Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/wn31UFilpeXDBcMwPESpDqZSVzI.roa
File: wn31UFilpeXDBcMwPESpDqZSVzI.roa (raw, json)
Hash identifier: AbAera+EBRv856kT/g0nGu91eZnxCnv9QP3cUnGN/kU=
Subject key identifier: C2:7D:F5:50:58:A5:A5:E5:C3:05:C3:30:3C:44:A9:0E:A6:52:57:32
Certificate issuer: /CN=7b6ed027d37bd6109a0311e2869d344ad95935f9
Certificate serial: 018CC3B6F8E077A45954A06C84C5556C53C8
Authority key identifier: 7B:6E:D0:27:D3:7B:D6:10:9A:03:11:E2:86:9D:34:4A:D9:59:35:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/wn31UFilpeXDBcMwPESpDqZSVzI.roa
Signing time: Mon 01 Jan 2024 06:29:57 +0000
ROA not before: Mon 01 Jan 2024 06:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211468
IP address blocks: 185.190.38.0/24 maxlen: 24
194.169.166.0/24 maxlen: 24
194.169.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f8:e0:77:a4:59:54:a0:6c:84:c5:55:6c:53:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b6ed027d37bd6109a0311e2869d344ad95935f9
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c27df55058a5a5e5c305c3303c44a90ea6525732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2c:0b:d8:4b:69:05:ee:b0:67:0c:2e:2d:2e:
9c:68:cf:cd:b3:08:ad:9e:e8:64:f8:93:54:36:9e:
c2:16:2c:13:13:00:57:ea:7c:2f:a3:46:e0:c6:ca:
76:ef:a8:21:51:7a:2a:03:ce:fb:25:4b:55:30:75:
9f:b7:6b:2b:53:7a:56:75:55:e6:7c:ef:6d:8c:1a:
ac:96:6d:22:2e:03:42:f8:0a:50:53:eb:60:57:8c:
f9:4f:01:6c:fd:09:53:1f:18:f3:67:29:1d:90:4c:
7c:04:51:a5:6c:ab:e9:70:85:b3:2b:0f:65:d2:52:
68:a0:93:2d:f7:44:90:00:cd:4c:8b:75:09:64:5b:
d7:8d:f3:a3:79:d3:ae:5a:92:5c:5a:2d:b1:d1:cb:
a8:a7:a0:b6:b6:be:bd:b0:d1:ce:69:9b:46:8e:96:
5c:0e:46:8e:bd:70:9b:2e:14:08:57:a7:b7:7d:38:
b3:be:49:55:ec:98:ca:c8:68:c2:94:ec:3c:3b:bb:
04:f7:57:b3:53:84:29:fb:99:83:47:0e:66:79:fe:
de:72:f3:4c:53:db:bb:81:cf:d8:56:2d:22:68:61:
1b:14:98:7f:29:5d:57:52:8c:b2:0f:1a:dd:96:2d:
d2:3f:f5:bd:3a:36:a9:ea:00:b4:3c:23:6c:f2:d5:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:7D:F5:50:58:A5:A5:E5:C3:05:C3:30:3C:44:A9:0E:A6:52:57:32
X509v3 Authority Key Identifier:
keyid:7B:6E:D0:27:D3:7B:D6:10:9A:03:11:E2:86:9D:34:4A:D9:59:35:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/wn31UFilpeXDBcMwPESpDqZSVzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.38.0/24
194.169.166.0/23
Signature Algorithm: sha256WithRSAEncryption
38:9c:b4:a3:75:ea:12:68:83:ba:64:51:e0:bb:d6:bc:46:97:
3c:ca:75:81:9a:51:7f:79:f1:56:34:f9:6f:4c:3b:5a:4a:77:
