Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wIGXGcBicrXxgGusmD3aNj3oQho.roa
File: wIGXGcBicrXxgGusmD3aNj3oQho.roa (raw, json)
Hash identifier: TvFbr+GWb4ZQjZUQHMxTbp2dH28I3lrx6V09FVQc6nA=
Subject key identifier: C0:81:97:19:C0:62:72:B5:F1:80:6B:AC:98:3D:DA:36:3D:E8:42:1A
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266B9DF77CDBF0956C7DA8338AE5CB15
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wIGXGcBicrXxgGusmD3aNj3oQho.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9d:f7:7c:db:f0:95:6c:7d:a8:33:8a:e5:cb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0819719c06272b5f1806bac983dda363de8421a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:a8:38:9d:6e:fb:3e:98:11:01:e6:d9:cc:
05:6f:5c:1a:d3:e1:24:d4:0c:58:c4:65:a4:e8:e4:
fe:53:44:79:b0:2d:fc:ea:55:51:f8:d3:fb:56:61:
9e:ce:a9:87:53:b3:1f:05:ed:7f:b2:a0:30:70:b1:
77:13:ea:0f:a9:8b:4e:5d:41:27:d6:92:d1:77:7f:
87:8f:ea:b1:d5:94:0a:65:1a:9d:ad:ed:57:f6:11:
ff:0b:70:70:45:98:8e:6c:1e:ec:5c:b3:4f:59:7d:
bf:32:33:e0:84:61:44:66:82:d7:c5:85:90:48:2b:
3d:e1:b9:9e:d9:15:66:29:7e:dd:e2:31:4f:12:3e:
42:4f:5f:de:cf:88:30:e4:f6:65:f8:46:91:cb:ca:
96:6d:a3:e2:b1:8b:f6:02:5f:44:76:66:6b:3f:e0:
aa:18:b2:b4:d2:79:c9:d5:79:bd:26:d9:e4:32:9e:
fc:20:c8:fb:0c:f8:b9:8d:37:46:c2:68:65:1c:2f:
2a:cc:8c:1b:35:68:cf:4d:6f:9d:06:cf:59:9b:4b:
39:25:77:01:4e:cd:2a:4f:f2:ac:6b:05:ea:1a:55:
d1:71:23:52:12:8a:68:cc:3d:f5:91:e6:35:6a:e7:
1e:98:a2:57:43:73:b7:cb:52:9c:97:d5:2b:f7:ec:
3f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:81:97:19:C0:62:72:B5:F1:80:6B:AC:98:3D:DA:36:3D:E8:42:1A
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wIGXGcBicrXxgGusmD3aNj3oQho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.5.0-194.104.6.255
212.69.132.0/24
212.69.134.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f5:05:cd:4c:6d:4a:74:94:c7:53:ea:7b:c9:81:b0:38:cd:
26:5b:99:ef:d0:0d:73:d6:95:6b:cb:9d:6d:1f:fd:b9:6e:09:
b8:64:34:ea:c6:d5:f9:66:9b:8a:e6:9b:f9:71:e8:43:cc:58:
2c:95:d3:a1:57:c4:0d:e3:52:b2:39:c8:06:92:9b:6b:f6:05:
37:4b:48:da:65:b0:45:c8:0d:4b:0e:9e:79:36:b9:e5:01:f3:
f9:c2:89:ea:08:ae:0d:15:52:55:90:4a:77:a0:d9:76:4d:2f:
9e:0b:76:91:1d:78:c4:4e:3e:b0:68:d7:f0:fd:c1:a1:73:f8:
cb:2b:d6:29:a0:6a:66:6a:2a:69:96:08:50:a0:6a:8b:76:7e:
c5:17:85:59:3f:a2:15:b9:64:24:19:0a:7a:d4:e9:62:79:0e:
7f:9b:bc:94:22:15:b5:1d:91:5e:71:21:40:d4:0a:e0:be:81:
9e:d1:95:ee:bd:7d:33:ee:5c:06:a3:4f:aa:a6:ae:49:25:4c:
c5:79:b3:ed:0a:a4:07:24:d1:86:16:e2:ee:43:a6:0c:65:46:
47:b0:12:eb:86:d8:9a:92:90:fb:ed:d5:d1:2f:8e:71:7d:04:
a3:8f:7e:a6:f6:b6:33:fa:03:32:e0:85:25:e2:a4:62:61:4b:
36:fc:a6:b7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQma533fNvwlWx9qDOK5csVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDgxOTcxOWMwNjI3MmI1ZjE4MDZiYWM5ODNkZGEzNjNkZTg0MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWoOJ1u+z6YEQHm2cwFb1wa0+Ek
1AxYxGWk6OT+U0R5sC386lVR+NP7VmGezqmHU7MfBe1/sqAwcLF3E+oPqYtOXUEn
1pLRd3+Hj+qx1ZQKZRqdre1X9hH/C3BwRZiObB7sXLNPWX2/MjPghGFEZoLXxYWQ
SCs94bme2RVmKX7d4jFPEj5CT1/ez4gw5PZl+EaRy8qWbaPisYv2Al9EdmZrP+Cq
GLK00nnJ1Xm9JtnkMp78IMj7DPi5jTdGwmhlHC8qzIwbNWjPTW+dBs9Zm0s5JXcB
Ts0qT/KsawXqGlXRcSNSEopozD31keY1aucemKJXQ3O3y1Kcl9Ur9+w/+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMCBlxnAYnK18YBrrJg92jY96EIaMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvd0lHWEdjQmljclh4Z0d1c21EM2FOajNvUWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAwhycAwQA
whyeMAwDBADCaAUDBADCaAYDBADURYQDBADURYYwDQYJKoZIhvcNAQELBQADggEB
AHD1Bc1MbUp0lMdT6nvJgbA4zSZbme/QDXPWlWvLnW0f/bluCbhkNOrG1flmm4rm
m/lx6EPMWCyV06FXxA3jUrI5yAaSm2v2BTdLSNplsEXIDUsOnnk2ueUB8/nCieoI
rg0VUlWQSneg2XZNL54LdpEdeMROPrBo1/D9waFz+Msr1imgamZqKmmWCFCgaot2
fsUXhVk/ohW5ZCQZCnrU6WJ5Dn+bvJQiFbUdkV5xIUDUCuC+gZ7Rle69fTPuXAaj
T6qmrkklTMV5s+0KpAck0YYW4u5DpgxlRkewEuuG2JqSkPvt1dEvjnF9BKOPfqb2
tjP6AzLghSXipGJhSzb8prc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:05:30 2025 by rpki-client