Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/w1MyN1pxADyQ1WDpGSWbiM2A-Tw.roa
File: w1MyN1pxADyQ1WDpGSWbiM2A-Tw.roa (raw, json)
Hash identifier: lDYqVv1H57ktRGxICKopP5iX9eLLdUG8g3NOQI6PStc=
Subject key identifier: C3:53:32:37:5A:71:00:3C:90:D5:60:E9:19:25:9B:88:CD:80:F9:3C
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 018CC3B68C896BD78A47A7394B3579773D86
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/w1MyN1pxADyQ1WDpGSWbiM2A-Tw.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207446
IP address blocks: 185.143.20.0/24 maxlen: 24
185.143.20.0/22 maxlen: 24
185.143.21.0/24 maxlen: 24
185.143.23.0/24 maxlen: 24
185.143.22.0/24 maxlen: 24
2a07:1e01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8c:89:6b:d7:8a:47:a7:39:4b:35:79:77:3d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c35332375a71003c90d560e919259b88cd80f93c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:6d:1b:ce:32:d7:1e:ed:96:14:fd:08:87:
07:a3:44:58:00:fb:9c:b3:f3:2d:1b:8a:11:48:fc:
16:36:94:95:b8:cd:72:37:6e:86:8f:4b:78:5e:9d:
f2:d8:b9:dc:82:12:a3:1a:25:3c:e4:16:e3:60:85:
92:b1:5b:f0:27:57:53:d7:92:bd:5a:e7:be:22:30:
c4:f3:a5:f2:a0:9d:56:b2:aa:61:a0:0c:68:36:e7:
87:fc:1f:cf:35:47:4f:16:8e:01:4b:3b:c1:54:55:
a9:7e:e5:2c:42:b3:94:69:d1:56:02:b2:14:11:69:
b0:f8:a6:f4:f4:0b:b5:c6:6e:40:d2:e9:53:38:08:
5a:ba:76:08:75:d1:06:24:1d:4d:99:49:11:5c:18:
c1:97:82:9a:68:81:87:89:90:d8:ac:24:cd:0f:c0:
b3:7c:8f:50:38:5a:e6:f5:2c:ea:3a:9f:83:59:98:
e2:8a:0d:94:94:78:53:6f:c7:7d:f2:52:20:af:5e:
74:14:fa:f7:fb:93:98:7a:f6:94:4c:60:76:55:10:
b6:ec:df:7d:2f:93:7a:9d:9d:e1:d5:72:e4:a3:a6:
f0:bb:0d:21:71:f5:c8:65:ab:21:32:dc:59:5f:2e:
4a:1d:97:03:67:c0:a2:a5:1a:4c:d7:dd:a3:b2:7f:
01:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:53:32:37:5A:71:00:3C:90:D5:60:E9:19:25:9B:88:CD:80:F9:3C
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/w1MyN1pxADyQ1WDpGSWbiM2A-Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.20.0/22
IPv6:
2a07:1e01::/32
Signature Algorithm: sha256WithRSAEncryption
61:dc:ae:8e:9e:af:39:e2:30:a7:76:54:a5:ff:2d:41:89:09:
50:33:4e:b1:fb:3b:45:5d:77:c3:92:03:68:9d:40:69:7c:69:
79:8b:19:04:1b:c1:03:ac:47:f8:21:7e:bd:92:29:3c:8f:8d:
b0:20:81:48:07:f4:92:f6:21:cf:f0:a4:1e:65:7f:71:75:b5:
3e:6f:f2:ad:8c:30:4b:f8:d8:78:27:ce:fd:cc:f6:69:87:44:
70:5d:a9:a8:d3:6f:3c:3d:eb:a6:4d:26:b5:6c:d9:df:47:f5:
d5:25:f1:1b:29:f6:02:48:86:6f:ac:68:65:59:f2:48:c9:9b:
36:bc:a0:65:e1:b6:2b:f1:d6:dd:c4:54:3e:02:42:30:ae:0c:
04:93:08:bc:bd:ec:0a:21:45:e6:15:19:da:dc:ba:72:f1:75:
90:17:3b:a0:d6:99:6a:88:da:b6:5b:71:b9:3d:5c:79:69:c4:
e1:b7:c2:b7:5b:41:b3:2a:27:8d:42:e4:bf:88:7d:5c:54:8f:
a7:19:ff:bd:30:17:5c:bb:a5:55:70:12:03:c3:bc:b9:c6:81:
e9:4a:b5:54:ad:8f:42:e4:14:8a:db:93:86:95:89:d9:c3:7e:
38:88:c1:97:9c:cd:57:85:61:28:62:52:88:5a:69:53:16:e6:
87:9d:76:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtoyJa9eKR6c5SzV5dz2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUzMzIzNzVhNzEwMDNjOTBkNTYwZTkxOTI1OWI4OGNkODBmOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F9tG84y1x7tlhT9CIcHo0RYAPuc
s/MtG4oRSPwWNpSVuM1yN26Gj0t4Xp3y2LncghKjGiU85BbjYIWSsVvwJ1dT15K9
Wue+IjDE86XyoJ1WsqphoAxoNueH/B/PNUdPFo4BSzvBVFWpfuUsQrOUadFWArIU
EWmw+Kb09Au1xm5A0ulTOAhaunYIddEGJB1NmUkRXBjBl4KaaIGHiZDYrCTND8Cz
fI9QOFrm9SzqOp+DWZjiig2UlHhTb8d98lIgr150FPr3+5OYevaUTGB2VRC27N99
L5N6nZ3h1XLko6bwuw0hcfXIZashMtxZXy5KHZcDZ8CipRpM192jsn8BhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMNTMjdacQA8kNVg6Rklm4jNgPk8MB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvdzFNeU4xcHhBRHlRMVdEcEdTV2JpTTJBLVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY8UMA0E
AgACMAcDBQAqBx4BMA0GCSqGSIb3DQEBCwUAA4IBAQBh3K6Onq854jCndlSl/y1B
iQlQM06x+ztFXXfDkgNonUBpfGl5ixkEG8EDrEf4IX69kik8j42wIIFIB/SS9iHP
8KQeZX9xdbU+b/KtjDBL+Nh4J879zPZph0RwXamo0288PeumTSa1bNnfR/XVJfEb
KfYCSIZvrGhlWfJIyZs2vKBl4bYr8dbdxFQ+AkIwrgwEkwi8vewKIUXmFRna3Lpy
8XWQFzug1plqiNq2W3G5PVx5acTht8K3W0GzKieNQuS/iH1cVI+nGf+9MBdcu6VV
cBIDw7y5xoHpSrVUrY9C5BSK25OGlYnZw344iMGXnM1XhWEoYlKIWmlTFuaHnXYY
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:01:39 2024 by rpki-client on console-fra.rpki-client.org