Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/wgLpdQzEQiut3zZPkrk2it4-KJM.roa
File: wgLpdQzEQiut3zZPkrk2it4-KJM.roa (raw, json)
Hash identifier: rQ6r9VvnZsN117x/0JkyHFIrRA5vncbf9BthsT1+A7U=
Subject key identifier: C2:02:E9:75:0C:C4:42:2B:AD:DF:36:4F:92:B9:36:8A:DE:3E:28:93
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 019420682D7D7009B995BB009AD7C0F1F0B7
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/wgLpdQzEQiut3zZPkrk2it4-KJM.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 185.146.172.0/24 maxlen: 24
185.146.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2d:7d:70:09:b9:95:bb:00:9a:d7:c0:f1:f0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c202e9750cc4422baddf364f92b9368ade3e2893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9f:76:f5:1c:f1:7d:27:9a:a3:f7:d7:f6:e4:
83:c9:6b:6d:c6:43:57:f8:83:1f:a7:40:fb:ac:ad:
e8:ad:b8:3c:38:ea:36:48:f3:7a:2f:08:bf:6d:3c:
dc:14:1c:b5:cf:a3:4b:00:3a:44:1f:25:7c:a5:81:
b1:4f:0e:ca:40:79:a8:4f:4f:45:0a:54:3b:62:75:
7e:3b:3b:09:a5:5e:d1:dc:0e:62:42:f8:1c:4a:ac:
39:9b:ed:9d:db:f7:0a:13:02:19:aa:02:4e:28:e5:
98:0f:61:16:49:3d:9c:08:2b:38:6f:e2:64:62:2e:
44:d2:84:a4:5f:b4:e1:a7:4e:2b:6c:d2:a0:b1:e3:
cc:47:50:c6:7b:26:c5:39:c2:3d:22:49:ad:a2:36:
2a:0c:20:87:07:3a:66:15:a3:ab:1a:23:05:d2:09:
fa:a3:9f:f0:f2:5d:2f:18:7c:c2:6f:ce:58:46:39:
fc:fb:ec:32:d0:85:18:3b:92:b8:65:f3:cf:29:52:
51:9c:f1:98:e6:2c:81:4e:96:81:d1:41:62:eb:28:
87:dd:1a:e7:2b:e8:f1:49:39:b5:d0:d3:51:2a:39:
0d:29:df:79:73:16:b0:64:a4:90:06:eb:ec:29:43:
49:ef:52:46:9c:c6:db:b2:84:20:51:af:d8:f3:9c:
7f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:02:E9:75:0C:C4:42:2B:AD:DF:36:4F:92:B9:36:8A:DE:3E:28:93
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/wgLpdQzEQiut3zZPkrk2it4-KJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.172.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:d8:5b:64:31:5e:b0:c3:e6:5d:99:57:bf:4d:6c:c0:ab:f1:
14:c4:2c:a9:26:e5:eb:1d:b0:0b:ba:e7:d9:19:62:2b:5e:00:
8b:5c:12:1d:7f:a2:da:62:5f:63:14:6a:95:10:0f:18:6e:4c:
7e:23:d7:36:dd:59:57:76:58:66:2e:34:38:29:df:c5:32:4c:
85:f2:cd:f7:1e:a7:a7:3c:25:ee:ab:85:40:02:a7:d5:33:78:
f0:23:a5:00:35:c8:97:5f:9f:0d:fd:a3:3f:03:e2:9d:17:13:
cd:c0:86:73:7d:b2:70:3e:07:42:42:56:aa:d4:41:d3:5b:69:
43:9e:93:1e:c2:6f:a1:57:46:80:f2:be:da:3e:02:70:6d:33:
ea:78:53:c5:39:4a:09:5e:e5:91:2b:c0:e9:c5:23:cb:0f:5f:
f8:a2:02:38:50:2a:52:fe:70:ef:f2:17:b3:f5:63:d3:8f:f4:
86:8a:7e:ba:c1:5d:7b:6e:44:a5:74:d6:c2:b8:75:cd:cc:22:
ad:a6:75:f8:ca:83:dc:75:32:b5:2a:e2:21:a6:1e:39:ac:8a:
da:19:2b:b4:37:d2:c5:f1:0b:6d:6c:b7:00:ef:d9:f3:c8:f9:
88:b9:3a:0d:2f:8b:b1:ee:ea:4a:14:51:43:f0:bc:cb:6b:fd:
25:39:24:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC19cAm5lbsAmtfA8fC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDQ4OWRjOWMwYTc0YzJlZDUzZTFkOWUxZmJmZGQ4Yzg3
NzNiOTQwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjAyZTk3NTBjYzQ0MjJiYWRkZjM2NGY5MmI5MzY4YWRlM2UyODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp929RzxfSeao/fX9uSDyWttxkNX
+IMfp0D7rK3orbg8OOo2SPN6Lwi/bTzcFBy1z6NLADpEHyV8pYGxTw7KQHmoT09F
ClQ7YnV+OzsJpV7R3A5iQvgcSqw5m+2d2/cKEwIZqgJOKOWYD2EWST2cCCs4b+Jk
Yi5E0oSkX7Thp04rbNKgsePMR1DGeybFOcI9IkmtojYqDCCHBzpmFaOrGiMF0gn6
o5/w8l0vGHzCb85YRjn8++wy0IUYO5K4ZfPPKVJRnPGY5iyBTpaB0UFi6yiH3Rrn
K+jxSTm10NNRKjkNKd95cxawZKSQBuvsKUNJ71JGnMbbsoQgUa/Y85x/8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIC6XUMxEIrrd82T5K5NorePiiTMB8GA1UdIwQY
MBaAFBoEidycCnTC7VPh2eH7/djIdzuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjct
YTAyMWE2M2RkZmMzLzEvd2dMcGRRekVRaXV0M3paUGtyazJpdDQtS0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjctYTAyMWE2M2RkZmMz
LzEvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZKsMA0G
CSqGSIb3DQEBCwUAA4IBAQB82FtkMV6ww+ZdmVe/TWzAq/EUxCypJuXrHbALuufZ
GWIrXgCLXBIdf6LaYl9jFGqVEA8Ybkx+I9c23VlXdlhmLjQ4Kd/FMkyF8s33Hqen
PCXuq4VAAqfVM3jwI6UANciXX58N/aM/A+KdFxPNwIZzfbJwPgdCQlaq1EHTW2lD
npMewm+hV0aA8r7aPgJwbTPqeFPFOUoJXuWRK8DpxSPLD1/4ogI4UCpS/nDv8hez
9WPTj/SGin66wV17bkSldNbCuHXNzCKtpnX4yoPcdTK1KuIhph45rIraGSu0N9LF
8QttbLcA79nzyPmIuToNL4ux7upKFFFD8LzLa/0lOSTc
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:00 2025 by rpki-client