Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/wuhX8oITFzu7BnpahOHbcGXmIS8.roa
File: wuhX8oITFzu7BnpahOHbcGXmIS8.roa (raw, json)
Hash identifier: cCrTMLFRYSOxlgn5aQy6ZvKllgaNe+m7D1cJYZA5uQg=
Subject key identifier: C2:E8:57:F2:82:13:17:3B:BB:06:7A:5A:84:E1:DB:70:65:E6:21:2F
Certificate issuer: /CN=188fb0985e360c38f8658d56687ca862d9408d90
Certificate serial: 018CC7934588C1FC78FDF407EE2354D8F469
Authority key identifier: 18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/wuhX8oITFzu7BnpahOHbcGXmIS8.roa
Signing time: Tue 02 Jan 2024 00:29:26 +0000
ROA not before: Tue 02 Jan 2024 00:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8868
IP address blocks: 185.120.161.0/24 maxlen: 24
185.120.162.0/24 maxlen: 24
185.120.163.0/24 maxlen: 24
185.194.79.0/24 maxlen: 24
185.120.160.0/24 maxlen: 24
185.120.160.0/23 maxlen: 23
185.174.250.0/24 maxlen: 24
185.174.248.0/23 maxlen: 23
185.174.251.0/24 maxlen: 24
185.194.78.0/24 maxlen: 24
185.194.76.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/GI-wmF42DDj4ZY1WaHyoYtlAjZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/GI-wmF42DDj4ZY1WaHyoYtlAjZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:45:88:c1:fc:78:fd:f4:07:ee:23:54:d8:f4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=188fb0985e360c38f8658d56687ca862d9408d90
Validity
Not Before: Jan 2 00:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2e857f28213173bbb067a5a84e1db7065e6212f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0c:7a:9d:05:fc:eb:1d:0b:a0:71:92:b6:a6:
62:c2:ea:b7:c3:23:3b:c2:be:f9:95:bd:fb:7b:68:
32:30:b0:8d:50:55:75:6b:82:7b:ba:d0:c1:24:38:
cd:01:e0:5c:02:c5:ec:9e:84:22:ed:dc:e7:a6:d0:
aa:59:01:0d:3b:3f:c7:31:0e:a8:ad:d4:7a:bd:fd:
86:d6:d0:88:e9:83:97:10:a8:76:ab:c5:ca:86:32:
9e:75:8a:6e:e7:11:3b:12:e6:79:f5:a3:d8:26:47:
8a:12:9b:fb:95:71:2f:a6:78:ce:db:a1:05:85:60:
0c:8e:20:9a:72:be:c7:c7:fc:63:e5:bb:b2:c4:11:
e7:2c:02:36:92:cb:46:bc:18:61:9d:44:83:12:08:
2f:8c:56:29:48:45:07:37:c8:b4:80:b7:2f:6f:74:
6f:00:1c:e8:b1:3d:cd:75:d0:63:e6:19:8a:e4:eb:
04:4d:3f:93:5b:af:c1:12:7c:5c:eb:cf:eb:b8:15:
15:3c:44:cc:31:26:1f:d9:14:14:36:c3:2b:5a:dc:
98:b1:7c:ba:16:27:25:a3:a4:e6:91:11:95:b6:f0:
43:e4:3b:b2:a5:8f:54:45:b0:f5:b8:2b:f7:c3:25:
aa:81:fe:db:30:b8:20:6e:23:d0:dc:ba:db:82:0b:
35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E8:57:F2:82:13:17:3B:BB:06:7A:5A:84:E1:DB:70:65:E6:21:2F
X509v3 Authority Key Identifier:
keyid:18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/wuhX8oITFzu7BnpahOHbcGXmIS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/GI-wmF42DDj4ZY1WaHyoYtlAjZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.160.0/22
