Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/Wn9XEzShKD8khs-cF-1qr_q-yho.roa
File: Wn9XEzShKD8khs-cF-1qr_q-yho.roa (raw, json)
Hash identifier: AXM7KhI1ht5+rpAsAzXDKKQaYAPikg4FWf9pDCXqaR8=
Subject key identifier: 5A:7F:57:13:34:A1:28:3F:24:86:CF:9C:17:ED:6A:AF:FA:BE:CA:1A
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 018CC6B8BD074041482F6516ECC4DD8BE448
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/Wn9XEzShKD8khs-cF-1qr_q-yho.roa
Signing time: Mon 01 Jan 2024 20:30:44 +0000
ROA not before: Mon 01 Jan 2024 20:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.146.118.0/24 maxlen: 24
194.59.190.0/24 maxlen: 24
193.42.155.0/24 maxlen: 24
62.69.146.0/23 maxlen: 23
194.9.117.0/24 maxlen: 24
2001:7f8:8:10::/64 maxlen: 64
2001:7f8:8:5::/64 maxlen: 64
2001:7f8:8::/64 maxlen: 64
2001:7f8:2c:1000::/64 maxlen: 64
2001:7f8:8:20::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 04:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:bd:07:40:41:48:2f:65:16:ec:c4:dd:8b:e4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 20:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a7f571334a1283f2486cf9c17ed6aaffabeca1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:ce:b9:f7:41:3c:00:de:11:40:e6:3e:8d:
3d:54:5c:0d:b3:68:ef:f0:36:e4:80:66:7e:77:0b:
c8:4c:56:f2:7d:71:f7:6d:73:4d:85:46:ca:72:63:
5b:ad:a6:fb:ce:2b:b7:f9:ac:90:b1:f2:21:07:f4:
17:19:0b:fc:93:87:55:e2:8e:cd:40:35:e5:3f:88:
e5:9c:fb:6d:79:ba:c7:1a:55:71:a2:98:40:35:21:
d1:fa:e3:73:0f:19:66:83:a6:15:4a:cd:c1:de:95:
7f:bd:23:7d:3b:ad:a2:ac:ab:95:e3:e0:8b:58:ea:
53:96:46:ae:68:a1:e0:63:41:76:00:49:a9:49:a1:
d9:a9:ce:2c:22:10:58:20:e2:ad:a6:c3:42:01:ff:
f4:b7:06:13:b9:bc:69:51:86:60:b4:ed:d3:e0:30:
5c:bc:93:e8:ea:ba:5c:57:67:58:df:f3:f5:c0:12:
1a:8e:51:ab:27:32:7c:eb:26:6f:74:30:6d:34:fb:
d9:8e:cf:2b:e8:7a:24:af:07:59:d8:5d:9d:ca:bc:
78:4e:3b:0a:7c:da:6c:3d:89:41:25:f2:90:7d:56:
62:ec:90:53:a6:f4:17:08:e0:e5:92:68:67:22:bd:
5b:63:cc:0d:fe:87:b4:09:4c:59:6a:8a:62:a4:5e:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7F:57:13:34:A1:28:3F:24:86:CF:9C:17:ED:6A:AF:FA:BE:CA:1A
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/Wn9XEzShKD8khs-cF-1qr_q-yho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.146.0/23
193.42.155.0/24
194.9.117.0/24
194.59.190.0/24
194.146.118.0/24
IPv6:
2001:7f8:8::/64
2001:7f8:8:5::/64
2001:7f8:8:10::/64