bf:06:41:1e:24:29:32:fe:b6:15:29:28:dd:31:d4:ed:0e:67:
f2:b7:eb:6a:d9:bf:f1:bc:71:6b:eb:c0:fe:db:de:72:98:35:
f3:50:56:6f:99:24:9e:f0:9d:0e:75:2e:4c:09:d4:2b:ed:2c:
3b:22:58:0a:28:cb:fc:b9:90:27:fc:a5:a6:81:20:7e:e1:c8:
d3:15:29:b5:ad:71:d2:db:5d:6a:62:51:b1:22:fb:4d:22:cd:
3c:42:99:fd:0a:5e:7c:6e:e2:36:d8:52:6e:07:4b:ed:dc:b6:
2a:14:a4:5e:fa:42:d9:3a:4a:51:cf:45:e6:f2:d1:8a:57:2c:
27:8a:bc:30:9c:ce:30:82:57:fc:86:18:e1:a9:cf:78:52:34:
49:e3:f5:0b:2f:2e:b0:d3:1c:8f:77:3d:48:70:60:f2:c1:ae:
66:90:74:f4:97:a8:67:2a:37:b7:fd:3d:51:05:0e:ed:a4:d8:
a6:b2:46:30:75:9f:d8:dc:66:a3:dd:b2:2f:d0:b1:51:f9:71:
4f:a0:6e:8b:6b:21:48:ef:7c:1c:6d:1c:fa:38:19:0f:13:a7:
e9:ea:65:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtvjgd6RZVKBshMVVbFPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNmVkMDI3ZDM3YmQ2MTA5YTAzMTFlMjg2OWQzNDRhZDk1
OTM1ZjkwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdkZjU1MDU4YTVhNWU1YzMwNWMzMzAzYzQ0YTkwZWE2NTI1NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCwL2EtpBe6wZwwuLS6caM/Nswit
nuhk+JNUNp7CFiwTEwBX6nwvo0bgxsp276ghUXoqA877JUtVMHWft2srU3pWdVXm
fO9tjBqslm0iLgNC+ApQU+tgV4z5TwFs/QlTHxjzZykdkEx8BFGlbKvpcIWzKw9l
0lJooJMt90SQAM1Mi3UJZFvXjfOjedOuWpJcWi2x0cuop6C2tr69sNHOaZtGjpZc
DkaOvXCbLhQIV6e3fTizvklV7JjKyGjClOw8O7sE91ezU4Qp+5mDRw5mef7ecvNM
U9u7gc/YVi0iaGEbFJh/KV1XUoyyDxrdli3SP/W9Ojap6gC0PCNs8tWBSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMJ99VBYpaXlwwXDMDxEqQ6mUlcyMB8GA1UdIwQY
MBaAFHtu0CfTe9YQmgMR4oadNErZWTX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTI3UUo5TjcxaENhQXhIaWhwMDBTdGxaTmZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OTdlNDUtY2RlNC00YzM0LThiZWEt
Yzk3ZTM3M2Q3MDRjLzEvd24zMVVGaWxwZVhEQmNNd1BFU3BEcVpTVnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OTdlNDUtY2RlNC00YzM0LThiZWEtYzk3ZTM3M2Q3MDRj
LzEvZTI3UUo5TjcxaENhQXhIaWhwMDBTdGxaTmZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub4mAwQB
wqmmMA0GCSqGSIb3DQEBCwUAA4IBAQA4nLSjdeoSaIO6ZFHgu9a8Rpc8ynWBmlF/
efFWNPlvTDtaSne/BkEeJCky/rYVKSjdMdTtDmfyt+tq2b/xvHFr68D+295ymDXz
UFZvmSSe8J0OdS5MCdQr7Sw7IlgKKMv8uZAn/KWmgSB+4cjTFSm1rXHS211qYlGx
IvtNIs08Qpn9Cl58buI22FJuB0vt3LYqFKRe+kLZOkpRz0Xm8tGKVywnirwwnM4w
glf8hhjhqc94UjRJ4/ULLy6w0xyPdz1IcGDywa5mkHT0l6hnKje3/T1RBQ7tpNim
skYwdZ/Y3Gaj3bIv0LFR+XFPoG6LayFI73wcbRz6OBkPE6fp6mXZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:18 2024 by rpki-client on console-fra.rpki-client.org