Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/wjhfspu_G4HGizYS_OBNLClt3cU.roa
File: wjhfspu_G4HGizYS_OBNLClt3cU.roa (raw, json)
Hash identifier: bxfIFEAR3HaNo4msf1HR2PgJlfyMNGagLyOKrjbfFag=
Subject key identifier: C2:38:5F:B2:9B:BF:1B:81:C6:8B:36:12:FC:E0:4D:2C:29:6D:DD:C5
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 01946631DE700327228FCF4E5E6AFBD0A09D
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/wjhfspu_G4HGizYS_OBNLClt3cU.roa
Signing time: Tue 14 Jan 2025 19:02:11 +0000
ROA not before: Tue 14 Jan 2025 19:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59741
IP address blocks: 45.141.52.0/22 maxlen: 24
45.141.54.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:66:31:de:70:03:27:22:8f:cf:4e:5e:6a:fb:d0:a0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 14 19:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2385fb29bbf1b81c68b3612fce04d2c296dddc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:49:2e:ac:e5:7c:b7:6f:2e:64:bc:ff:ff:1c:
16:2d:36:1d:bc:64:cf:50:a2:4c:39:1f:9f:98:83:
00:47:00:31:ec:cf:c1:3e:de:ca:53:35:e4:77:19:
58:56:69:81:2c:69:36:86:f9:29:4e:eb:17:40:7c:
1e:a3:24:5d:03:c4:da:a0:ba:de:51:aa:b5:da:55:
c1:f4:02:b0:ee:14:b8:97:0a:f9:49:dc:67:72:0a:
b8:8b:8c:c5:0b:94:a7:03:59:09:81:ca:a4:27:cd:
ff:bc:a2:cc:d3:6f:83:38:d0:5d:9a:33:af:48:19:
2c:5f:dc:ec:03:17:ae:e3:a8:47:05:c6:28:d5:79:
8c:5a:0d:b9:46:6c:f6:e8:fd:ac:2c:5f:0b:85:28:
be:73:e5:36:5f:ce:48:22:d0:3b:f3:ec:64:42:44:
89:b8:38:66:04:8b:56:a4:69:69:b2:83:d4:36:31:
1d:b2:a7:a0:40:c7:ff:4e:fd:39:32:78:c8:09:62:
6f:cf:6d:b7:69:94:a3:13:1e:55:09:b7:15:f2:0b:
0e:a2:36:41:39:62:15:c6:97:77:49:d9:c6:11:23:
de:19:13:4e:79:48:0a:ae:ec:80:01:74:51:56:3d:
a5:f6:ad:ff:c4:12:2e:17:bd:b2:3d:2b:8f:b5:e0:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:38:5F:B2:9B:BF:1B:81:C6:8B:36:12:FC:E0:4D:2C:29:6D:DD:C5
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/wjhfspu_G4HGizYS_OBNLClt3cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.79.0/24
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
53:ce:fc:fb:90:bf:16:cc:18:e3:b7:b0:a6:a6:cc:ca:7d:f6:
f6:8e:38:5c:0d:a7:23:83:2e:f5:9f:e4:54:21:03:9a:e4:b3:
b2:2c:7a:b9:0f:ac:f6:d9:2f:ae:22:41:07:1a:06:44:ab:d0:
33:10:2e:5d:8e:49:76:04:59:ef:d8:66:d3:8d:fa:52:41:05:
28:d7:48:15:50:f4:8f:2c:82:16:e5:35:96:a7:84:35:98:48:
2d:47:23:df:9e:28:bf:40:15:3a:f9:38:45:42:04:1c:07:c2:
dc:e3:1b:0b:0b:a6:bd:23:96:f4:3d:21:b3:1d:07:ec:d1:9a:
7a:53:b9:e4:a5:25:99:23:bd:69:fe:cf:32:f1:fb:b8:71:9e:
dd:d7:9d:5a:3f:12:20:7b:12:73:5b:a1:de:0d:19:a8:4a:99:
76:65:c1:48:20:75:95:dc:4c:35:b1:ec:98:53:41:25:35:f7:
b8:28:02:2e:20:b6:12:7a:1d:4a:46:7b:2b:cf:ad:ef:9e:a0:
e1:46:27:83:e0:ac:d5:da:06:c9:86:b4:2a:a0:63:54:50:4e:
e1:b5:ce:20:dd:e1:92:99:7d:da:25:3e:23:07:f3:8d:1f:c8:
51:f3:4a:d1:b8:10:6d:b0:ce:b3:c4:66:48:21:c1:82:e6:9d:
54:99:8e:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRmMd5wAycij89OXmr70KCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjUwMTE0MTkwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM4NWZiMjliYmYxYjgxYzY4YjM2MTJmY2UwNGQyYzI5NmRkZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0kurOV8t28uZLz//xwWLTYdvGTP
UKJMOR+fmIMARwAx7M/BPt7KUzXkdxlYVmmBLGk2hvkpTusXQHweoyRdA8TaoLre
Uaq12lXB9AKw7hS4lwr5Sdxncgq4i4zFC5SnA1kJgcqkJ83/vKLM02+DONBdmjOv
SBksX9zsAxeu46hHBcYo1XmMWg25Rmz26P2sLF8LhSi+c+U2X85IItA78+xkQkSJ
uDhmBItWpGlpsoPUNjEdsqegQMf/Tv05MnjICWJvz223aZSjEx5VCbcV8gsOojZB
OWIVxpd3SdnGESPeGRNOeUgKruyAAXRRVj2l9q3/xBIuF72yPSuPteCy5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMI4X7KbvxuBxos2EvzgTSwpbd3FMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvd2poZnNwdV9HNEhHaXpZU19PQk5MQ2x0M2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLY00AwQA
LZtPAwQBuUnwMA0EAgACMAcDBQAqBUdAMA0GCSqGSIb3DQEBCwUAA4IBAQBTzvz7
kL8WzBjjt7CmpszKffb2jjhcDacjgy71n+RUIQOa5LOyLHq5D6z22S+uIkEHGgZE
q9AzEC5djkl2BFnv2GbTjfpSQQUo10gVUPSPLIIW5TWWp4Q1mEgtRyPfnii/QBU6
+ThFQgQcB8Lc4xsLC6a9I5b0PSGzHQfs0Zp6U7nkpSWZI71p/s8y8fu4cZ7d151a
PxIgexJzW6HeDRmoSpl2ZcFIIHWV3Ew1seyYU0ElNfe4KAIuILYSeh1KRnsrz63v
nqDhRieD4KzV2gbJhrQqoGNUUE7htc4g3eGSmX3aJT4jB/ONH8hR80rRuBBtsM6z
xGZIIcGC5p1UmY6e
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:21 2025 by rpki-client