Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/w_UIw1lkz53xDqAfIIuVCYNqqoI.roa
File: w_UIw1lkz53xDqAfIIuVCYNqqoI.roa (raw, json)
Hash identifier: W9N69ktHLVxZxRXEoLIK5ZNJlQCJPpeFj5KNyJC6j54=
Subject key identifier: C3:F5:08:C3:59:64:CF:9D:F1:0E:A0:1F:20:8B:95:09:83:6A:AA:82
Certificate issuer: /CN=0054882401b0724864a8cccbaeafe42c85240456
Certificate serial: 018CC72571D71F6C7AFAA835A1A75014ADC5
Authority key identifier: 00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/w_UIw1lkz53xDqAfIIuVCYNqqoI.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201863
IP address blocks: 89.207.15.0/24 maxlen: 24
89.207.14.0/24 maxlen: 24
89.207.13.0/24 maxlen: 24
89.207.12.0/24 maxlen: 24
185.187.186.0/24 maxlen: 24
185.187.185.0/24 maxlen: 24
185.187.184.0/24 maxlen: 24
185.187.187.0/24 maxlen: 24
185.32.13.0/24 maxlen: 24
185.32.12.0/24 maxlen: 24
185.32.15.0/24 maxlen: 24
185.32.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:71:d7:1f:6c:7a:fa:a8:35:a1:a7:50:14:ad:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0054882401b0724864a8cccbaeafe42c85240456
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3f508c35964cf9df10ea01f208b9509836aaa82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:cc:0a:0c:27:28:84:db:63:f9:b0:99:3d:
dd:cf:65:5b:83:21:71:85:aa:aa:f6:ce:1f:61:04:
cf:1f:77:bc:68:19:42:20:11:6f:ce:aa:89:4a:3d:
f2:81:f8:1d:3a:5b:18:45:f2:c4:00:e6:c8:78:4b:
d8:95:c0:e4:b6:6d:3b:54:4c:5d:69:40:28:13:04:
f2:00:86:03:75:1b:64:03:b1:54:63:6a:fe:ba:5c:
4f:36:f2:66:d3:25:48:27:11:d7:7b:28:6d:82:45:
fe:ee:8a:85:3a:a4:a3:36:09:98:4f:43:cb:9e:00:
be:ab:b6:41:93:96:bc:d5:2d:ca:bd:b7:e9:47:5a:
a2:81:07:09:69:00:32:c7:27:95:3c:47:51:3d:62:
0c:78:3b:5f:7f:35:1b:8e:e9:a4:ee:cc:71:4a:53:
89:23:8d:cf:0f:3e:ce:8d:27:dc:37:9f:47:a0:bd:
11:8a:21:60:c6:ed:ec:29:6e:d7:85:26:24:e9:dc:
41:55:6b:be:50:72:b5:a6:63:d4:13:4b:a5:64:7e:
6c:ba:6f:57:11:6a:30:43:80:51:15:b7:7d:76:bd:
4b:e7:9a:99:1c:7d:50:df:94:e1:8d:8a:b3:48:44:
48:86:0d:c0:f6:c6:bb:c7:5e:d9:27:9e:71:50:b0:
3e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F5:08:C3:59:64:CF:9D:F1:0E:A0:1F:20:8B:95:09:83:6A:AA:82
X509v3 Authority Key Identifier:
keyid:00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/w_UIw1lkz53xDqAfIIuVCYNqqoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.12.0/22
185.32.12.0/22
185.187.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:94:da:85:2d:ca:eb:f5:88:27:41:ef:c4:2f:e8:3e:1b:57:
fb:b4:02:07:43:57:bf:3b:99:02:85:22:42:56:b1:20:b4:35:
06:43:7e:d0:0c:c0:21:3a:47:1a:37:a1:44:a7:fd:1b:e5:a7:
b0:8f:c1:7f:50:11:5e:3f:cd:bc:1f:09:82:8a:e0:23:01:a0:
71:f3:7b:ff:76:60:4f:7c:38:07:6d:40:8b:17:bd:a1:55:6b:
c2:30:4b:58:21:10:de:41:6c:fc:9a:9c:a2:c0:56:c8:25:17:
c2:0f:71:93:16:4d:4c:b9:57:f1:65:18:df:a7:89:71:96:98:
d6:37:ea:5e:f2:ba:a9:bb:6f:74:68:19:96:99:c1:5d:63:09:
3c:e6:3d:ff:93:40:c1:8d:78:cc:de:59:4a:49:4f:57:69:8a:
c4:c2:ee:90:9d:2e:ae:42:7f:eb:38:39:f8:41:3b:25:46:b6:
24:80:80:5f:b3:a1:4b:74:57:39:c1:63:20:18:f1:9c:c3:4b:
2e:ca:05:33:d0:e0:7e:60:73:d9:fd:a2:0d:13:ee:30:e5:95:
f0:1f:78:bf:a9:33:43:69:0f:d6:a6:5f:4e:76:c8:2a:6f:91:
c7:33:03:23:39:f1:02:1c:40:f6:b9:39:88:62:07:d1:59:d5:
f1:9e:07:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJXHXH2x6+qg1oadQFK3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTQ4ODI0MDFiMDcyNDg2NGE4Y2NjYmFlYWZlNDJjODUy
NDA0NTYwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Y1MDhjMzU5NjRjZjlkZjEwZWEwMWYyMDhiOTUwOTgzNmFhYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBzMCgwnKITbY/mwmT3dz2VbgyFx
haqq9s4fYQTPH3e8aBlCIBFvzqqJSj3ygfgdOlsYRfLEAObIeEvYlcDktm07VExd
aUAoEwTyAIYDdRtkA7FUY2r+ulxPNvJm0yVIJxHXeyhtgkX+7oqFOqSjNgmYT0PL
ngC+q7ZBk5a81S3KvbfpR1qigQcJaQAyxyeVPEdRPWIMeDtffzUbjumk7sxxSlOJ
I43PDz7OjSfcN59HoL0RiiFgxu3sKW7XhSYk6dxBVWu+UHK1pmPUE0ulZH5sum9X
EWowQ4BRFbd9dr1L55qZHH1Q35ThjYqzSERIhg3A9sa7x17ZJ55xULA+2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMP1CMNZZM+d8Q6gHyCLlQmDaqqCMB8GA1UdIwQY
MBaAFABUiCQBsHJIZKjMy66v5CyFJARWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUt
NDZlZTk5YTFlZTMwLzEvd19VSXcxbGt6NTN4RHFBZklJdVZDWU5xcW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUtNDZlZTk5YTFlZTMw
LzEvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWc8MAwQC
uSAMAwQCubu4MA0GCSqGSIb3DQEBCwUAA4IBAQB/lNqFLcrr9YgnQe/EL+g+G1f7
tAIHQ1e/O5kChSJCVrEgtDUGQ37QDMAhOkcaN6FEp/0b5aewj8F/UBFeP828HwmC
iuAjAaBx83v/dmBPfDgHbUCLF72hVWvCMEtYIRDeQWz8mpyiwFbIJRfCD3GTFk1M
uVfxZRjfp4lxlpjWN+pe8rqpu290aBmWmcFdYwk85j3/k0DBjXjM3llKSU9XaYrE
wu6QnS6uQn/rODn4QTslRrYkgIBfs6FLdFc5wWMgGPGcw0suygUz0OB+YHPZ/aIN
E+4w5ZXwH3i/qTNDaQ/Wpl9Odsgqb5HHMwMjOfECHED2uTmIYgfRWdXxngfW
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:17:26 2024 by rpki-client on console-fra.rpki-client.org