Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/R1QZPbHIcOWI4YVtcJ7eoRFGdBo.roa
File: R1QZPbHIcOWI4YVtcJ7eoRFGdBo.roa (raw, json)
Hash identifier: o1NroowM80eJx1LI3eAdvTXTaRWdNppJQznd2Rylsdk=
Subject key identifier: 47:54:19:3D:B1:C8:70:E5:88:E1:85:6D:70:9E:DE:A1:11:46:74:1A
Certificate issuer: /CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
Certificate serial: 018CC64B3B5C7746F26A61A4BD89BAF3FC9E
Authority key identifier: 58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/R1QZPbHIcOWI4YVtcJ7eoRFGdBo.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203258
IP address blocks: 178.21.33.0/24 maxlen: 24
178.21.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3b:5c:77:46:f2:6a:61:a4:bd:89:ba:f3:fc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4754193db1c870e588e1856d709edea11146741a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:85:fd:55:8f:7f:4d:cf:f2:2c:3f:99:f0:
99:fb:49:fa:a9:8d:03:b8:fb:7a:c8:9f:98:de:dc:
d9:75:dc:b6:df:28:34:5a:ef:06:db:8b:a7:97:40:
ae:3a:2f:45:64:8a:58:aa:45:3a:dc:f6:d1:8d:a3:
ca:0c:c3:35:48:90:6a:f7:91:e3:64:43:f1:a5:17:
1e:05:d0:fd:62:06:bb:9b:7f:c6:53:1e:fc:bf:7a:
58:07:61:30:17:ff:26:7b:fd:93:45:f6:e3:a9:9e:
a4:5b:d1:bc:91:8a:81:89:a2:55:9c:f4:0c:f5:b2:
68:82:48:13:3a:9e:25:01:db:01:e6:d3:15:6a:3e:
b4:cd:6a:80:c4:ff:be:3a:a1:e4:eb:9a:fb:25:64:
ef:38:f4:7f:44:05:58:0a:6d:4d:b0:2b:4c:e1:1b:
88:25:11:e9:80:2b:9b:3a:7f:82:89:c1:e9:78:8c:
20:b9:1d:41:8c:22:04:41:a7:59:7b:96:ac:9d:39:
d0:7d:76:b0:35:2e:34:ed:4e:a5:07:71:70:86:5a:
7a:53:02:ba:de:21:1d:5a:d2:01:91:c4:ff:a0:7b:
f9:da:c4:b5:e7:60:66:59:c2:ce:16:3d:27:62:6f:
aa:94:5b:bf:da:14:1f:f2:6b:d6:f8:f4:91:66:cf:
09:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:54:19:3D:B1:C8:70:E5:88:E1:85:6D:70:9E:DE:A1:11:46:74:1A
X509v3 Authority Key Identifier:
keyid:58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/R1QZPbHIcOWI4YVtcJ7eoRFGdBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.32.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:76:31:07:2d:6b:81:65:ff:b4:b9:fb:8c:d4:02:a9:80:4d:
40:18:be:05:2d:30:8f:bd:cf:b0:a0:e1:32:e7:f1:3d:7e:c1:
6d:76:4e:b2:69:46:59:1c:f6:28:7e:f0:a8:6f:59:f6:69:3d:
a3:e9:23:82:de:39:bb:e5:60:15:66:b5:60:ec:3d:c1:19:16:
8a:e9:5a:77:f0:e0:be:4a:aa:5a:88:02:bb:cd:ab:21:ad:ce:
ba:a7:9f:b5:5d:14:31:51:df:89:bd:b6:4a:37:87:c7:bf:02:
f6:b5:da:37:03:51:fb:7b:c0:03:37:e4:f7:60:cc:42:6e:a1:
28:a5:5c:50:4a:5f:7e:88:c7:75:4f:9a:f7:23:6b:09:9e:7b:
bf:0b:41:5b:bc:01:de:82:c9:67:0c:c1:28:de:ca:2a:5e:9f:
99:50:4d:ce:7b:99:5e:99:de:f0:ef:1e:24:3f:40:b6:07:f3:
9e:74:11:06:81:75:30:1a:42:38:96:43:bf:93:5d:0e:a4:93:
c1:61:6c:59:02:d2:4f:38:90:32:54:5b:fb:61:34:04:6d:b2:
c1:e7:a1:65:58:a8:54:ce:78:f2:77:43:17:53:af:8a:5d:83:
e3:36:67:4f:ff:21:ea:6e:c3:44:82:6b:b3:db:a0:47:52:0d:
32:bb:07:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSztcd0byamGkvYm68/yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTRkYmJhYjYzZTkxMTdkMGIwMmNiYWI1NjYzOWU2ZmQw
ZDQwZDkwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzU0MTkzZGIxYzg3MGU1ODhlMTg1NmQ3MDllZGVhMTExNDY3NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllCF/VWPf03P8iw/mfCZ+0n6qY0D
uPt6yJ+Y3tzZddy23yg0Wu8G24unl0CuOi9FZIpYqkU63PbRjaPKDMM1SJBq95Hj
ZEPxpRceBdD9Yga7m3/GUx78v3pYB2EwF/8me/2TRfbjqZ6kW9G8kYqBiaJVnPQM
9bJogkgTOp4lAdsB5tMVaj60zWqAxP++OqHk65r7JWTvOPR/RAVYCm1NsCtM4RuI
JRHpgCubOn+CicHpeIwguR1BjCIEQadZe5asnTnQfXawNS407U6lB3Fwhlp6UwK6
3iEdWtIBkcT/oHv52sS152BmWcLOFj0nYm+qlFu/2hQf8mvW+PSRZs8JqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdUGT2xyHDliOGFbXCe3qERRnQaMB8GA1UdIwQY
MBaAFFgU27q2PpEX0LAsurVmOeb9DUDZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYt
NjhhODA4OTcwMWY0LzEvUjFRWlBiSEljT1dJNFlWdGNKN2VvUkZHZEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYtNjhhODA4OTcwMWY0
LzEvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBshUgMA0G
CSqGSIb3DQEBCwUAA4IBAQCpdjEHLWuBZf+0ufuM1AKpgE1AGL4FLTCPvc+woOEy
5/E9fsFtdk6yaUZZHPYofvCob1n2aT2j6SOC3jm75WAVZrVg7D3BGRaK6Vp38OC+
SqpaiAK7zashrc66p5+1XRQxUd+JvbZKN4fHvwL2tdo3A1H7e8ADN+T3YMxCbqEo
pVxQSl9+iMd1T5r3I2sJnnu/C0FbvAHegslnDMEo3soqXp+ZUE3Oe5lemd7w7x4k
P0C2B/OedBEGgXUwGkI4lkO/k10OpJPBYWxZAtJPOJAyVFv7YTQEbbLB56FlWKhU
znjyd0MXU6+KXYPjNmdP/yHqbsNEgmuz26BHUg0yuwcZ
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:52:11 2024 by rpki-client on console-fra.rpki-client.org