Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WG3WpTc_OAlnqmVGtyw6Z_qieKk.roa
File: WG3WpTc_OAlnqmVGtyw6Z_qieKk.roa (raw, json)
Hash identifier: 6yGxkVbOfYiXcGvCeUccfQcnulubIZf+Dtx4ZGc7TP8=
Subject key identifier: 58:6D:D6:A5:37:3F:38:09:67:AA:65:46:B7:2C:3A:67:FA:A2:78:A9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274860C7A036852B017AB48C1EBBF8C1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WG3WpTc_OAlnqmVGtyw6Z_qieKk.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52177
IP address blocks: 192.121.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:60:c7:a0:36:85:2b:01:7a:b4:8c:1e:bb:f8:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=586dd6a5373f380967aa6546b72c3a67faa278a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:63:5b:af:d0:29:cf:74:ec:7b:2b:43:3d:be:
cd:b5:d1:e0:ff:99:85:52:af:e8:c1:61:77:ad:7f:
73:90:5b:40:4a:9b:bd:8c:ce:d9:77:fe:c5:7b:a4:
0b:94:1f:d5:19:53:84:14:25:00:44:1d:e1:ae:9a:
1e:52:d2:70:4d:73:1f:40:62:7c:0d:be:ec:55:47:
5a:99:ec:c9:c7:79:a7:97:5d:e4:7a:e8:59:c2:f1:
34:23:73:fd:00:1c:37:8d:d6:25:da:3f:95:9e:41:
c2:9d:ac:e7:fc:62:34:d9:c3:58:7e:8d:e5:2c:ae:
6c:b0:e8:18:43:dd:31:bc:31:1f:06:73:9e:9f:e3:
da:83:ed:44:13:06:a0:5d:3c:27:e6:8a:b9:f2:41:
39:a1:9c:51:de:ac:17:a5:c3:58:8b:16:1b:e9:93:
cf:a4:74:96:6e:0e:6f:fa:1f:ff:9d:01:1c:ac:90:
b5:fa:8f:59:61:3c:c9:ad:d0:14:51:18:77:fd:d1:
47:28:4c:03:dd:19:99:de:07:f7:bb:46:10:d1:aa:
fa:bd:31:6c:fc:56:01:d1:f4:5d:5e:bc:45:84:d3:
05:09:4e:00:49:f6:6d:fc:9e:00:cb:a4:f4:be:80:
d0:8b:5b:5c:b2:14:ca:49:4b:b7:7b:49:79:e7:2e:
0d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6D:D6:A5:37:3F:38:09:67:AA:65:46:B7:2C:3A:67:FA:A2:78:A9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WG3WpTc_OAlnqmVGtyw6Z_qieKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.29.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:46:ed:95:7f:be:8f:22:a9:71:6c:90:29:a9:b5:22:84:6b:
cd:0a:06:9a:6d:18:9e:74:34:8c:91:f5:8a:84:6f:60:ac:fd:
39:8a:e7:f5:7b:32:46:4f:34:fa:8f:aa:33:e1:55:18:de:df:
e2:f0:37:aa:6d:e8:89:b5:e6:0f:a0:57:eb:5d:ed:32:1b:c5:
4a:23:b1:36:30:08:67:e8:84:7b:00:9d:37:11:b4:c9:fb:02:
fe:20:64:d9:c5:03:08:f6:33:ae:5f:df:b2:36:21:19:38:fc:
fc:69:60:c3:93:e6:60:cb:ed:0c:fa:43:90:4e:59:9f:12:b3:
e0:77:ed:cd:11:15:e2:ac:25:04:80:78:99:06:a8:06:bf:38:
7b:b9:fa:de:0a:0c:bf:a7:43:13:b7:42:d4:0e:79:cc:66:d4:
d0:a5:7e:e6:83:c6:c2:4a:10:7e:54:63:65:61:ed:a3:4c:0c:
b8:1b:95:ce:70:89:d3:6f:f1:b0:44:41:19:dd:b3:fc:5f:99:
7b:97:14:c2:47:70:9c:d2:23:2a:84:b8:5d:76:0f:52:be:47:
24:2e:62:1b:37:5c:c5:7a:4c:ad:07:c5:27:4a:39:f8:31:56:
3c:c9:e7:71:cd:b9:55:a7:e1:0e:63:61:10:d1:7d:60:41:f5:
fd:69:28:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSGDHoDaFKwF6tIweu/jBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZkZDZhNTM3M2YzODA5NjdhYTY1NDZiNzJjM2E2N2ZhYTI3OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWNbr9Apz3TseytDPb7NtdHg/5mF
Uq/owWF3rX9zkFtASpu9jM7Zd/7Fe6QLlB/VGVOEFCUARB3hrpoeUtJwTXMfQGJ8
Db7sVUdamezJx3mnl13keuhZwvE0I3P9ABw3jdYl2j+VnkHCnazn/GI02cNYfo3l
LK5ssOgYQ90xvDEfBnOen+Pag+1EEwagXTwn5oq58kE5oZxR3qwXpcNYixYb6ZPP
pHSWbg5v+h//nQEcrJC1+o9ZYTzJrdAUURh3/dFHKEwD3RmZ3gf3u0YQ0ar6vTFs
/FYB0fRdXrxFhNMFCU4ASfZt/J4Ay6T0voDQi1tcshTKSUu3e0l55y4NlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFht1qU3PzgJZ6plRrcsOmf6onipMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvV0czV3BUY19PQWxucW1WR3R5dzZaX3FpZUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHkdMA0G
CSqGSIb3DQEBCwUAA4IBAQAsRu2Vf76PIqlxbJApqbUihGvNCgaabRiedDSMkfWK
hG9grP05iuf1ezJGTzT6j6oz4VUY3t/i8DeqbeiJteYPoFfrXe0yG8VKI7E2MAhn
6IR7AJ03EbTJ+wL+IGTZxQMI9jOuX9+yNiEZOPz8aWDDk+Zgy+0M+kOQTlmfErPg
d+3NERXirCUEgHiZBqgGvzh7ufreCgy/p0MTt0LUDnnMZtTQpX7mg8bCShB+VGNl
Ye2jTAy4G5XOcInTb/GwREEZ3bP8X5l7lxTCR3Cc0iMqhLhddg9SvkckLmIbN1zF
ekytB8UnSjn4MVY8yedxzblVp+EOY2EQ0X1gQfX9aSjO
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:17 2025 by rpki-client