Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wg4K-A6N-r0GqiTt3VvmmKyUe58.roa
File: wg4K-A6N-r0GqiTt3VvmmKyUe58.roa (raw, json)
Hash identifier: Q59XxjO0fnCpoGfgeBg/MdhK76D9FO/pO5kXFlg6BjE=
Subject key identifier: C2:0E:0A:F8:0E:8D:FA:BD:06:AA:24:ED:DD:5B:E6:98:AC:94:7B:9F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018CC9BA9B28125165E06E6557DD7CF5F672
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wg4K-A6N-r0GqiTt3VvmmKyUe58.roa
Signing time: Tue 02 Jan 2024 10:31:38 +0000
ROA not before: Tue 02 Jan 2024 10:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56630
IP address blocks: 94.241.128.0/22 maxlen: 24
178.253.8.0/22 maxlen: 24
94.241.184.0/22 maxlen: 24
178.253.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:9b:28:12:51:65:e0:6e:65:57:dd:7c:f5:f6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 10:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c20e0af80e8dfabd06aa24eddd5be698ac947b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5b:6f:fb:2a:5a:e4:e6:98:03:3c:25:99:ef:
86:9a:49:9c:45:bc:27:11:d0:c0:db:38:15:ff:63:
57:ec:ca:2b:07:cd:bd:de:c2:5a:1d:7a:2c:cf:72:
df:a7:9d:e7:76:99:91:83:b0:74:c6:97:18:51:a8:
7a:db:e9:fb:90:ff:14:a6:94:15:6b:20:ef:68:1f:
2f:72:1e:e9:79:20:99:8f:03:ca:07:d8:86:f0:be:
78:25:85:e7:36:96:d2:60:08:4b:9d:9a:6d:96:10:
ec:ac:ae:85:db:c7:ef:e5:ae:18:70:3d:5d:35:5c:
f4:49:79:58:3f:a2:33:84:d0:7b:94:30:ce:53:37:
bf:5d:e9:3f:77:da:28:17:2f:d0:c5:9d:03:df:23:
f6:1a:d4:0e:f5:52:3c:6a:ac:2b:6e:f8:2b:f9:b7:
75:76:a0:9b:e4:4f:e5:0f:47:b7:3c:ca:67:f8:5f:
2e:5d:49:6b:7d:df:f8:5f:86:98:a2:a3:ab:1e:e0:
30:19:0b:9f:7c:a9:2a:30:b7:45:7b:e2:70:c4:1c:
07:b2:3d:2d:70:56:45:55:50:cf:b0:75:c2:21:bb:
c9:be:1a:f0:7b:e9:ba:0c:1e:66:3a:1a:33:ea:36:
b4:c8:90:97:59:c7:ce:ca:bb:74:1f:d9:19:4a:3c:
de:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0E:0A:F8:0E:8D:FA:BD:06:AA:24:ED:DD:5B:E6:98:AC:94:7B:9F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wg4K-A6N-r0GqiTt3VvmmKyUe58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.128.0/22
94.241.184.0/22
178.253.8.0/22
178.253.48.0/22
Signature Algorithm: sha256WithRSAEncryption
39:b4:03:da:51:5a:4e:55:28:62:bd:ae:9b:77:da:66:51:70:
74:10:42:0f:51:98:dd:67:fa:83:74:ec:50:60:74:8d:74:73:
68:e2:02:41:5a:35:cf:59:fe:dd:57:50:06:a2:19:f0:2c:a0:
88:fe:18:da:03:c8:a5:bf:94:7e:43:69:5e:99:c8:d6:ff:c3:
ce:06:ca:04:56:50:ad:81:3e:64:30:94:b6:66:69:dd:c9:9c:
3a:69:4d:4a:b6:44:98:34:40:0d:bf:81:a6:5b:96:a4:43:ff:
b0:73:a2:a3:6d:61:1d:5d:3f:b3:0a:ed:d4:a9:2e:31:35:3b:
50:f1:92:6d:b3:ae:da:c6:5e:f7:36:d1:ce:fb:f2:08:5c:e4:
ae:3a:ad:68:50:44:a6:7b:d2:18:18:93:aa:1b:63:0d:6f:02:
be:b5:fb:00:60:70:00:e0:59:d3:49:f1:06:b9:54:5e:60:8b:
02:96:46:f6:41:f6:0e:fb:d4:2d:8b:7d:41:9f:d6:e1:9b:95:
44:29:5e:25:2d:0c:51:93:75:dd:b3:70:7a:ed:6a:4d:a4:ea:
4d:a7:48:a4:bd:0c:70:42:d6:98:26:72:d0:fa:46:a4:07:f9:
8c:4c:84:4a:2f:cf:7c:f7:88:30:6e:f0:8f:e2:e2:a2:c9:22:
41:6a:91:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJupsoElFl4G5lV9189fZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBlMGFmODBlOGRmYWJkMDZhYTI0ZWRkZDViZTY5OGFjOTQ3YjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVtv+ypa5OaYAzwlme+GmkmcRbwn
EdDA2zgV/2NX7MorB8293sJaHXosz3Lfp53ndpmRg7B0xpcYUah62+n7kP8UppQV
ayDvaB8vch7peSCZjwPKB9iG8L54JYXnNpbSYAhLnZptlhDsrK6F28fv5a4YcD1d
NVz0SXlYP6IzhNB7lDDOUze/Xek/d9ooFy/QxZ0D3yP2GtQO9VI8aqwrbvgr+bd1
dqCb5E/lD0e3PMpn+F8uXUlrfd/4X4aYoqOrHuAwGQuffKkqMLdFe+JwxBwHsj0t
cFZFVVDPsHXCIbvJvhrwe+m6DB5mOhoz6ja0yJCXWcfOyrt0H9kZSjzeoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMIOCvgOjfq9Bqok7d1b5pislHufMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvd2c0Sy1BNk4tcjBHcWlUdDNWdm1tS3lVZTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCXvGAAwQC
XvG4AwQCsv0IAwQCsv0wMA0GCSqGSIb3DQEBCwUAA4IBAQA5tAPaUVpOVShiva6b
d9pmUXB0EEIPUZjdZ/qDdOxQYHSNdHNo4gJBWjXPWf7dV1AGohnwLKCI/hjaA8il
v5R+Q2lemcjW/8POBsoEVlCtgT5kMJS2ZmndyZw6aU1KtkSYNEANv4GmW5akQ/+w
c6KjbWEdXT+zCu3UqS4xNTtQ8ZJts67axl73NtHO+/IIXOSuOq1oUESme9IYGJOq
G2MNbwK+tfsAYHAA4FnTSfEGuVReYIsClkb2QfYO+9Qti31Bn9bhm5VEKV4lLQxR
k3Xds3B67WpNpOpNp0ikvQxwQtaYJnLQ+kakB/mMTIRKL89894gwbvCP4uKiySJB
apE8
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:44:53 2024 by rpki-client on console-fra.rpki-client.org