Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/WxGk0PbCjInZIbP7ceHgh0UHgaE.roa
File: WxGk0PbCjInZIbP7ceHgh0UHgaE.roa (raw, json)
Hash identifier: FlaA8pujmFqG3+EoqC1xJPyO3wq/nhZxn5ktdJrxM7I=
Subject key identifier: 5B:11:A4:D0:F6:C2:8C:89:D9:21:B3:FB:71:E1:E0:87:45:07:81:A1
Certificate issuer: /CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Certificate serial: 018CC348CCE67AFDDAE4701463CBE1218358
Authority key identifier: 24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/WxGk0PbCjInZIbP7ceHgh0UHgaE.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16190
IP address blocks: 91.195.255.0/24 maxlen: 24
91.195.254.0/23 maxlen: 24
91.195.254.0/24 maxlen: 24
2.56.204.0/22 maxlen: 24
91.198.109.0/24 maxlen: 24
91.198.108.0/24 maxlen: 24
91.198.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cc:e6:7a:fd:da:e4:70:14:63:cb:e1:21:83:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b11a4d0f6c28c89d921b3fb71e1e087450781a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f0:49:de:5b:ae:b3:2c:f9:8d:4d:22:23:48:
8f:da:24:b7:da:16:27:37:c5:41:53:66:1a:a8:88:
ab:62:7e:61:62:bd:14:27:8a:de:2a:a3:32:b6:05:
9b:6b:09:34:46:9c:b9:44:17:79:9c:2b:58:1f:9a:
77:28:96:89:9f:6a:e6:2e:c6:b5:dc:25:51:59:b7:
08:8e:b9:d4:0f:63:a4:ac:6a:90:1a:28:39:49:11:
f5:f0:97:b4:5d:84:1f:27:51:98:e5:5f:a9:68:4e:
98:77:4d:eb:da:bf:f8:13:7f:14:b0:4a:e5:69:d5:
f0:ee:b8:01:84:98:87:43:b8:3e:55:48:73:f0:96:
f4:41:7a:22:a7:d0:8d:d1:62:bb:99:fd:a4:b9:65:
55:cc:d4:32:1d:b6:56:da:a7:b3:63:b1:3f:17:00:
ed:80:87:09:82:cc:6f:48:ca:eb:cb:7d:0d:11:b9:
5e:c2:65:c4:2a:76:5f:6d:7a:e7:7f:27:fa:66:88:
6f:37:25:d0:a2:5f:83:0e:3d:ac:d0:f3:ce:6e:ca:
eb:79:b7:79:17:14:16:d2:66:0c:60:3c:fa:37:56:
36:a7:35:dc:68:4a:f6:56:74:18:ef:de:e6:6a:74:
7f:50:de:e9:28:a9:14:65:4b:7c:8d:48:99:c1:fa:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:11:A4:D0:F6:C2:8C:89:D9:21:B3:FB:71:E1:E0:87:45:07:81:A1
X509v3 Authority Key Identifier:
keyid:24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/WxGk0PbCjInZIbP7ceHgh0UHgaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:9a:c6:41:03:4e:36:ec:10:22:85:08:76:65:e7:55:db:b5:
8c:fc:a6:5b:17:56:e0:96:f7:66:29:2c:bf:3f:0f:d0:4a:a9:
8d:0a:f7:84:97:9b:73:1b:35:ce:74:29:8c:86:61:14:e1:d6:
85:10:6d:df:b7:87:22:58:72:cd:88:ca:39:31:69:36:cc:36:
51:b5:88:70:45:03:c3:cb:ac:fb:66:e2:37:75:12:08:f7:f8:
0b:2f:00:c3:a3:ee:06:46:bb:04:69:34:79:96:33:fd:af:25:
c1:f7:73:bc:00:cb:87:35:25:52:44:2d:c4:f5:00:ae:12:4f:
f3:a6:74:86:0c:1e:60:6e:93:20:b1:e4:fa:82:70:fe:4e:ac:
6e:d7:f9:d4:51:67:5b:6c:dd:47:72:19:e3:b1:56:98:37:3f:
d9:28:5d:d9:00:c5:9f:d8:9c:43:7c:77:58:32:2e:a7:ac:16:
15:e9:1e:a6:83:65:2c:03:04:76:53:8e:48:21:7a:83:99:33:
d6:61:4f:34:dc:20:d6:78:f7:e9:54:30:f5:98:68:4b:ae:5b:
8a:07:0a:b5:e8:0a:d3:6c:40:0a:97:e2:dd:d6:27:ba:5b:22:
71:3a:6a:dd:be:c0:b2:60:f5:16:33:be:85:6b:3e:2b:d9:8f:
37:24:19:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSMzmev3a5HAUY8vhIYNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTBjYTRhYWIyYTNmOGFiYzZjOTczYWE3YzBmYTEzZjI1
NzEwODEwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjExYTRkMGY2YzI4Yzg5ZDkyMWIzZmI3MWUxZTA4NzQ1MDc4MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPBJ3luusyz5jU0iI0iP2iS32hYn
N8VBU2YaqIirYn5hYr0UJ4reKqMytgWbawk0Rpy5RBd5nCtYH5p3KJaJn2rmLsa1
3CVRWbcIjrnUD2OkrGqQGig5SRH18Je0XYQfJ1GY5V+paE6Yd03r2r/4E38UsErl
adXw7rgBhJiHQ7g+VUhz8Jb0QXoip9CN0WK7mf2kuWVVzNQyHbZW2qezY7E/FwDt
gIcJgsxvSMrry30NEblewmXEKnZfbXrnfyf6ZohvNyXQol+DDj2s0PPObsrrebd5
FxQW0mYMYDz6N1Y2pzXcaEr2VnQY797manR/UN7pKKkUZUt8jUiZwfp9dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFsRpND2woyJ2SGz+3Hh4IdFB4GhMB8GA1UdIwQY
MBaAFCRQykqrKj+KvGyXOqfA+hPyVxCBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAt
ZTBkNTc2ZDU1NzdhLzEvV3hHazBQYkNqSW5aSWJQN2NlSGdoMFVIZ2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAtZTBkNTc2ZDU1Nzdh
LzEvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjjMAwQB
W8P+AwQBW8ZsMA0GCSqGSIb3DQEBCwUAA4IBAQA6msZBA0427BAihQh2ZedV27WM
/KZbF1bglvdmKSy/Pw/QSqmNCveEl5tzGzXOdCmMhmEU4daFEG3ft4ciWHLNiMo5
MWk2zDZRtYhwRQPDy6z7ZuI3dRII9/gLLwDDo+4GRrsEaTR5ljP9ryXB93O8AMuH
NSVSRC3E9QCuEk/zpnSGDB5gbpMgseT6gnD+Tqxu1/nUUWdbbN1HchnjsVaYNz/Z
KF3ZAMWf2JxDfHdYMi6nrBYV6R6mg2UsAwR2U45IIXqDmTPWYU803CDWePfpVDD1
mGhLrluKBwq16ArTbEAKl+Ld1ie6WyJxOmrdvsCyYPUWM76Faz4r2Y83JBn+
-----END CERTIFICATE-----
Generated at Sun Jun 30 08:05:36 2024 by rpki-client on console-ams.rpki-client.org