Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/wm6cG14SJ4aH3CYf1oXOwtssIbA.roa
File: wm6cG14SJ4aH3CYf1oXOwtssIbA.roa (raw, json)
Hash identifier: gm1bMWUPE+phCC8n+kEuBOun2Z93q8fKgvsL4+NhpVw=
Subject key identifier: C2:6E:9C:1B:5E:12:27:86:87:DC:26:1F:D6:85:CE:C2:DB:2C:21:B0
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01968B9529DB445E4DCF645FC1F03923A77F
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/wm6cG14SJ4aH3CYf1oXOwtssIbA.roa
Signing time: Thu 01 May 2025 11:22:10 +0000
ROA not before: Thu 01 May 2025 11:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.38.0/24 maxlen: 24
31.41.39.0/24 maxlen: 24
45.11.25.0/24 maxlen: 24
45.133.219.0/24 maxlen: 24
45.137.52.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.145.2.0/24 maxlen: 24
45.145.90.0/24 maxlen: 24
45.145.161.0/24 maxlen: 24
45.149.80.0/24 maxlen: 24
45.149.81.0/24 maxlen: 24
45.149.82.0/24 maxlen: 24
45.149.134.0/24 maxlen: 24
45.150.62.0/24 maxlen: 24
45.150.63.0/24 maxlen: 24
45.152.227.0/24 maxlen: 24
77.83.4.0/24 maxlen: 24
77.83.5.0/24 maxlen: 24
77.83.6.0/24 maxlen: 24
77.83.7.0/24 maxlen: 24
185.179.198.0/24 maxlen: 24
194.156.95.0/24 maxlen: 24
195.245.111.0/24 maxlen: 24
213.139.192.0/24 maxlen: 24
213.139.193.0/24 maxlen: 24
213.139.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:95:29:db:44:5e:4d:cf:64:5f:c1:f0:39:23:a7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: May 1 11:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c26e9c1b5e12278687dc261fd685cec2db2c21b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:27:07:a4:02:57:c1:bb:2c:7b:2b:c2:75:
37:f6:f5:03:8c:b6:32:43:55:c1:51:30:61:64:f4:
52:ad:67:81:18:94:15:79:26:e3:5b:94:3a:21:03:
ed:0f:ee:57:1c:3a:74:d7:ae:21:27:6f:ce:5d:b7:
a2:c6:9b:98:7f:b3:c0:e8:12:46:bf:eb:c5:f6:37:
3a:f6:f0:31:78:48:92:2f:40:bd:62:af:7d:61:b9:
fc:44:66:d2:b6:e7:02:7f:4d:e3:ab:39:5b:b4:a6:
0e:cb:aa:cb:17:2d:96:ec:bd:3e:79:fb:9c:bd:5c:
8d:48:1d:ac:2f:f6:f2:8d:69:e2:ed:57:58:79:64:
74:62:d1:ca:21:f8:35:86:e8:f7:19:0c:7a:6f:75:
c6:5e:5f:a9:6a:ab:de:83:6f:39:5a:5f:1e:aa:ad:
0f:94:be:52:b2:06:a1:cd:76:d2:dc:dd:3c:f6:c9:
fb:34:7f:9b:8b:1f:cf:b4:ae:21:9b:2f:0d:62:6d:
e5:4a:e0:c5:0b:8c:95:94:67:9f:23:81:33:63:b2:
e5:d2:3a:c3:4d:c0:1c:81:66:69:97:19:2c:95:10:
35:3d:8c:dc:12:5f:91:cb:d0:c2:21:81:26:be:42:
f0:b9:9b:bc:3d:57:95:48:c5:83:86:d7:01:71:ba:
d8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:6E:9C:1B:5E:12:27:86:87:DC:26:1F:D6:85:CE:C2:DB:2C:21:B0
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/wm6cG14SJ4aH3CYf1oXOwtssIbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.38.0/23
45.11.25.0/24
45.133.219.0/24
45.137.52.0/24