2001:7f8:8:20::/64
2001:7f8:2c:1000::/64
Signature Algorithm: sha256WithRSAEncryption
47:16:94:72:68:84:2f:56:16:8d:5d:e4:ca:f1:38:30:8a:be:
4d:96:8e:d4:66:34:31:54:8a:9e:77:fa:59:09:4e:2e:53:78:
f8:a4:00:f0:76:1f:fe:32:c1:a4:ba:ae:54:85:49:22:89:01:
e0:7c:24:38:d6:df:de:e6:85:29:f8:20:f6:e0:d7:35:f0:c5:
dc:96:38:f5:8b:8b:bf:ca:ee:65:50:96:b4:a4:1e:52:61:fa:
56:1b:c2:1c:0a:ef:4d:4c:6d:0e:42:6a:6a:a9:42:f5:f5:01:
bd:6f:e0:72:d2:68:e9:13:93:04:cc:ba:ca:a0:cd:e8:35:e0:
c9:6c:42:bd:9c:76:24:dd:44:3e:90:8a:77:d6:26:ec:2b:c2:
2e:c6:e9:d4:70:c0:bf:dc:70:f4:f2:bd:c7:64:5f:74:15:99:
99:82:63:ef:f5:31:40:9e:db:57:c9:30:f7:89:d0:b3:77:19:
84:17:00:be:f6:4c:70:79:8b:78:15:a8:24:dc:97:e2:bf:b4:
48:54:e9:66:88:75:2e:31:4e:08:fd:ce:ec:41:c1:a2:e3:2f:
57:c8:48:fb:b1:13:59:8a:2e:15:e4:af:a7:b5:66:9a:e9:a0:
e7:80:bc:7b:b2:28:02:8a:b7:0c:43:27:1d:2f:c1:cf:91:1e:
c6:1d:6a:04
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzGuL0HQEFIL2UW7MTdi+RIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjQwMTAxMjAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdmNTcxMzM0YTEyODNmMjQ4NmNmOWMxN2VkNmFhZmZhYmVjYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybjOufdBPADeEUDmPo09VFwNs2jv
8DbkgGZ+dwvITFbyfXH3bXNNhUbKcmNbrab7ziu3+ayQsfIhB/QXGQv8k4dV4o7N
QDXlP4jlnPttebrHGlVxophANSHR+uNzDxlmg6YVSs3B3pV/vSN9O62irKuV4+CL
WOpTlkauaKHgY0F2AEmpSaHZqc4sIhBYIOKtpsNCAf/0twYTubxpUYZgtO3T4DBc
vJPo6rpcV2dY3/P1wBIajlGrJzJ86yZvdDBtNPvZjs8r6HokrwdZ2F2dyrx4TjsK
fNpsPYlBJfKQfVZi7JBTpvQXCODlkmhnIr1bY8wN/oe0CUxZaopipF5BvwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFFp/VxM0oSg/JIbPnBftaq/6vsoaMB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvV245WEV6U2hLRDhraHMtY0YtMXFyX3EteWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTAkBAIAATAeAwQBPkWSAwQA
wSqbAwQAwgl1AwQAwju+AwQAwpJ2MD0EAgACMDcDCQAgAQf4AAgAAAMJACABB/gA
CAAFAwkAIAEH+AAIABADCQAgAQf4AAgAIAMJACABB/gALBAAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHFpRyaIQvVhaNXeTK8Tgwir5Nlo7UZjQxVIqed/pZCU4uU3j4pADw
dh/+MsGkuq5UhUkiiQHgfCQ41t/e5oUp+CD24Nc18MXcljj1i4u/yu5lUJa0pB5S
YfpWG8IcCu9NTG0OQmpqqUL19QG9b+By0mjpE5MEzLrKoM3oNeDJbEK9nHYk3UQ+
kIp31ibsK8IuxunUcMC/3HD08r3HZF90FZmZgmPv9TFAnttXyTD3idCzdxmEFwC+
9kxweYt4Fagk3Jfiv7RIVOlmiHUuMU4I/c7sQcGi4y9XyEj7sRNZii4V5K+ntWaa
6aDngLx7sigCircMQycdL8HPkR7GHWoE
-----END CERTIFICATE-----
Generated at Sat May 4 09:02:02 2024 by rpki-client on console-ams.rpki-client.org