7:f6:1c:95:e5:6d:42:06:64:4d:a3:
a1:65:f5:08:76:de:cb:77:bc:9e:a7:a8:90:ec:85:
53:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9A:37:ED:69:BC:66:B8:EA:E9:63:A3:57:E5:2D:A2:FC:38:46:75
X509v3 Authority Key Identifier:
keyid:58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/wpo37Wm8Zrjq6WOjV-Utovw4RnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.120.0/22
185.230.160.0/22
185.240.241.0-185.240.243.255
IPv6:
2a09:6301::-2a09:6302:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6305::-2a09:6307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:6c:46:47:7e:2b:ec:f1:f3:2c:fd:54:18:85:21:96:98:27:
6e:28:17:69:88:42:8a:d4:c0:0b:36:a8:fe:3f:5c:4e:06:e7:
0b:c6:a1:3f:28:0e:dc:95:81:89:aa:df:5b:2b:c2:95:3f:a0:
34:a4:9a:f6:bb:e0:63:d4:c3:28:e3:bc:a5:f4:3f:d7:b1:82:
87:bc:e2:47:fe:ab:65:7d:01:58:14:ee:8f:39:28:26:c8:50:
39:af:24:84:8e:53:99:8f:d6:78:79:28:8b:97:66:9c:b4:05:
c0:98:e1:52:d5:10:ce:9f:bf:ad:fe:91:9d:e1:d4:d2:ef:5d:
79:25:b0:f7:73:15:af:f6:04:d3:e5:05:11:b6:df:54:38:d3:
4e:6b:0c:00:ec:d8:9d:de:f3:db:76:26:41:43:ea:fc:f0:19:
bf:2d:ee:f8:bc:eb:01:6c:c4:24:a7:7f:94:10:ab:5f:ae:8f:
2b:fb:63:0c:25:88:cc:11:a1:56:2d:59:63:ef:6f:90:60:13:
47:34:51:5b:2c:98:ac:51:9c:1e:e6:4b:a6:5e:40:b3:f9:1d:
79:03:91:c2:42:ae:3e:3d:00:68:5f:38:eb:48:4b:31:69:92:
9d:ed:f0:28:8d:bb:68:d0:cf:be:9a:90:a7:95:67:c5:89:50:
d1:3c:ea:34
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZZiGEcQERINCq7cbmvtA0B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGIxMDI0ZWEwNTZlNWVkNDk4ZjZlOWRkYzIwNjMyYmRm
NmM5YzUwHhcNMjUwNDIzMTAwMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjlhMzdlZDY5YmM2NmI4ZWFlOTYzYTM1N2U1MmRhMmZjMzg0Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOGVvVMZFWnJForbfBYckNgZGlTI
qUyJPHbGgmzuHMeteED6QUCSVhDzMv07JNz9Wd61B7bs7yEaDQSgogwVy7Hybe85
5oBKEpIf5zdw7dp0pQFAmA78GKe5bPxQYt8y/arejEszEV2NyYaSQZu/HU0ciHj1
DJIR6msM2ujLeVOPvllEs0Gr98qWyu+l58uKP8Z/81/LzG8960hPQbHuhMHnX3ZS
78rkO63JTEe7wLEXV5revFh9k8x87LVQ/+MZdhjtZnrntVyD9gNs5pQ99JWzGKb1
qa8B9yPGeFwLCucH0y4lx/YcleVtQgZkTaOhZfUIdt7Ld7yep6iQ7IVTbQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMKaN+1pvGa46uljo1flLaL8OEZ1MB8GA1UdIwQY
MBaAFFiLECTqBW5e1Jj26d3CBjK99snFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2Qt
NTY2MjhhNDZkZjQwLzEvd3BvMzdXbThacmpxNldPalYtVXRvdnc0Um5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2QtNTY2MjhhNDZkZjQw
LzEvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAgBAIAATAaAwQCVPx4AwQC
ueagMAwDBAC58PEDBAK58PAwJgQCAAIwIDAOAwUAKgljAQMFACoJYwIwDgMFACoJ
YwUDBQMqCWMAMA0GCSqGSIb3DQEBCwUAA4IBAQAhbEZHfivs8fMs/VQYhSGWmCdu
KBdpiEKK1MALNqj+P1xOBucLxqE/KA7clYGJqt9bK8KVP6A0pJr2u+Bj1MMo47yl
9D/XsYKHvOJH/qtlfQFYFO6POSgmyFA5rySEjlOZj9Z4eSiLl2actAXAmOFS1RDO
n7+t/pGd4dTS7115JbD3cxWv9gTT5QURtt9UONNOawwA7Nid3vPbdiZBQ+r88Bm/
Le74vOsBbMQkp3+UEKtfro8r+2MMJYjMEaFWLVlj72+QYBNHNFFbLJisUZwe5kum
XkCz+R15A5HCQq4+PQBoXzjrSEsxaZKd7fAojbto0M++mpCnlWfFiVDRPOo0
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:57:16 2025 by rpki-client