45.137.55.0/24
45.137.191.0/24
45.139.28.0/24
45.139.31.0/24
45.140.171.0/24
45.145.2.0/24
45.145.90.0/24
45.145.161.0/24
45.149.80.0-45.149.82.255
45.149.134.0/24
45.150.62.0/23
45.152.227.0/24
77.83.4.0/22
185.179.198.0/24
194.156.95.0/24
195.245.111.0/24
213.139.192.0/23
213.139.195.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:49:42:cd:e5:d4:20:ab:d1:5b:a8:d6:c4:02:24:be:bd:b6:
01:1c:a7:3e:39:13:44:be:60:f6:81:43:e6:ea:be:b8:22:ba:
07:62:de:73:7f:18:a9:f3:d6:b4:f9:9c:49:e8:70:fd:9c:5c:
01:7a:00:6c:5e:ef:69:9f:e8:e8:dc:e1:f8:7d:cd:82:d6:95:
2e:b9:45:63:e3:e5:8b:aa:e6:81:a1:c1:bf:76:4f:72:57:42:
be:23:09:22:cc:40:33:58:c2:2f:75:9b:cb:dd:52:59:40:de:
d2:4d:d2:1e:24:c2:51:3b:66:a6:20:b7:fd:22:7a:8b:8e:47:
82:7e:c5:24:32:a7:12:e1:f0:86:c3:82:ab:7e:84:bd:83:ac:
6c:87:3b:87:69:d6:f4:f9:03:29:7a:fd:82:05:13:27:31:33:
c6:7f:ff:e6:97:18:50:38:82:39:4d:df:a3:45:73:21:74:38:
0f:42:8e:10:c7:ac:b4:66:a6:f9:42:73:08:d7:17:a6:d5:5f:
43:0a:25:d2:68:4d:63:77:06:1c:eb:f2:63:79:2f:df:86:e1:
2e:df:f0:26:3a:da:e3:e1:a7:50:57:49:f1:c8:13:03:92:f2:
3d:c5:b9:32:76:72:d1:1d:6a:4f:ea:93:94:91:05:84:07:89:
5a:bc:e5:ec
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZaLlSnbRF5Nz2RfwfA5I6d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwNTAxMTEyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjZlOWMxYjVlMTIyNzg2ODdkYzI2MWZkNjg1Y2VjMmRiMmMyMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7UnB6QCV8G7LHsrwnU39vUDjLYy
Q1XBUTBhZPRSrWeBGJQVeSbjW5Q6IQPtD+5XHDp0164hJ2/OXbeixpuYf7PA6BJG
v+vF9jc69vAxeEiSL0C9Yq99Ybn8RGbStucCf03jqzlbtKYOy6rLFy2W7L0+efuc
vVyNSB2sL/byjWni7VdYeWR0YtHKIfg1huj3GQx6b3XGXl+paqveg285Wl8eqq0P
lL5SsgahzXbS3N089sn7NH+bix/PtK4hmy8NYm3lSuDFC4yVlGefI4EzY7Ll0jrD
TcAcgWZplxkslRA1PYzcEl+Ry9DCIYEmvkLwuZu8PVeVSMWDhtcBcbrYGwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFMJunBteEieGh9wmH9aFzsLbLCGwMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvd202Y0cxNFNKNGFIM0NZZjFvWE93dHNzSWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAEf
KSYDBAAtCxkDBAAthdsDBAAtiTQDBAAtiTcDBAAtib8DBAAtixwDBAAtix8DBAAt
jKsDBAAtkQIDBAAtkVoDBAAtkaEwDAMEBC2VUAMEAC2VUgMEAC2VhgMEAS2WPgME
AC2Y4wMEAk1TBAMEALmzxgMEAMKcXwMEAMP1bwMEAdWLwAMEANWLwzANBgkqhkiG
9w0BAQsFAAOCAQEAjElCzeXUIKvRW6jWxAIkvr22ARynPjkTRL5g9oFD5uq+uCK6
B2Lec38YqfPWtPmcSehw/ZxcAXoAbF7vaZ/o6Nzh+H3NgtaVLrlFY+Pli6rmgaHB
v3ZPcldCviMJIsxAM1jCL3Wby91SWUDe0k3SHiTCUTtmpiC3/SJ6i45Hgn7FJDKn
EuHwhsOCq36EvYOsbIc7h2nW9PkDKXr9ggUTJzEzxn//5pcYUDiCOU3fo0VzIXQ4
D0KOEMestGam+UJzCNcXptVfQwol0mhNY3cGHOvyY3kv34bhLt/wJjra4+GnUFdJ
8cgTA5LyPcW5MnZy0R1qT+qTlJEFhAeJWrzl7A==
-----END CERTIFICATE-----
Generated at Fri May 2 12:11:09 2025 by rpki-client