Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/wz-tQrcIOCe2EZyBU7xzMVsG9J4.roa
File: wz-tQrcIOCe2EZyBU7xzMVsG9J4.roa (raw, json)
Hash identifier: 63/Vpzt/2BYV9Wk/m3XSyooSK8ymuH3JsUyrMg28OLM=
Subject key identifier: C3:3F:AD:42:B7:08:38:27:B6:11:9C:81:53:BC:73:31:5B:06:F4:9E
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D524746EDAD4637F95066B50A7BBC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/wz-tQrcIOCe2EZyBU7xzMVsG9J4.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31287
IP address blocks: 95.43.239.0/24 maxlen: 24
62.73.100.0/24 maxlen: 24
95.43.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:52:47:46:ed:ad:46:37:f9:50:66:b5:0a:7b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c33fad42b7083827b6119c8153bc73315b06f49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:07:77:8b:0b:a7:90:86:7e:b9:93:84:c0:99:
67:39:76:37:9b:8a:98:9c:c1:f3:3a:cb:b6:cf:f1:
94:ce:d5:b8:6a:30:a4:7b:16:a9:58:f9:1c:fe:e3:
38:a5:2f:cc:0f:8c:9b:10:04:d9:a5:ae:af:22:38:
7f:c0:9e:a7:be:9c:e2:12:3e:ca:c2:e0:45:48:16:
66:ef:f2:a8:36:9c:59:c4:fe:3a:51:b4:2b:98:bf:
e1:f9:a1:cc:95:da:0e:f9:87:8c:84:74:14:80:d1:
b1:76:b0:bf:01:a8:3c:1d:5a:c8:d2:43:85:e4:39:
2f:12:15:75:35:d5:3a:25:6e:f4:71:56:62:6b:42:
a6:88:60:1f:05:11:54:b9:28:97:7b:40:8b:d9:40:
65:b8:1f:62:b3:92:13:82:1b:4d:67:04:b9:c7:62:
cc:73:94:9e:39:3d:69:64:58:22:ae:c4:9e:93:61:
04:46:0f:3e:6a:ef:d6:1e:40:93:33:60:79:ce:53:
b9:ad:3c:f2:96:54:61:01:05:ad:29:56:da:4e:db:
4e:61:7c:14:ce:a8:68:25:53:f4:27:df:1c:f3:b5:
42:3b:8f:2e:87:4a:0e:c3:87:50:ac:6e:1a:a9:e3:
a2:35:ce:b8:58:b9:af:f5:76:7f:db:02:b4:e7:17:
60:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:3F:AD:42:B7:08:38:27:B6:11:9C:81:53:BC:73:31:5B:06:F4:9E
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/wz-tQrcIOCe2EZyBU7xzMVsG9J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.100.0/24
95.43.236.0/24
95.43.239.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f2:bd:f0:6c:94:e1:11:e2:dc:18:ec:15:f1:95:a9:5d:fc:
18:3c:23:e9:aa:5f:5f:a0:0c:c3:92:bf:5e:63:06:53:4f:77:
f4:bf:1e:0d:e4:a0:0b:4f:79:1a:36:40:a8:aa:57:a2:ad:1b:
13:90:18:f8:96:59:57:6d:16:af:19:b3:81:cd:9c:57:cf:5b:
c1:29:62:07:d8:65:87:75:e2:0d:ac:aa:32:b5:38:0d:f2:80:
52:86:4b:d6:6e:e2:40:13:1c:91:12:ad:a0:bf:29:66:a5:06:
f2:92:6d:13:cb:24:28:77:e6:e5:e6:9d:e6:1a:36:51:05:f0:
a6:d6:b1:a4:1e:de:68:df:7a:c8:49:97:96:f8:4d:65:2d:f4:
80:7e:9b:ca:df:d2:8b:59:b4:eb:5b:b3:14:24:41:0a:89:3e:
ca:c8:58:2b:8f:09:0c:af:94:34:89:cb:73:f1:a5:77:80:d1:
ab:57:79:60:13:01:ec:d1:f0:cf:b4:57:e1:e4:e3:d0:22:05:
49:5b:57:86:b0:15:a5:c5:66:55:52:d7:4c:af:8c:21:fe:f7:
53:0b:09:11:c5:a0:d7:c6:a8:56:a1:d1:2a:10:3e:92:66:f1:
bf:12:93:1d:29:91:3a:99:29:7f:c3:fd:de:3b:75:2b:4b:bd:
5e:10:8d:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbVJHRu2tRjf5UGa1Cnu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzNmYWQ0MmI3MDgzODI3YjYxMTljODE1M2JjNzMzMTViMDZmNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwd3iwunkIZ+uZOEwJlnOXY3m4qY
nMHzOsu2z/GUztW4ajCkexapWPkc/uM4pS/MD4ybEATZpa6vIjh/wJ6nvpziEj7K
wuBFSBZm7/KoNpxZxP46UbQrmL/h+aHMldoO+YeMhHQUgNGxdrC/Aag8HVrI0kOF
5DkvEhV1NdU6JW70cVZia0KmiGAfBRFUuSiXe0CL2UBluB9is5ITghtNZwS5x2LM
c5SeOT1pZFgirsSek2EERg8+au/WHkCTM2B5zlO5rTzyllRhAQWtKVbaTttOYXwU
zqhoJVP0J98c87VCO48uh0oOw4dQrG4aqeOiNc64WLmv9XZ/2wK05xdgMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMM/rUK3CDgnthGcgVO8czFbBvSeMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvd3otdFFyY0lPQ2UyRVp5QlU3eHpNVnNHOUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPklkAwQA
XyvsAwQAXyvvMA0GCSqGSIb3DQEBCwUAA4IBAQAx8r3wbJThEeLcGOwV8ZWpXfwY
PCPpql9foAzDkr9eYwZTT3f0vx4N5KALT3kaNkCoqleirRsTkBj4lllXbRavGbOB
zZxXz1vBKWIH2GWHdeINrKoytTgN8oBShkvWbuJAExyREq2gvylmpQbykm0TyyQo
d+bl5p3mGjZRBfCm1rGkHt5o33rISZeW+E1lLfSAfpvK39KLWbTrW7MUJEEKiT7K
yFgrjwkMr5Q0ictz8aV3gNGrV3lgEwHs0fDPtFfh5OPQIgVJW1eGsBWlxWZVUtdM
r4wh/vdTCwkRxaDXxqhWodEqED6SZvG/EpMdKZE6mSl/w/3eO3UrS71eEI0O
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:11:17 2024 by rpki-client on console-ams.rpki-client.org