Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/w_L1nJ4Dw2oj9GXBcB241KrCO-E.roa
File: w_L1nJ4Dw2oj9GXBcB241KrCO-E.roa (raw, json)
Hash identifier: zo9D+wtLTuJckZi6Htmb2QCCM8u1LHjmswAymGX+g58=
Subject key identifier: C3:F2:F5:9C:9E:03:C3:6A:23:F4:65:C1:70:1D:B8:D4:AA:C2:3B:E1
Certificate issuer: /CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Certificate serial: 0190EEBDA6B46C4A1B7416F8193C3882F6B9
Authority key identifier: D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/w_L1nJ4Dw2oj9GXBcB241KrCO-E.roa
Signing time: Fri 26 Jul 2024 11:12:04 +0000
ROA not before: Fri 26 Jul 2024 11:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34959
IP address blocks: 45.139.24.0/22 maxlen: 22
194.55.234.0/23 maxlen: 23
194.55.244.0/23 maxlen: 23
2a0f:1140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/1vtFKgrjPfpSqqrLp5TfGva8QzQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/1vtFKgrjPfpSqqrLp5TfGva8QzQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:bd:a6:b4:6c:4a:1b:74:16:f8:19:3c:38:82:f6:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Validity
Not Before: Jul 26 11:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3f2f59c9e03c36a23f465c1701db8d4aac23be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:f6:c2:4a:55:15:0f:9d:5f:80:43:52:12:
1a:d7:e0:ff:c8:2e:a7:e4:7e:47:06:d3:93:4d:54:
1c:20:ea:bf:c9:90:51:df:cd:72:b8:30:ce:fe:c8:
19:d6:da:b7:42:4a:74:4d:d1:49:21:79:2c:75:38:
fc:bf:b2:67:a4:98:06:a7:20:03:51:a0:50:d6:b5:
e9:24:58:f0:0f:3a:1c:73:ff:dc:a4:aa:08:6b:14:
9c:82:bb:e9:fa:1c:8e:ab:ff:84:e7:a2:4e:61:d8:
67:e4:cb:20:e5:8a:c8:0d:b2:45:e8:a4:98:59:12:
fa:4f:3c:ef:90:67:7a:a6:8b:a3:5b:53:5f:b4:2d:
a4:b8:d7:3f:e4:b1:96:0c:f2:6f:76:0d:6f:78:31:
dd:d4:ba:27:61:54:99:0f:a7:94:5e:eb:8e:2e:82:
ea:e2:b0:92:92:2d:64:25:10:ef:43:bd:6d:bc:f6:
2e:2a:0e:00:85:e5:8e:59:eb:5f:c1:0e:54:b9:5e:
2c:f6:92:7c:a9:9b:65:82:a4:19:4d:20:ac:56:6c:
64:7e:68:e5:77:49:40:2e:00:54:fe:c0:f3:f3:1f:
93:f4:30:b9:8d:4a:fe:c5:c5:c9:52:b7:17:90:d6:
93:9f:c8:d0:f0:25:e1:03:d4:d7:43:66:f9:9c:ab:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F2:F5:9C:9E:03:C3:6A:23:F4:65:C1:70:1D:B8:D4:AA:C2:3B:E1
X509v3 Authority Key Identifier:
keyid:D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/w_L1nJ4Dw2oj9GXBcB241KrCO-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/1vtFKgrjPfpSqqrLp5TfGva8QzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.24.0/22
194.55.234.0/23
194.55.244.0/23
