Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/WcIw6N44wqFmTSYqs2SA02NfAMg.roa
File: WcIw6N44wqFmTSYqs2SA02NfAMg.roa (raw, json)
Hash identifier: dr9+lLa9vHheKAcwgnQXvyLdvzdSym8f7D33KNvf/iE=
Subject key identifier: 59:C2:30:E8:DE:38:C2:A1:66:4D:26:2A:B3:64:80:D3:63:5F:00:C8
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019427473678F5E7D1F95629737FD189B868
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/WcIw6N44wqFmTSYqs2SA02NfAMg.roa
Signing time: Thu 02 Jan 2025 13:49:25 +0000
ROA not before: Thu 02 Jan 2025 13:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212249
IP address blocks: 93.190.15.0/24 maxlen: 24
160.20.110.0/24 maxlen: 24
160.20.111.0/24 maxlen: 24
185.85.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:36:78:f5:e7:d1:f9:56:29:73:7f:d1:89:b8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59c230e8de38c2a1664d262ab36480d3635f00c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:93:b0:3c:13:45:c5:3b:bb:ec:b9:4f:9c:47:
8d:af:8b:02:fb:13:9f:c7:c0:92:b3:23:87:fd:7a:
82:8e:68:49:fe:7f:7d:6a:60:37:a4:43:07:35:f9:
b5:4a:20:eb:e0:f3:16:11:f1:25:d6:bd:43:8a:d6:
21:c0:b3:15:11:eb:ab:ea:5b:bc:b9:09:3e:bf:69:
11:8c:6e:53:b7:8c:e7:32:2a:56:d8:97:e1:f5:b2:
38:54:ab:6b:d6:68:23:89:aa:34:e5:50:fe:d3:59:
9b:08:9d:1c:31:1f:4c:8f:82:14:96:81:46:10:2c:
e6:75:74:87:1c:80:4c:63:e2:70:7a:bc:a3:23:8c:
65:e2:4f:58:f0:bf:a1:dc:44:63:4b:30:b9:df:fd:
4a:4e:85:7f:6a:a8:c5:96:63:f7:a3:d6:ba:f9:21:
e8:40:bf:36:3c:3f:3a:65:b7:37:a2:e7:63:9d:08:
68:5f:0f:2d:1d:63:9e:2d:9a:3e:b7:cc:80:3d:de:
8b:a6:6e:15:c9:23:84:ad:31:83:15:05:06:c4:c8:
68:0e:55:19:88:4e:87:3a:b2:cf:3c:42:84:81:69:
5f:42:90:70:f3:8a:19:8e:33:66:de:bd:bb:80:76:
6c:6e:a2:43:b7:cd:5d:27:82:6d:ee:25:75:52:e1:
de:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C2:30:E8:DE:38:C2:A1:66:4D:26:2A:B3:64:80:D3:63:5F:00:C8
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/WcIw6N44wqFmTSYqs2SA02NfAMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.15.0/24
160.20.110.0/23
185.85.236.0/24
Signature Algorithm: sha256WithRSAEncryption
65:04:7e:3e:16:83:0e:4f:50:dd:0f:93:da:50:b8:53:e3:88:
eb:2e:35:12:ec:9a:0b:99:21:a0:a8:6a:b5:06:4d:a5:86:09:
03:31:6d:91:dc:70:09:ba:cc:01:b7:dd:6c:35:a9:87:3b:36:
f3:5a:05:6f:50:dc:cb:66:47:d9:69:72:6a:4e:ab:a4:8d:22:
d0:26:32:99:2f:c6:19:61:92:77:52:8a:48:e3:76:49:f4:41:
3b:9d:f0:4a:b0:44:89:78:7d:72:0f:b1:4c:ec:02:a9:7a:d5:
b7:39:0b:7a:a3:f9:fa:1f:c3:bc:18:37:f8:89:9c:73:09:df:
21:da:c4:29:f5:2b:82:31:17:04:49:24:c3:16:ce:0a:6a:bb:
22:30:ab:d2:db:5c:fc:d0:5d:2a:5d:92:a1:0b:9b:fc:54:20:
7e:79:11:fb:6f:71:4c:45:25:8f:47:8b:43:4d:5b:6c:67:b8:
98:63:68:66:c1:0a:cd:dc:2c:63:5e:aa:9d:a5:2f:93:91:0d:
68:3b:bc:c1:b2:87:cb:e5:be:e2:af:c8:bd:3d:3e:08:d7:56:
27:06:53:fc:03:29:ff:6f:18:91:30:0a:65:24:28:dd:23:60:
d0:b2:72:a5:4d:8f:03:9f:c5:84:80:8a:d6:ce:6f:5a:3a:2b:
1a:6a:a1:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnRzZ49efR+VYpc3/RibhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWMyMzBlOGRlMzhjMmExNjY0ZDI2MmFiMzY0ODBkMzYzNWYwMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpOwPBNFxTu77LlPnEeNr4sC+xOf
x8CSsyOH/XqCjmhJ/n99amA3pEMHNfm1SiDr4PMWEfEl1r1DitYhwLMVEeur6lu8
uQk+v2kRjG5Tt4znMipW2Jfh9bI4VKtr1mgjiao05VD+01mbCJ0cMR9Mj4IUloFG
ECzmdXSHHIBMY+JweryjI4xl4k9Y8L+h3ERjSzC53/1KToV/aqjFlmP3o9a6+SHo
QL82PD86Zbc3oudjnQhoXw8tHWOeLZo+t8yAPd6Lpm4VySOErTGDFQUGxMhoDlUZ
iE6HOrLPPEKEgWlfQpBw84oZjjNm3r27gHZsbqJDt81dJ4Jt7iV1UuHevwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFnCMOjeOMKhZk0mKrNkgNNjXwDIMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvV2NJdzZONDR3cUZtVFNZcXMyU0EwMk5mQU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXb4PAwQB
oBRuAwQAuVXsMA0GCSqGSIb3DQEBCwUAA4IBAQBlBH4+FoMOT1DdD5PaULhT44jr
LjUS7JoLmSGgqGq1Bk2lhgkDMW2R3HAJuswBt91sNamHOzbzWgVvUNzLZkfZaXJq
TqukjSLQJjKZL8YZYZJ3UopI43ZJ9EE7nfBKsESJeH1yD7FM7AKpetW3OQt6o/n6
H8O8GDf4iZxzCd8h2sQp9SuCMRcESSTDFs4KarsiMKvS21z80F0qXZKhC5v8VCB+
eRH7b3FMRSWPR4tDTVtsZ7iYY2hmwQrN3CxjXqqdpS+TkQ1oO7zBsofL5b7ir8i9
PT4I11YnBlP8Ayn/bxiRMAplJCjdI2DQsnKlTY8Dn8WEgIrWzm9aOisaaqGR
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:10:10 2025 by rpki-client