Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/3WY3X5q4fOq560L_WSH-cufsaRE.roa
File: 3WY3X5q4fOq560L_WSH-cufsaRE.roa (raw, json)
Hash identifier: ntQ+B8KmKNG66GXsO1P2HQU3K4443jJAUAyade2YjcY=
Subject key identifier: DD:66:37:5F:9A:B8:7C:EA:B9:EB:42:FF:59:21:FE:72:E7:EC:69:11
Certificate issuer: /CN=0d6f91a5216404942239e696e65cf2d37214e4af
Certificate serial: 018CC3B71EF70AA2196D65E1DBD38C8894D9
Authority key identifier: 0D:6F:91:A5:21:64:04:94:22:39:E6:96:E6:5C:F2:D3:72:14:E4:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DW-RpSFkBJQiOeaW5lzy03IU5K8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/3WY3X5q4fOq560L_WSH-cufsaRE.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203773
IP address blocks: 194.149.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/DW-RpSFkBJQiOeaW5lzy03IU5K8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/DW-RpSFkBJQiOeaW5lzy03IU5K8.mft
rsync://rpki.ripe.net/repository/DEFAULT/DW-RpSFkBJQiOeaW5lzy03IU5K8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1e:f7:0a:a2:19:6d:65:e1:db:d3:8c:88:94:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d6f91a5216404942239e696e65cf2d37214e4af
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd66375f9ab87ceab9eb42ff5921fe72e7ec6911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:25:f4:91:75:c4:04:31:26:26:d2:40:af:c5:
00:9a:18:51:09:59:f7:d5:0e:c2:94:3a:91:99:da:
13:5e:ef:b0:42:bd:8b:ba:3a:3c:03:3c:b3:af:a4:
45:11:28:6e:02:40:c6:28:ce:82:9a:bd:79:56:5b:
62:69:98:0e:2c:f9:3e:13:39:00:3d:1d:1c:b1:e8:
af:3c:e2:fe:44:df:0b:ec:3f:2e:de:68:0c:d9:90:
77:a9:ed:41:94:dd:4d:3b:57:11:38:41:32:e6:60:
8e:ed:8f:5a:20:77:c2:bd:7f:32:bf:1e:c2:ae:d2:
d4:a3:df:f3:63:39:53:5e:8d:6b:c0:e2:49:6c:2f:
a8:0b:21:45:e3:99:ec:7f:02:1a:bf:0d:d9:ca:61:
81:63:33:60:bb:9a:cd:d5:6a:dc:6e:f2:ca:ed:c0:
c0:8c:be:b2:94:df:29:72:76:b5:c9:27:60:43:d4:
36:e4:72:0d:a0:1d:8c:58:48:a7:b3:fb:8a:67:6d:
0e:fa:ec:6d:85:7a:e7:f2:f5:0a:30:7e:51:ef:13:
55:09:fd:ac:4d:38:8e:0f:a0:81:e0:f5:b3:56:56:
04:42:64:bd:c8:62:0f:19:62:46:09:b8:1a:bf:ba:
2e:e3:5f:74:92:68:42:58:4a:cc:38:d5:13:59:b5:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:66:37:5F:9A:B8:7C:EA:B9:EB:42:FF:59:21:FE:72:E7:EC:69:11
X509v3 Authority Key Identifier:
keyid:0D:6F:91:A5:21:64:04:94:22:39:E6:96:E6:5C:F2:D3:72:14:E4:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW-RpSFkBJQiOeaW5lzy03IU5K8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/3WY3X5q4fOq560L_WSH-cufsaRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c12695-89e1-4482-94e5-c47eab17e93a/1/DW-RpSFkBJQiOeaW5lzy03IU5K8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.149.237.0/24