185.174.248.0/22
185.194.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:20:54:49:50:be:86:1e:0e:c1:bd:23:6c:95:05:59:e5:32:
b2:86:77:2f:fe:c5:73:44:96:54:ae:e6:27:fe:28:73:24:b5:
c6:64:f1:55:6c:76:f5:b3:17:0f:0c:0f:26:44:c1:7d:81:0e:
70:12:81:b8:5b:c8:c6:e3:9d:8c:90:81:7a:1c:14:d6:7f:8a:
c2:c9:39:21:41:a8:ea:32:60:c7:1c:31:92:f4:ce:d3:9b:f9:
69:9a:a1:9d:dc:cc:28:ce:41:56:58:0c:db:ff:fb:bf:51:23:
ea:76:52:b4:f1:94:79:52:2f:6f:fa:12:7d:73:8f:d5:e7:2e:
77:0d:56:d4:6a:db:d8:84:ef:30:36:b9:63:c9:64:cd:52:ad:
32:86:9b:0f:11:c6:90:ea:67:61:de:6c:a0:b1:8f:99:77:21:
87:69:4b:76:77:f5:1d:c9:83:36:d5:80:56:da:8e:c4:31:66:
f1:05:ce:15:43:06:dd:69:c0:e0:49:83:7b:1c:2e:62:4a:ef:
9e:27:51:75:cb:ea:b1:53:df:b9:2f:50:be:b5:4b:42:f2:ea:
cd:a7:78:8b:e2:59:55:92:95:f9:5e:5c:45:05:c8:99:1c:6a:
43:fd:cb:47:55:e8:bb:d0:25:08:7f:4f:5c:d3:f7:3f:ef:be:
17:b1:1a:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHk0WIwfx4/fQH7iNU2PRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OGZiMDk4NWUzNjBjMzhmODY1OGQ1NjY4N2NhODYyZDk0
MDhkOTAwHhcNMjQwMTAyMDAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmU4NTdmMjgyMTMxNzNiYmIwNjdhNWE4NGUxZGI3MDY1ZTYyMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAx6nQX86x0LoHGStqZiwuq3wyM7
wr75lb37e2gyMLCNUFV1a4J7utDBJDjNAeBcAsXsnoQi7dznptCqWQENOz/HMQ6o
rdR6vf2G1tCI6YOXEKh2q8XKhjKedYpu5xE7EuZ59aPYJkeKEpv7lXEvpnjO26EF
hWAMjiCacr7Hx/xj5buyxBHnLAI2kstGvBhhnUSDEggvjFYpSEUHN8i0gLcvb3Rv
ABzosT3NddBj5hmK5OsETT+TW6/BEnxc68/ruBUVPETMMSYf2RQUNsMrWtyYsXy6
Ficlo6TmkRGVtvBD5DuypY9URbD1uCv3wyWqgf7bMLggbiPQ3Lrbggs13QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMLoV/KCExc7uwZ6WoTh23Bl5iEvMB8GA1UdIwQY
MBaAFBiPsJheNgw4+GWNVmh8qGLZQI2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ktd21GNDJERGo0WlkxV2FIeW9ZdGxBalpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82N2JjZTMtZWNiYy00NzhkLTgyMTAt
ZDA3OTA2YTg0YjFkLzEvd3VoWDhvSVRGenU3Qm5wYWhPSGJjR1htSVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82N2JjZTMtZWNiYy00NzhkLTgyMTAtZDA3OTA2YTg0YjFk
LzEvR0ktd21GNDJERGo0WlkxV2FIeW9ZdGxBalpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuXigAwQC
ua74AwQCucJMMA0GCSqGSIb3DQEBCwUAA4IBAQC0IFRJUL6GHg7BvSNslQVZ5TKy
hncv/sVzRJZUruYn/ihzJLXGZPFVbHb1sxcPDA8mRMF9gQ5wEoG4W8jG452MkIF6
HBTWf4rCyTkhQajqMmDHHDGS9M7Tm/lpmqGd3MwozkFWWAzb//u/USPqdlK08ZR5
Ui9v+hJ9c4/V5y53DVbUatvYhO8wNrljyWTNUq0yhpsPEcaQ6mdh3mygsY+ZdyGH
aUt2d/UdyYM21YBW2o7EMWbxBc4VQwbdacDgSYN7HC5iSu+eJ1F1y+qxU9+5L1C+
tUtC8urNp3iL4llVkpX5XlxFBciZHGpD/ctHVei70CUIf09c0/c/774XsRrz
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:19 2024 by rpki-client on console-fra.rpki-client.org