IPv6:
2a0f:1140::/32
Signature Algorithm: sha256WithRSAEncryption
7a:cc:63:4f:30:1e:20:3e:eb:21:45:cb:81:eb:ec:78:0d:f9:
14:80:ca:52:ad:8d:16:b8:f6:07:38:f5:6b:a5:52:df:dd:6b:
5e:38:c8:cf:11:5b:23:7b:51:83:51:5c:9f:33:a9:e7:17:1d:
6b:85:e0:8f:66:3b:92:91:91:00:a4:92:e0:d1:be:66:05:69:
db:64:5b:34:d0:a0:3b:57:cb:61:d8:bf:ad:16:59:1c:c1:10:
af:d8:40:3c:13:5d:0a:e4:dc:2a:06:eb:a4:be:f8:bd:ca:51:
c6:5e:ac:79:9b:19:4f:38:87:9e:c7:7e:69:1c:fa:69:1b:92:
a3:f2:5a:24:8f:29:4b:54:bd:96:31:4e:7b:3c:72:89:ec:96:
7a:4d:fd:df:6c:8b:ad:87:98:ab:c4:c1:da:c0:e5:1a:9c:c2:
f8:d6:7b:f5:88:2a:67:a1:3d:22:0a:c3:4b:5d:06:5d:83:c7:
95:91:55:04:ca:c0:0d:a4:c0:fd:c6:e3:f0:b6:42:f8:08:35:
3f:6e:34:de:40:76:d3:e4:19:ab:d4:84:7e:d1:f4:4a:f0:5b:
be:38:10:44:7e:75:94:e9:76:e5:3e:7e:67:22:02:47:e1:b9:
0a:7a:08:73:80:91:5e:ce:7b:24:53:7d:bb:05:3a:b7:55:bb:
1e:fb:dd:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZDuvaa0bEobdBb4GTw4gva5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmI0NTJhMGFlMzNkZmE1MmFhYWFjYmE3OTRkZjFhZjZi
YzQzMzQwHhcNMjQwNzI2MTExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2YyZjU5YzllMDNjMzZhMjNmNDY1YzE3MDFkYjhkNGFhYzIzYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv72wkpVFQ+dX4BDUhIa1+D/yC6n
5H5HBtOTTVQcIOq/yZBR381yuDDO/sgZ1tq3Qkp0TdFJIXksdTj8v7JnpJgGpyAD
UaBQ1rXpJFjwDzocc//cpKoIaxScgrvp+hyOq/+E56JOYdhn5Msg5YrIDbJF6KSY
WRL6TzzvkGd6poujW1NftC2kuNc/5LGWDPJvdg1veDHd1LonYVSZD6eUXuuOLoLq
4rCSki1kJRDvQ71tvPYuKg4AheWOWetfwQ5UuV4s9pJ8qZtlgqQZTSCsVmxkfmjl
d0lALgBU/sDz8x+T9DC5jUr+xcXJUrcXkNaTn8jQ8CXhA9TXQ2b5nKvl7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMPy9ZyeA8NqI/RlwXAduNSqwjvhMB8GA1UdIwQY
MBaAFNb7RSoK4z36Uqqqy6eU3xr2vEM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEt
Zjc1OTYyZDMwZTM2LzEvd19MMW5KNER3Mm9qOUdYQmNCMjQxS3JDTy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEtZjc1OTYyZDMwZTM2
LzEvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYsYAwQB
wjfqAwQBwjf0MA0EAgACMAcDBQAqDxFAMA0GCSqGSIb3DQEBCwUAA4IBAQB6zGNP
MB4gPushRcuB6+x4DfkUgMpSrY0WuPYHOPVrpVLf3WteOMjPEVsje1GDUVyfM6nn
Fx1rheCPZjuSkZEApJLg0b5mBWnbZFs00KA7V8th2L+tFlkcwRCv2EA8E10K5Nwq
Buukvvi9ylHGXqx5mxlPOIeex35pHPppG5Kj8lokjylLVL2WMU57PHKJ7JZ6Tf3f
bIuth5irxMHawOUanML41nv1iCpnoT0iCsNLXQZdg8eVkVUEysANpMD9xuPwtkL4
CDU/bjTeQHbT5Bmr1IR+0fRK8Fu+OBBEfnWU6XblPn5nIgJH4bkKeghzgJFeznsk
U327BTq3Vbse+93w
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:38:27 2024 by rpki-client on console-ams.rpki-client.org