Signature Algorithm: sha256WithRSAEncryption
85:53:f1:c9:b9:bd:ac:41:1b:ab:98:04:81:8c:7f:23:00:0f:
ee:8d:68:fa:79:ae:6a:72:b9:41:47:ff:b1:db:87:e9:c0:fa:
3d:76:72:d7:14:a6:32:d7:0f:ce:1a:f4:cf:53:74:34:5e:b9:
59:fb:a0:91:1a:6f:51:ca:a9:64:f9:cd:63:c6:62:0c:83:cb:
d3:11:9d:49:89:5e:58:2b:11:82:18:1f:77:fb:24:1e:09:59:
ca:ce:9a:a1:35:c7:af:3c:fd:6f:6b:ea:b4:b9:c9:83:62:66:
38:93:58:33:0f:83:0b:68:92:b0:33:ae:30:f9:b7:7a:60:c6:
2e:1f:44:1e:9a:c0:b1:b4:78:ff:2c:65:67:13:29:40:b1:b3:
29:1f:5f:8e:32:9f:ba:5d:88:22:56:34:af:5a:b3:7e:1e:f1:
9f:41:39:6d:64:1c:f0:e4:dd:8c:46:d3:52:20:38:2c:82:37:
f7:8b:57:4b:a6:a9:12:00:29:d3:78:1c:b2:73:61:5f:a0:0a:
28:b4:35:00:2e:74:2e:0d:43:d2:b0:65:d5:b5:3f:97:03:55:
c5:fb:fc:55:e5:2f:34:08:ec:1b:af:8d:e5:cf:0e:28:46:f7:
ea:c6:14:d5:f3:03:44:da:26:10:67:b9:9a:27:22:fd:e9:23:
14:fc:29:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtx73CqIZbWXh29OMiJTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmY5MWE1MjE2NDA0OTQyMjM5ZTY5NmU2NWNmMmQzNzIx
NGU0YWYwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY2Mzc1ZjlhYjg3Y2VhYjllYjQyZmY1OTIxZmU3MmU3ZWM2OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSX0kXXEBDEmJtJAr8UAmhhRCVn3
1Q7ClDqRmdoTXu+wQr2Lujo8Azyzr6RFEShuAkDGKM6Cmr15VltiaZgOLPk+EzkA
PR0cseivPOL+RN8L7D8u3mgM2ZB3qe1BlN1NO1cROEEy5mCO7Y9aIHfCvX8yvx7C
rtLUo9/zYzlTXo1rwOJJbC+oCyFF45nsfwIavw3ZymGBYzNgu5rN1WrcbvLK7cDA
jL6ylN8pcna1ySdgQ9Q25HINoB2MWEins/uKZ20O+uxthXrn8vUKMH5R7xNVCf2s
TTiOD6CB4PWzVlYEQmS9yGIPGWJGCbgav7ou4190kmhCWErMONUTWbV+nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1mN1+auHzquetC/1kh/nLn7GkRMB8GA1UdIwQY
MBaAFA1vkaUhZASUIjnmluZc8tNyFOSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFctUnBTRmtCSlFpT2VhVzVsenkwM0lVNUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jMTI2OTUtODllMS00NDgyLTk0ZTUt
YzQ3ZWFiMTdlOTNhLzEvM1dZM1g1cTRmT3E1NjBMX1dTSC1jdWZzYVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jMTI2OTUtODllMS00NDgyLTk0ZTUtYzQ3ZWFiMTdlOTNh
LzEvRFctUnBTRmtCSlFpT2VhVzVsenkwM0lVNUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpXtMA0G
CSqGSIb3DQEBCwUAA4IBAQCFU/HJub2sQRurmASBjH8jAA/ujWj6ea5qcrlBR/+x
24fpwPo9dnLXFKYy1w/OGvTPU3Q0XrlZ+6CRGm9Ryqlk+c1jxmIMg8vTEZ1JiV5Y
KxGCGB93+yQeCVnKzpqhNcevPP1va+q0ucmDYmY4k1gzD4MLaJKwM64w+bd6YMYu
H0QemsCxtHj/LGVnEylAsbMpH1+OMp+6XYgiVjSvWrN+HvGfQTltZBzw5N2MRtNS
IDgsgjf3i1dLpqkSACnTeByyc2FfoAootDUALnQuDUPSsGXVtT+XA1XF+/xV5S80
COwbr43lzw4oRvfqxhTV8wNE2iYQZ7maJyL96SMU/Cnc
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:21:18 2024 by rpki-client on console-ams.rpki-client.org