Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Wj-xAKBrfYiVNxKtpLQMz8Bv5wo.roa
File: Wj-xAKBrfYiVNxKtpLQMz8Bv5wo.roa (raw, json)
Hash identifier: d1aaRRJRNPDRAxbCnxejEteaCfsW2geLbMzsEP7df5U=
Subject key identifier: 5A:3F:B1:00:A0:6B:7D:88:95:37:12:AD:A4:B4:0C:CF:C0:6F:E7:0A
Certificate issuer: /CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Certificate serial: 018CC4922B04CAE7903D8D50EC4A0F87FB5C
Authority key identifier: 80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Wj-xAKBrfYiVNxKtpLQMz8Bv5wo.roa
Signing time: Mon 01 Jan 2024 10:29:22 +0000
ROA not before: Mon 01 Jan 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 45.142.188.0/22 maxlen: 24
45.142.191.0/24 maxlen: 24
185.141.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 15:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2b:04:ca:e7:90:3d:8d:50:ec:4a:0f:87:fb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Validity
Not Before: Jan 1 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a3fb100a06b7d88953712ada4b40ccfc06fe70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1b:f4:60:bb:1a:0a:0b:cc:13:0a:79:2c:c9:
55:cd:fa:1c:c2:d6:f8:5e:26:3b:6e:0b:b6:a6:88:
c5:e7:6f:72:b6:e1:a8:6c:95:16:e9:30:e1:ab:72:
ce:a8:b7:dc:e5:13:06:dd:ec:2e:8e:4a:5b:fa:db:
e1:1e:ba:5b:49:18:ed:ab:b6:97:85:d2:a4:be:c9:
6e:a5:61:97:8d:06:79:c7:54:92:71:8d:11:d2:15:
84:58:5e:47:b4:4d:ff:0d:74:c9:c9:5b:a8:51:44:
31:91:14:5e:5d:38:23:35:24:0b:2a:95:b0:ac:8c:
e4:6c:73:99:f4:57:07:72:17:a0:48:fe:53:af:ab:
66:30:a9:d5:15:a0:69:93:03:b6:a8:96:54:fa:e6:
ac:86:0d:1f:98:80:74:3d:18:58:d9:72:a2:1f:73:
b4:08:f0:c4:5e:27:62:e7:7c:bf:e1:b6:65:38:e0:
7b:3c:33:5a:41:a3:78:f1:77:94:95:59:75:c1:b6:
68:77:a8:dc:20:be:15:56:34:ce:48:54:1c:91:b7:
38:0a:66:7a:44:4b:51:9a:8f:bd:95:66:5e:48:89:
71:e0:26:4e:0c:ed:6c:e8:ea:6f:a7:ff:ca:84:29:
d4:61:a4:0c:24:62:39:8c:98:30:24:75:8a:44:a7:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3F:B1:00:A0:6B:7D:88:95:37:12:AD:A4:B4:0C:CF:C0:6F:E7:0A
X509v3 Authority Key Identifier:
keyid:80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Wj-xAKBrfYiVNxKtpLQMz8Bv5wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.188.0/22
185.141.36.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:15:f0:6e:d7:ea:70:69:85:c1:72:aa:82:99:44:2d:9c:0b:
3f:10:30:1f:f5:3b:ed:2b:6b:fc:4b:9d:b7:1b:fc:ad:62:42:
9a:34:81:9f:51:91:f2:46:2e:47:e2:d8:b0:20:3f:79:cc:a6:
de:c5:a9:22:5b:00:e5:35:40:68:47:f8:a0:92:81:86:b0:9a:
82:ca:02:49:4c:80:36:f2:a4:be:49:32:79:df:c8:f1:1d:cb:
70:f4:be:01:75:ad:fe:75:7c:da:f7:2e:fc:03:46:27:97:42:
d6:4e:65:4f:fa:59:c9:9a:93:a7:ac:8f:5c:d3:1a:17:d7:47:
be:de:1c:89:8b:f4:34:2f:41:e9:86:1d:9e:98:6a:d8:1d:00:
b5:ca:89:1c:2d:17:3b:72:9e:e2:53:52:a0:0d:8d:32:50:13:
82:3d:f2:23:3c:0e:55:df:8c:61:e1:ca:ee:aa:78:be:33:4b:
4a:e1:2b:37:37:b5:1b:7f:6a:1e:1f:3b:e7:fd:e0:c6:6a:25:
dc:e5:0c:8c:f6:d1:2a:44:d3:57:21:99:2f:7d:81:77:cd:9a:
be:fd:a1:4f:bc:f7:51:35:14:d1:97:0a:4d:2d:38:6f:ce:ff:
5e:24:ea:93:93:22:93:10:9a:d4:0f:ec:9f:8a:b1:fc:cc:b8:
86:c3:cf:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkisEyueQPY1Q7EoPh/tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWQ4YzUyMGJiOTY3NzQ2MWRkYzRlYzA5Yjc2ZDczM2I3
ZDgzNzAwHhcNMjQwMTAxMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNmYjEwMGEwNmI3ZDg4OTUzNzEyYWRhNGI0MGNjZmMwNmZlNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxv0YLsaCgvMEwp5LMlVzfocwtb4
XiY7bgu2pojF529ytuGobJUW6TDhq3LOqLfc5RMG3ewujkpb+tvhHrpbSRjtq7aX
hdKkvslupWGXjQZ5x1SScY0R0hWEWF5HtE3/DXTJyVuoUUQxkRReXTgjNSQLKpWw
rIzkbHOZ9FcHchegSP5Tr6tmMKnVFaBpkwO2qJZU+uashg0fmIB0PRhY2XKiH3O0
CPDEXidi53y/4bZlOOB7PDNaQaN48XeUlVl1wbZod6jcIL4VVjTOSFQckbc4CmZ6
REtRmo+9lWZeSIlx4CZODO1s6Opvp//KhCnUYaQMJGI5jJgwJHWKRKdeIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFo/sQCga32IlTcSraS0DM/Ab+cKMB8GA1UdIwQY
MBaAFICtjFILuWd0Yd3E7Am3bXM7fYNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEt
YzYxNzUxYzZiMTk1LzEvV2oteEFLQnJmWWlWTnhLdHBMUU16OEJ2NXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEtYzYxNzUxYzZiMTk1
LzEvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY68AwQC
uY0kMA0GCSqGSIb3DQEBCwUAA4IBAQAMFfBu1+pwaYXBcqqCmUQtnAs/EDAf9Tvt
K2v8S523G/ytYkKaNIGfUZHyRi5H4tiwID95zKbexakiWwDlNUBoR/igkoGGsJqC
ygJJTIA28qS+STJ538jxHctw9L4Bda3+dXza9y78A0Ynl0LWTmVP+lnJmpOnrI9c
0xoX10e+3hyJi/Q0L0Hphh2emGrYHQC1yokcLRc7cp7iU1KgDY0yUBOCPfIjPA5V
34xh4cruqni+M0tK4Ss3N7Ubf2oeHzvn/eDGaiXc5QyM9tEqRNNXIZkvfYF3zZq+
/aFPvPdRNRTRlwpNLThvzv9eJOqTkyKTEJrUD+yfirH8zLiGw8+0
-----END CERTIFICATE-----
Generated at Thu Jul 4 17:47:22 2024 by rpki-client on console-fra.rpki-client.org