Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/wow_cQ1S5FwYtHa8CITeNW43LQM.roa
File: wow_cQ1S5FwYtHa8CITeNW43LQM.roa (raw, json)
Hash identifier: DbYkXy+RIfOQ0DF1YEOQgl3JNQVmMQIAcB84f1JVNYk=
Subject key identifier: C2:8C:3F:71:0D:52:E4:5C:18:B4:76:BC:08:84:DE:35:6E:37:2D:03
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018D159FD9FBB0A63D6045E67F159BE8CFD4
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/wow_cQ1S5FwYtHa8CITeNW43LQM.roa
Signing time: Wed 17 Jan 2024 04:13:33 +0000
ROA not before: Wed 17 Jan 2024 04:13:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210659
IP address blocks: 202.181.204.0/24 maxlen: 24
2a13:d8c4:30::/44 maxlen: 48
2a13:d8c4:70::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:15:9f:d9:fb:b0:a6:3d:60:45:e6:7f:15:9b:e8:cf:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 17 04:13:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c28c3f710d52e45c18b476bc0884de356e372d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ae:7e:37:84:fe:c5:85:0e:ac:90:db:7e:91:
16:4c:73:5f:86:9a:b5:b4:63:9d:da:dd:d7:96:57:
8d:52:cb:af:f9:34:4d:e0:9d:f2:2f:f9:10:5c:a8:
34:59:62:de:da:ba:3f:0e:88:42:a2:af:a7:5b:c5:
87:e7:60:41:ba:69:c9:02:d7:29:a4:1e:c5:ed:e9:
12:6b:44:05:22:68:5a:f5:0e:fb:c6:9a:1f:24:48:
db:5a:42:eb:a5:17:74:d2:c7:6f:8f:98:af:a7:1e:
f9:3e:4f:53:d8:95:3e:ce:0c:4c:69:9a:6f:17:9c:
dd:6f:79:8d:ff:da:9e:19:0b:57:4b:a3:8c:33:5b:
a3:5a:a3:92:58:5c:d0:85:c5:94:07:84:1d:07:05:
cb:c0:47:a2:52:67:6b:5e:fd:f3:27:a4:33:a0:0a:
83:c8:50:bc:a2:a8:64:5b:d6:e3:d1:7c:0d:f7:94:
d4:3a:cf:25:a5:d3:ee:21:82:b1:9c:bd:98:cd:b9:
a9:1c:87:3c:56:2b:30:96:c4:0e:59:1b:33:d8:44:
9e:bb:9c:c4:ca:83:9f:a3:d0:12:c9:08:b0:f9:44:
44:f5:ea:35:dd:e6:39:7f:3b:2c:d4:32:8f:d7:97:
00:cc:7a:b3:90:8a:c8:6c:5f:42:6f:40:aa:bb:d3:
86:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8C:3F:71:0D:52:E4:5C:18:B4:76:BC:08:84:DE:35:6E:37:2D:03
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/wow_cQ1S5FwYtHa8CITeNW43LQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.181.204.0/24
IPv6:
2a13:d8c4:30::/44
2a13:d8c4:70::/44
Signature Algorithm: sha256WithRSAEncryption
21:22:76:9d:47:d0:30:03:df:48:b1:0d:a1:84:0f:ce:ae:38:
46:be:df:b3:17:24:c2:f6:81:f5:38:a0:a6:28:34:3a:e2:9e:
1c:20:ea:ab:f8:5b:aa:1b:bb:97:a1:c5:21:60:a2:93:8f:c8:
f2:34:06:c6:31:36:78:66:20:63:82:95:93:fc:dd:84:c8:0c:
53:dd:35:d0:85:1c:62:d2:37:36:38:6c:cc:8d:6e:37:ca:d3:
20:f1:3c:4f:10:ec:c5:b8:92:49:e5:57:b6:e1:27:fd:cf:17:
44:8d:bb:f7:04:96:08:ce:06:c8:15:3f:1c:c2:b2:d5:59:b8:
a3:3e:1a:38:aa:c4:2a:86:97:5d:aa:66:4a:4c:99:9f:df:9c:
ee:a2:46:eb:f6:b1:f0:f4:db:59:6a:b6:b2:4a:14:ca:92:99:
0e:63:3e:c5:1e:37:f6:2e:57:85:8d:6d:fe:45:8b:cd:eb:ef:
ff:b1:19:6d:34:84:65:4a:01:b8:82:b2:bd:e7:f7:23:3b:2b:
35:7e:67:da:46:8b:b4:27:26:72:85:0d:b7:b3:d9:b9:b6:3a:
52:cc:38:61:ad:5c:97:77:b4:75:66:3e:0a:e5:6d:a9:0e:ac:
44:53:08:cc:aa:cf:ae:f5:6e:2f:3f:d5:e1:cf:f2:c7:09:5c:
76:42:80:62
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY0Vn9n7sKY9YEXmfxWb6M/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjQwMTE3MDQxMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhjM2Y3MTBkNTJlNDVjMThiNDc2YmMwODg0ZGUzNTZlMzcyZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna5+N4T+xYUOrJDbfpEWTHNfhpq1
tGOd2t3XlleNUsuv+TRN4J3yL/kQXKg0WWLe2ro/DohCoq+nW8WH52BBumnJAtcp
pB7F7ekSa0QFImha9Q77xpofJEjbWkLrpRd00sdvj5ivpx75Pk9T2JU+zgxMaZpv
F5zdb3mN/9qeGQtXS6OMM1ujWqOSWFzQhcWUB4QdBwXLwEeiUmdrXv3zJ6QzoAqD
yFC8oqhkW9bj0XwN95TUOs8lpdPuIYKxnL2YzbmpHIc8ViswlsQOWRsz2ESeu5zE
yoOfo9ASyQiw+URE9eo13eY5fzss1DKP15cAzHqzkIrIbF9Cb0Cqu9OGdQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMKMP3ENUuRcGLR2vAiE3jVuNy0DMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvd293X2NRMVM1RndZdEhhOENJVGVOVzQzTFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAyrXMMBgE
AgACMBIDBwQqE9jEADADBwQqE9jEAHAwDQYJKoZIhvcNAQELBQADggEBACEidp1H
0DAD30ixDaGED86uOEa+37MXJML2gfU4oKYoNDrinhwg6qv4W6obu5ehxSFgopOP
yPI0BsYxNnhmIGOClZP83YTIDFPdNdCFHGLSNzY4bMyNbjfK0yDxPE8Q7MW4kknl
V7bhJ/3PF0SNu/cElgjOBsgVPxzCstVZuKM+GjiqxCqGl12qZkpMmZ/fnO6iRuv2
sfD021lqtrJKFMqSmQ5jPsUeN/YuV4WNbf5Fi83r7/+xGW00hGVKAbiCsr3n9yM7
KzV+Z9pGi7QnJnKFDbez2bm2OlLMOGGtXJd3tHVmPgrlbakOrERTCMyqz671bi8/
1eHP8scJXHZCgGI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:29:24 2024 by rpki-client on console-ams.rpki-client.org