Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/wpZiy1d1NYmS-fp8DiNPAUmOBnE.roa
File: wpZiy1d1NYmS-fp8DiNPAUmOBnE.roa (raw, json)
Hash identifier: nhgoNF9FJfBR6Oey2dOCvegOBe4XhRyEdi9zhdXrFY8=
Subject key identifier: C2:96:62:CB:57:75:35:89:92:F9:FA:7C:0E:23:4F:01:49:8E:06:71
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 018DD167E1994864443A6ABEFBD0CE3D2B3E
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/wpZiy1d1NYmS-fp8DiNPAUmOBnE.roa
Signing time: Thu 22 Feb 2024 15:21:02 +0000
ROA not before: Thu 22 Feb 2024 15:21:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 24
147.189.207.0/24 maxlen: 24
194.61.20.0/22 maxlen: 22
2a09:7000::/29 maxlen: 36
2a09:7000::/31 maxlen: 32
2a09:7002::/31 maxlen: 32
2a09:7004::/31 maxlen: 32
2a09:7007::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:67:e1:99:48:64:44:3a:6a:be:fb:d0:ce:3d:2b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Feb 22 15:21:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c29662cb5775358992f9fa7c0e234f01498e0671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:aa:f0:7c:8e:6b:c9:d3:01:90:9c:f0:8b:
d6:ef:30:16:49:eb:39:0f:49:dd:a2:a2:98:e3:a8:
05:91:f2:4b:66:24:53:37:9f:3e:dd:77:6b:44:87:
0a:49:1e:65:ae:27:40:1c:17:22:44:e7:33:26:d9:
39:72:1d:2f:9c:f4:37:4b:a8:b1:3e:20:1b:b6:f5:
a0:98:a6:19:aa:bb:96:2d:ba:26:95:6b:e5:7c:12:
ca:49:e6:a0:03:46:3e:d1:94:db:b7:06:f6:6f:76:
54:60:e1:cd:9c:e1:9e:82:a5:42:50:87:1a:95:be:
cf:54:9b:f3:f0:11:5d:d8:1b:78:6b:a5:45:a5:d6:
e7:e9:9b:24:c3:48:83:82:3e:c9:e7:64:be:50:17:
16:e3:b6:df:ba:3c:5e:04:78:18:a9:4d:e4:be:fa:
75:dd:69:c2:d0:45:76:88:87:67:6c:e6:8d:7f:fa:
cd:fd:51:00:4f:ed:cd:86:65:44:59:cc:06:8f:13:
64:5f:96:58:56:77:05:2e:17:22:1d:b0:46:67:c0:
f8:67:8e:7d:ea:7c:07:d9:8d:ea:ff:af:ef:7f:52:
51:42:dc:05:47:00:75:8d:d5:ab:de:04:e7:ff:bf:
2d:5b:48:df:ab:ef:ef:3c:f4:04:69:be:6c:f0:d7:
17:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:96:62:CB:57:75:35:89:92:F9:FA:7C:0E:23:4F:01:49:8E:06:71
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/wpZiy1d1NYmS-fp8DiNPAUmOBnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
aa:fd:44:42:65:8a:72:94:b8:e3:87:d3:20:5b:3d:fa:0d:aa:
4c:17:82:21:77:85:4e:70:ca:a9:b6:4d:bd:91:25:a2:8a:fe:
e0:94:d2:2d:74:18:5b:9c:ea:7f:e5:92:37:6a:fe:01:06:de:
8c:86:07:9e:f5:c4:09:7e:14:1b:f9:73:5f:33:d3:e1:36:05:
ab:a8:23:ed:9a:17:45:92:86:71:f7:fc:3b:d4:2c:3b:7f:55:
b5:70:e5:58:83:8f:34:85:a0:3a:a6:ad:14:0a:12:f4:1f:00:
bd:28:f6:9a:5c:af:88:9d:b7:2b:c9:34:1c:74:4d:03:31:af:
ca:9f:71:ce:49:76:04:64:13:d5:73:44:dd:b6:08:00:2b:23:
0f:26:46:31:1c:d5:82:92:e3:8a:7e:1a:e9:a2:b6:c7:f3:53:
58:4f:05:05:9e:63:83:db:1c:5d:22:cf:8a:0e:83:4a:27:9f:
1c:1c:aa:6d:f3:a2:2c:9f:0f:ab:25:fa:ca:6e:61:63:33:59:
87:87:99:2c:71:49:49:a2:e1:68:f7:45:4d:fa:22:65:21:23:
73:0c:73:6d:bd:44:aa:ae:db:6b:2c:37:34:00:ab:28:80:52:
b1:6b:46:55:a2:86:fe:f5:ba:ec:a8:86:82:cd:49:8a:d8:56:
3c:0d:9f:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3RZ+GZSGREOmq++9DOPSs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjQwMjIyMTUyMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjk2NjJjYjU3NzUzNTg5OTJmOWZhN2MwZTIzNGYwMTQ5OGUwNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp2q8HyOa8nTAZCc8IvW7zAWSes5
D0ndoqKY46gFkfJLZiRTN58+3XdrRIcKSR5lridAHBciROczJtk5ch0vnPQ3S6ix
PiAbtvWgmKYZqruWLbomlWvlfBLKSeagA0Y+0ZTbtwb2b3ZUYOHNnOGegqVCUIca
lb7PVJvz8BFd2Bt4a6VFpdbn6Zskw0iDgj7J52S+UBcW47bfujxeBHgYqU3kvvp1
3WnC0EV2iIdnbOaNf/rN/VEAT+3NhmVEWcwGjxNkX5ZYVncFLhciHbBGZ8D4Z459
6nwH2Y3q/6/vf1JRQtwFRwB1jdWr3gTn/78tW0jfq+/vPPQEab5s8NcX1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMKWYstXdTWJkvn6fA4jTwFJjgZxMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvd3BaaXkxZDFOWW1TLWZwOERpTlBBVW1PQm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQCq/URCZYpylLjj
h9MgWz36DapMF4Ihd4VOcMqptk29kSWiiv7glNItdBhbnOp/5ZI3av4BBt6Mhgee
9cQJfhQb+XNfM9PhNgWrqCPtmhdFkoZx9/w71Cw7f1W1cOVYg480haA6pq0UChL0
HwC9KPaaXK+InbcryTQcdE0DMa/Kn3HOSXYEZBPVc0TdtggAKyMPJkYxHNWCkuOK
fhrporbH81NYTwUFnmOD2xxdIs+KDoNKJ58cHKpt86Isnw+rJfrKbmFjM1mHh5ks
cUlJouFo90VN+iJlISNzDHNtvUSqrttrLDc0AKsogFKxa0ZVoob+9brsqIaCzUmK
2FY8DZ+p
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:49:57 2024 by rpki-client on console-fra.rpki-client.org