Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/WV11-zaxP3TKPgQgGOx7lPdVA_o.roa
File: WV11-zaxP3TKPgQgGOx7lPdVA_o.roa (raw, json)
Hash identifier: 8exGagHacuB84BILMLmp66gqsHLfgUa6w8jOySPn3no=
Subject key identifier: 59:5D:75:FB:36:B1:3F:74:CA:3E:04:20:18:EC:7B:94:F7:55:03:FA
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01965C29448DA9410DEBEF041AFB769F14F2
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/WV11-zaxP3TKPgQgGOx7lPdVA_o.roa
Signing time: Tue 22 Apr 2025 06:22:10 +0000
ROA not before: Tue 22 Apr 2025 06:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395374
IP address blocks: 85.115.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:29:44:8d:a9:41:0d:eb:ef:04:1a:fb:76:9f:14:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Apr 22 06:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=595d75fb36b13f74ca3e042018ec7b94f75503fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:db:da:7c:c3:31:27:2c:5d:e9:79:55:d7:db:
fa:fc:c8:31:8d:2d:b6:0e:0f:d9:ef:d0:f1:64:56:
ac:0e:b8:c9:6d:39:c7:30:2f:a1:02:af:c8:7f:73:
e7:7c:ba:eb:ab:3d:80:6a:56:9f:c3:e3:95:55:d4:
7a:ed:28:db:da:f8:94:ac:6b:02:cb:0c:2f:58:98:
78:e6:25:01:f5:47:44:7a:d7:b6:75:be:6c:a6:d5:
07:e6:fe:18:fc:bf:6e:83:92:74:71:ae:bf:70:de:
1a:3d:ca:0f:9d:c0:d8:d0:8f:1e:57:cb:a0:2c:20:
d7:66:a8:60:e9:1d:58:dc:f5:ac:1f:08:67:35:95:
48:be:5b:a0:94:7a:b4:7b:a4:4a:13:6f:2a:65:e4:
01:91:2e:38:80:57:0b:3b:7a:52:7f:f1:1d:6e:81:
1b:9a:61:bf:4a:81:f1:dd:85:8a:4a:9a:28:9a:7d:
8c:36:e7:d7:03:11:ab:23:a0:a3:ee:32:c6:f1:79:
33:a1:d7:9f:ba:bf:0f:da:e2:f5:d8:e2:cc:26:a6:
47:c5:96:00:09:35:f8:d9:59:79:98:23:30:29:20:
3c:d1:cc:af:33:3c:b8:57:9a:a2:25:eb:e2:eb:76:
c4:28:75:8a:b6:d9:65:67:ce:f6:d5:24:71:fb:f1:
06:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5D:75:FB:36:B1:3F:74:CA:3E:04:20:18:EC:7B:94:F7:55:03:FA
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/WV11-zaxP3TKPgQgGOx7lPdVA_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.211.0/24
Signature Algorithm: sha256WithRSAEncryption
93:be:5a:e0:19:59:10:79:72:5a:03:e9:80:7b:ff:bd:3d:63:
00:ef:8b:42:43:f7:03:b6:a8:5e:9c:e4:2f:fa:ec:89:d5:d1:
8e:d8:1f:8d:95:8c:cb:66:df:a0:3c:e2:28:fa:62:70:b1:ee:
da:76:08:ba:9e:14:5c:c0:6c:2f:0f:19:fc:4d:9c:74:57:9d:
7c:5b:8e:c8:a3:07:53:58:0e:30:09:8f:4b:37:d9:a2:cd:f0:
14:9a:1e:14:c9:c3:1f:89:07:c3:59:90:c8:21:d5:88:b9:81:
e6:cf:4c:d8:eb:21:6d:14:38:dc:6d:70:9e:86:8b:4f:af:f6:
cb:5a:ea:29:82:cc:5c:a0:5c:5f:df:b8:1d:74:e7:02:74:f6:
7f:90:3c:8f:38:44:07:7e:94:9c:10:0e:af:55:d2:28:b8:50:
86:92:a0:4f:51:5d:c7:af:c1:68:ba:df:ad:cc:6d:4e:69:13:
e3:e6:1f:ae:32:0f:cc:45:16:69:8a:99:24:d9:f9:a2:c5:06:
64:76:ab:48:e4:d4:7c:c7:0d:e2:aa:78:fa:fd:b0:11:f9:82:
30:4a:d6:d8:a9:ab:34:e3:0c:f5:4d:1e:25:72:6c:31:c9:8f:
9a:24:3e:2a:3f:8a:40:15:da:11:99:ca:95:bb:48:88:38:b5:
ae:7a:58:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZcKUSNqUEN6+8EGvt2nxTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNDIyMDYyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVkNzVmYjM2YjEzZjc0Y2EzZTA0MjAxOGVjN2I5NGY3NTUwM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNvafMMxJyxd6XlV19v6/MgxjS22
Dg/Z79DxZFasDrjJbTnHMC+hAq/If3PnfLrrqz2Aalafw+OVVdR67Sjb2viUrGsC
ywwvWJh45iUB9UdEete2db5sptUH5v4Y/L9ug5J0ca6/cN4aPcoPncDY0I8eV8ug
LCDXZqhg6R1Y3PWsHwhnNZVIvluglHq0e6RKE28qZeQBkS44gFcLO3pSf/EdboEb
mmG/SoHx3YWKSpoomn2MNufXAxGrI6Cj7jLG8Xkzodefur8P2uL12OLMJqZHxZYA
CTX42Vl5mCMwKSA80cyvMzy4V5qiJevi63bEKHWKttllZ8721SRx+/EGIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlddfs2sT90yj4EIBjse5T3VQP6MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvV1YxMS16YXhQM1RLUGdRZ0dPeDdsUGRWQV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPTMA0G
CSqGSIb3DQEBCwUAA4IBAQCTvlrgGVkQeXJaA+mAe/+9PWMA74tCQ/cDtqhenOQv
+uyJ1dGO2B+NlYzLZt+gPOIo+mJwse7adgi6nhRcwGwvDxn8TZx0V518W47IowdT
WA4wCY9LN9mizfAUmh4UycMfiQfDWZDIIdWIuYHmz0zY6yFtFDjcbXCehotPr/bL
WuopgsxcoFxf37gddOcCdPZ/kDyPOEQHfpScEA6vVdIouFCGkqBPUV3Hr8Fout+t
zG1OaRPj5h+uMg/MRRZpipkk2fmixQZkdqtI5NR8xw3iqnj6/bAR+YIwStbYqas0
4wz1TR4lcmwxyY+aJD4qP4pAFdoRmcqVu0iIOLWuelgw
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:43:35 2025 by rpki-client