Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WiysFDv-uyPnPV8K3RVTHcqkr3c.roa
File: WiysFDv-uyPnPV8K3RVTHcqkr3c.roa (raw, json)
Hash identifier: K47iyiXJgYcraMQXpYqcNCSBCkIlcIFDDrRKfZd1q9o=
Subject key identifier: 5A:2C:AC:14:3B:FE:BB:23:E7:3D:5F:0A:DD:15:53:1D:CA:A4:AF:77
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01934938336313C3AE1DFB98A8B4B4E49970
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WiysFDv-uyPnPV8K3RVTHcqkr3c.roa
Signing time: Wed 20 Nov 2024 10:57:20 +0000
ROA not before: Wed 20 Nov 2024 10:57:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212517
IP address blocks: 185.80.197.0/24 maxlen: 24
202.133.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:38:33:63:13:c3:ae:1d:fb:98:a8:b4:b4:e4:99:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 20 10:57:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a2cac143bfebb23e73d5f0add15531dcaa4af77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:13:9a:3e:d7:6d:a6:ab:6d:bc:41:84:73:
7b:ce:a1:2b:0e:5e:6d:a7:8a:04:43:c9:0d:c9:2e:
28:af:cf:85:15:df:55:be:9c:a5:fb:b4:a0:64:0c:
6f:20:b5:3d:b0:cd:56:2c:9d:d8:31:36:ad:40:80:
16:51:25:d2:42:ee:04:90:7b:5e:2f:8e:1f:fc:54:
de:dd:be:d3:3a:a4:f3:d9:03:7c:88:1c:f7:42:0d:
81:00:ba:9b:d2:8a:f6:f8:6a:65:1a:67:de:1d:0d:
1a:cd:63:a9:96:b4:db:96:d2:f2:63:96:bb:09:07:
79:4a:7c:d7:a7:b0:f4:23:54:5f:d7:e9:e0:21:3b:
3e:4a:95:80:e4:cc:2e:92:bd:da:6e:fa:25:2c:aa:
c9:d0:f5:4a:4c:50:1f:54:68:59:82:3f:f8:31:4a:
72:e7:c8:c2:b2:6f:b2:0a:13:3d:7e:a3:d5:2a:b7:
2b:1c:d8:fd:78:11:d9:98:10:c6:b2:08:c6:49:7a:
ce:a6:14:c7:37:06:ac:cd:83:02:8b:50:0c:da:29:
2f:d9:c3:87:00:e8:d2:a2:1c:96:0d:0c:01:e7:42:
27:b2:ab:6d:0c:44:ac:2a:b1:c5:f2:16:10:02:29:
67:3a:5c:cc:23:95:49:b6:15:1e:32:77:7f:aa:d6:
c5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2C:AC:14:3B:FE:BB:23:E7:3D:5F:0A:DD:15:53:1D:CA:A4:AF:77
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WiysFDv-uyPnPV8K3RVTHcqkr3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.197.0/24
202.133.88.0/23
Signature Algorithm: sha256WithRSAEncryption
00:f8:4a:d9:c1:27:e5:92:55:4e:65:84:33:bc:6a:85:b9:c7:
85:60:66:98:02:35:8b:03:85:d6:53:e6:9c:20:f8:19:43:43:
eb:fb:74:d1:90:f7:30:c7:9d:8c:3e:a7:7a:42:e6:06:45:bd:
f5:bf:88:b6:df:84:77:9f:7d:c2:58:a9:58:44:90:83:ec:28:
79:67:45:58:59:1e:3f:8a:d4:3e:97:af:1c:13:97:c2:41:91:
14:1a:0b:ef:5a:1b:66:4a:8a:03:8b:a6:2f:8e:e8:9c:f8:dc:
7c:33:84:f2:8f:e4:b7:13:1a:ac:66:1b:a7:31:f7:69:e1:84:
c1:e4:55:8a:1a:80:f5:42:3e:53:8e:93:7b:5a:63:6a:98:f8:
02:bb:af:43:d7:79:09:14:a6:22:20:1b:cc:76:57:71:54:30:
e1:0f:01:9a:00:25:10:07:cb:a4:c8:e4:53:44:15:a5:e2:09:
de:7b:6f:6c:b6:37:39:d5:f6:6e:8f:05:83:16:da:9b:3d:91:
4d:f9:38:4a:96:a4:d7:22:83:90:a7:8f:9d:d1:aa:7a:dc:bb:
97:c0:f8:c5:a9:a8:a1:dc:23:ad:ed:3c:82:9a:d5:e4:16:28:
49:69:e8:a1:ad:0c:9a:88:ce:bf:90:00:1d:07:a6:1b:4d:be:
57:f7:8a:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNJODNjE8OuHfuYqLS05JlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMTIwMTA1NzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJjYWMxNDNiZmViYjIzZTczZDVmMGFkZDE1NTMxZGNhYTRhZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopMTmj7XbaarbbxBhHN7zqErDl5t
p4oEQ8kNyS4or8+FFd9Vvpyl+7SgZAxvILU9sM1WLJ3YMTatQIAWUSXSQu4EkHte
L44f/FTe3b7TOqTz2QN8iBz3Qg2BALqb0or2+GplGmfeHQ0azWOplrTbltLyY5a7
CQd5SnzXp7D0I1Rf1+ngITs+SpWA5Mwukr3abvolLKrJ0PVKTFAfVGhZgj/4MUpy
58jCsm+yChM9fqPVKrcrHNj9eBHZmBDGsgjGSXrOphTHNwaszYMCi1AM2ikv2cOH
AOjSohyWDQwB50InsqttDESsKrHF8hYQAilnOlzMI5VJthUeMnd/qtbFIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFosrBQ7/rsj5z1fCt0VUx3KpK93MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvV2l5c0ZEdi11eVBuUFY4SzNSVlRIY3FrcjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVDFAwQB
yoVYMA0GCSqGSIb3DQEBCwUAA4IBAQAA+ErZwSflklVOZYQzvGqFuceFYGaYAjWL
A4XWU+acIPgZQ0Pr+3TRkPcwx52MPqd6QuYGRb31v4i234R3n33CWKlYRJCD7Ch5
Z0VYWR4/itQ+l68cE5fCQZEUGgvvWhtmSooDi6Yvjuic+Nx8M4Tyj+S3ExqsZhun
Mfdp4YTB5FWKGoD1Qj5TjpN7WmNqmPgCu69D13kJFKYiIBvMdldxVDDhDwGaACUQ
B8ukyORTRBWl4gnee29stjc51fZujwWDFtqbPZFN+ThKlqTXIoOQp4+d0ap63LuX
wPjFqaih3COt7TyCmtXkFihJaeihrQyaiM6/kAAdB6YbTb5X94p5
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:15:29 2024 by rpki-client on console-fra.rpki-client.org