Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/WOG7VnnNaCan7I1b0qFWs97bO34.roa
File: WOG7VnnNaCan7I1b0qFWs97bO34.roa (raw, json)
Hash identifier: xeo55NI/JEdkiQohfCLo1YSPCwNyr2Q/mGqkvTvo3Rw=
Subject key identifier: 58:E1:BB:56:79:CD:68:26:A7:EC:8D:5B:D2:A1:56:B3:DE:DB:3B:7E
Certificate issuer: /CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Certificate serial: 018CC801ADA035D9E4D0C7C7B359DBCEACF6
Authority key identifier: 4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/WOG7VnnNaCan7I1b0qFWs97bO34.roa
Signing time: Tue 02 Jan 2024 02:30:02 +0000
ROA not before: Tue 02 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42339
IP address blocks: 46.28.224.0/21 maxlen: 21
77.72.120.0/21 maxlen: 21
185.22.204.0/22 maxlen: 22
2a00:60a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ad:a0:35:d9:e4:d0:c7:c7:b3:59:db:ce:ac:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58e1bb5679cd6826a7ec8d5bd2a156b3dedb3b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f7:58:74:2d:f9:db:6d:aa:32:ba:9f:45:1f:
ce:86:5c:00:a6:78:75:77:aa:10:db:20:40:5b:de:
6e:82:07:83:66:81:e0:6d:7f:62:cd:af:b1:bd:9f:
33:9e:67:1e:b3:7a:8a:97:20:c9:85:f8:1c:e2:5d:
68:55:4d:8d:0c:2e:1a:20:87:78:22:b3:a0:cb:58:
16:b9:28:3a:74:8b:d6:fa:dd:da:82:bf:ef:e9:52:
72:6d:8f:f7:4d:55:e0:27:2f:da:76:1b:9f:2c:37:
9b:c2:3b:6c:d0:48:e4:86:7f:c4:2c:4a:34:f3:8e:
40:27:87:26:f4:0f:2b:23:f0:2a:f0:9a:d8:e6:6f:
8a:fb:30:e8:bd:c2:eb:45:82:b4:31:1e:6b:7b:40:
0d:b7:ba:7e:f1:fa:9a:a5:6e:0e:72:7b:9b:cc:7b:
72:c3:9b:91:99:58:b0:10:c8:ec:19:7f:5a:20:55:
51:f2:fc:42:5b:f4:ae:3a:df:8b:6a:c1:bf:b6:2f:
ff:b3:b8:31:f8:10:46:5e:3e:c8:47:85:9e:56:e1:
8c:bb:4a:d8:6d:0b:cc:b7:27:77:66:e7:63:e4:e2:
59:83:25:f7:09:76:fa:51:ca:db:bd:f2:bb:46:36:
2d:23:07:55:87:e3:a3:5c:41:8b:fd:49:cf:66:b7:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E1:BB:56:79:CD:68:26:A7:EC:8D:5B:D2:A1:56:B3:DE:DB:3B:7E
X509v3 Authority Key Identifier:
keyid:4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/WOG7VnnNaCan7I1b0qFWs97bO34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.224.0/21
77.72.120.0/21
185.22.204.0/22
IPv6:
2a00:60a0::/32
Signature Algorithm: sha256WithRSAEncryption
b7:39:93:d6:4d:a2:96:4f:ae:30:69:b9:fa:ff:2c:aa:12:9d:
09:5d:6b:75:bb:d4:3b:59:c9:85:79:e5:7e:57:bb:0b:2c:06:
7b:28:9e:41:93:79:14:43:de:1d:7f:3a:40:0d:6f:4f:c2:69:
0e:b6:33:37:85:a7:c4:cf:1a:8b:6c:9b:c2:f9:d2:b1:f5:80:
3d:7c:45:69:75:f1:fe:f4:fe:26:d9:9e:22:e7:c5:a9:db:cd:
07:d0:58:ee:88:37:c4:60:68:e5:02:e8:75:48:0b:3e:d1:bc:
9a:8d:a6:5d:d2:fb:6a:4a:c7:d3:3a:1a:97:09:75:06:13:2d:
1f:8c:45:ae:e0:99:85:2a:f4:c0:5c:00:87:fe:af:87:f4:08:
b0:d6:c4:db:e2:c3:70:9e:8d:17:b2:44:82:0b:76:ca:28:81:
d9:0f:b0:c7:dc:36:33:a1:ee:3e:e6:4c:b4:51:b1:ac:52:b8:
a3:51:ac:d7:e7:c5:16:5c:13:88:7a:60:8d:6e:f8:bd:a9:1a:
74:5e:10:e0:a2:6d:54:dd:79:9f:a5:f3:0f:94:9b:36:1f:bb:
6f:f3:b6:b4:0c:df:43:3c:3a:dc:29:6c:ec:5b:95:5d:81:de:
0e:94:94:19:9d:e6:fc:5b:ec:b3:d1:26:40:df:f1:91:ae:08:
3c:a8:fa:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAa2gNdnk0MfHs1nbzqz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjFjYzhhMzY1Y2M0MDM4MmEzMWRhZDU0ZjZjYjcyM2Y1
ODc1OGEwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGUxYmI1Njc5Y2Q2ODI2YTdlYzhkNWJkMmExNTZiM2RlZGIzYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/dYdC35222qMrqfRR/OhlwApnh1
d6oQ2yBAW95uggeDZoHgbX9iza+xvZ8znmces3qKlyDJhfgc4l1oVU2NDC4aIId4
IrOgy1gWuSg6dIvW+t3agr/v6VJybY/3TVXgJy/adhufLDebwjts0Ejkhn/ELEo0
845AJ4cm9A8rI/Aq8JrY5m+K+zDovcLrRYK0MR5re0ANt7p+8fqapW4OcnubzHty
w5uRmViwEMjsGX9aIFVR8vxCW/SuOt+LasG/ti//s7gx+BBGXj7IR4WeVuGMu0rY
bQvMtyd3Zudj5OJZgyX3CXb6UcrbvfK7RjYtIwdVh+OjXEGL/UnPZre9cwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFjhu1Z5zWgmp+yNW9KhVrPe2zt+MB8GA1UdIwQY
MBaAFEthzIo2XMQDgqMdrVT2y3I/WHWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYt
YzRmZDUzZWJlYjY3LzEvV09HN1Zubk5hQ2FuN0kxYjBxRldzOTdiTzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYtYzRmZDUzZWJlYjY3
LzEvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhzgAwQD
TUh4AwQCuRbMMA0EAgACMAcDBQAqAGCgMA0GCSqGSIb3DQEBCwUAA4IBAQC3OZPW
TaKWT64wabn6/yyqEp0JXWt1u9Q7WcmFeeV+V7sLLAZ7KJ5Bk3kUQ94dfzpADW9P
wmkOtjM3hafEzxqLbJvC+dKx9YA9fEVpdfH+9P4m2Z4i58Wp280H0FjuiDfEYGjl
Auh1SAs+0byajaZd0vtqSsfTOhqXCXUGEy0fjEWu4JmFKvTAXACH/q+H9Aiw1sTb
4sNwno0XskSCC3bKKIHZD7DH3DYzoe4+5ky0UbGsUrijUazX58UWXBOIemCNbvi9
qRp0XhDgom1U3XmfpfMPlJs2H7tv87a0DN9DPDrcKWzsW5Vdgd4OlJQZneb8W+yz
0SZA3/GRrgg8qPrw
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:18:38 2024 by rpki-client on console-ams.rpki-client.org