Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/wig6KC4gSVw0HyIKRBc2xTnuVN4.roa
File: wig6KC4gSVw0HyIKRBc2xTnuVN4.roa (raw, json)
Hash identifier: EHt3EBj8Qls7cfEcrr19uaUc9VJjWJHcYHVlVYE7DsU=
Subject key identifier: C2:28:3A:28:2E:20:49:5C:34:1F:22:0A:44:17:36:C5:39:EE:54:DE
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 019422FB8337A5AA471C94BAC7D950587C13
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/wig6KC4gSVw0HyIKRBc2xTnuVN4.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41655
IP address blocks: 37.153.80.0/21 maxlen: 21
37.153.80.0/24 maxlen: 24
37.153.81.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
185.224.180.0/22 maxlen: 24
195.8.198.0/23 maxlen: 23
195.8.198.0/24 maxlen: 24
195.8.199.0/24 maxlen: 24
2a00:adc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:83:37:a5:aa:47:1c:94:ba:c7:d9:50:58:7c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2283a282e20495c341f220a441736c539ee54de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:62:dc:65:dc:e0:68:44:c4:84:ad:ca:ed:96:
5b:c1:f0:56:3d:02:7c:30:f8:3c:9b:51:03:05:d0:
63:00:f9:7a:88:e0:11:33:ba:a6:13:cb:cc:21:10:
60:f7:49:f6:85:bf:be:72:c3:2a:59:f2:db:8b:9b:
83:6b:0a:ea:f3:b9:72:e3:27:aa:b1:38:dc:7f:11:
c6:f2:e4:7a:f3:aa:4d:df:e5:80:79:2e:bb:0d:52:
b1:9e:ed:55:3b:d2:af:66:8c:af:c1:8e:94:08:69:
bd:ad:90:89:05:1a:ac:57:2c:a9:5d:54:10:04:62:
0e:a6:87:e9:a4:58:8c:bf:fe:da:d5:70:ab:fd:12:
8f:1f:bb:e5:55:4c:e3:be:05:c2:50:da:f5:2e:8c:
77:f0:06:b6:15:f1:4d:b8:30:0f:3d:e3:f6:8b:08:
fa:c7:14:53:cf:d5:70:f4:3a:0e:79:f5:9b:f4:89:
95:e0:df:fa:49:92:03:f7:c6:8b:b2:b8:55:69:7f:
2d:6a:23:4d:70:a7:7a:59:68:72:41:f9:e9:15:da:
0d:23:56:ea:07:c7:12:02:80:e1:12:2b:6b:c6:89:
0a:63:f6:b9:cd:e2:87:05:c1:60:2a:10:36:fd:36:
2f:65:38:2d:cd:93:c3:17:e9:73:9d:32:f9:23:f2:
1c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:28:3A:28:2E:20:49:5C:34:1F:22:0A:44:17:36:C5:39:EE:54:DE
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/wig6KC4gSVw0HyIKRBc2xTnuVN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
185.224.180.0/22
195.8.198.0/23
IPv6:
2a00:adc0::/32
Signature Algorithm: sha256WithRSAEncryption
48:ac:15:bc:38:c2:9a:84:ad:42:a7:d6:20:38:49:6f:a0:cc:
9e:95:bb:85:15:43:4d:c0:29:83:bc:be:55:31:b0:6e:8e:55:
f1:69:61:66:e8:bd:e6:be:aa:8b:0c:6d:4e:cb:4c:0f:85:b4:
de:b2:65:5a:de:cd:11:5c:2d:31:43:b0:0e:29:c3:26:d6:35:
29:83:c5:bf:dc:0c:bd:77:c4:3f:9f:99:eb:4f:33:d7:c9:c4:
17:a5:05:cd:f0:e9:ec:7f:cb:b7:69:d6:72:f0:3f:ed:cf:10:
b0:da:7f:b2:74:d6:05:37:f8:85:1d:cc:de:2a:24:dc:32:86:
e5:a7:af:f2:7d:df:70:d8:1a:1a:43:89:45:34:1d:9d:54:80:
66:5f:e6:71:fd:cc:41:2b:34:a6:09:68:bf:21:da:79:bf:15:
48:cb:4b:67:2e:26:cb:54:45:a7:29:cf:1b:2b:e8:e2:fc:df:
5b:0f:6d:cf:ae:5c:f8:1a:e8:db:a8:e0:0d:e0:7b:6a:f6:18:
c5:2e:1c:06:d5:b0:f3:0d:84:aa:e0:68:d2:0a:52:25:5d:f1:
31:86:c7:4c:db:a1:59:1b:03:9e:33:bc:73:a1:a2:65:d6:a5:
b8:2d:f0:e1:52:56:ed:cd:ce:48:d0:96:1b:90:e8:de:31:44:
e2:27:c0:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi+4M3papHHJS6x9lQWHwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI4M2EyODJlMjA0OTVjMzQxZjIyMGE0NDE3MzZjNTM5ZWU1NGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmLcZdzgaETEhK3K7ZZbwfBWPQJ8
MPg8m1EDBdBjAPl6iOARM7qmE8vMIRBg90n2hb++csMqWfLbi5uDawrq87ly4yeq
sTjcfxHG8uR686pN3+WAeS67DVKxnu1VO9KvZoyvwY6UCGm9rZCJBRqsVyypXVQQ
BGIOpofppFiMv/7a1XCr/RKPH7vlVUzjvgXCUNr1Lox38Aa2FfFNuDAPPeP2iwj6
xxRTz9Vw9DoOefWb9ImV4N/6SZID98aLsrhVaX8taiNNcKd6WWhyQfnpFdoNI1bq
B8cSAoDhEitrxokKY/a5zeKHBcFgKhA2/TYvZTgtzZPDF+lznTL5I/IcTwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMIoOiguIElcNB8iCkQXNsU57lTeMB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvd2lnNktDNGdTVncwSHlJS1JCYzJ4VG51Vk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJZlQAwQC
ueC0AwQBwwjGMA0EAgACMAcDBQAqAK3AMA0GCSqGSIb3DQEBCwUAA4IBAQBIrBW8
OMKahK1Cp9YgOElvoMyelbuFFUNNwCmDvL5VMbBujlXxaWFm6L3mvqqLDG1Oy0wP
hbTesmVa3s0RXC0xQ7AOKcMm1jUpg8W/3Ay9d8Q/n5nrTzPXycQXpQXN8Onsf8u3
adZy8D/tzxCw2n+ydNYFN/iFHczeKiTcMoblp6/yfd9w2BoaQ4lFNB2dVIBmX+Zx
/cxBKzSmCWi/Idp5vxVIy0tnLibLVEWnKc8bK+ji/N9bD23Prlz4GujbqOAN4Htq
9hjFLhwG1bDzDYSq4GjSClIlXfExhsdM26FZGwOeM7xzoaJl1qW4LfDhUlbtzc5I
0JYbkOjeMUTiJ8CL
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:25:16 2025 by rpki-client