Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/cslt4q3Y_3k-04sesouHZY90bkM.roa
File: cslt4q3Y_3k-04sesouHZY90bkM.roa (raw, json)
Hash identifier: 3agKJpUMmsl7NwpiC53lvhF33f84jKmR8VHZyZUGhtg=
Subject key identifier: 72:C9:6D:E2:AD:D8:FF:79:3E:D3:8B:1E:B2:8B:87:65:8F:74:6E:43
Certificate issuer: /CN=58de5044ed83875c7e9ee8ecb87dd6d31dd5c4ae
Certificate serial: 018F0FE52DD01C2803E2EEA70460D7EE9706
Authority key identifier: 58:DE:50:44:ED:83:87:5C:7E:9E:E8:EC:B8:7D:D6:D3:1D:D5:C4:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN5QRO2Dh1x-nujsuH3W0x3VxK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/cslt4q3Y_3k-04sesouHZY90bkM.roa
Signing time: Wed 24 Apr 2024 11:37:08 +0000
ROA not before: Wed 24 Apr 2024 11:37:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60820
IP address blocks: 178.250.192.0/21 maxlen: 21
185.64.108.0/22 maxlen: 22
2a04:31c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/WN5QRO2Dh1x-nujsuH3W0x3VxK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/WN5QRO2Dh1x-nujsuH3W0x3VxK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WN5QRO2Dh1x-nujsuH3W0x3VxK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:e5:2d:d0:1c:28:03:e2:ee:a7:04:60:d7:ee:97:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58de5044ed83875c7e9ee8ecb87dd6d31dd5c4ae
Validity
Not Before: Apr 24 11:37:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72c96de2add8ff793ed38b1eb28b87658f746e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c5:70:0b:c4:e9:ce:45:dc:52:84:bc:ff:ce:
39:64:48:a0:ab:22:46:de:17:a3:ed:94:3a:13:c5:
2a:79:b1:b8:06:c4:dd:0a:f3:45:00:c0:84:1b:6d:
ba:17:15:e8:b0:25:b1:4c:5e:2b:1e:2d:8a:41:8f:
88:93:e6:4b:ef:cc:f2:57:8c:e2:34:0f:f0:26:33:
fc:9e:db:d5:09:74:4a:c0:2d:61:1d:94:22:89:ae:
68:16:80:94:fb:f9:e0:56:36:ab:c7:7e:33:e9:06:
4e:47:af:ab:92:47:fc:7a:72:af:2c:ef:c0:6d:bd:
49:37:0f:5e:cf:3b:83:a0:14:48:3e:82:70:21:58:
1b:83:bb:50:f3:ee:29:89:62:8a:a0:af:c4:70:4b:
bc:b7:c1:1b:a1:88:c5:ac:ea:ed:8a:8a:69:4c:1d:
ae:37:22:dc:95:8e:97:7a:d3:a4:6e:b8:3a:8b:ee:
bb:de:17:e0:c9:f5:bd:cb:f4:ad:3b:31:19:d3:c1:
af:eb:ab:1b:4c:89:af:7d:d2:3f:f4:19:39:36:51:
4d:7d:17:4f:26:1d:79:ee:3b:d0:49:a6:94:ed:51:
94:54:9b:d8:f8:15:5e:49:fc:49:b7:2a:85:75:70:
18:1b:f8:4f:c6:97:5f:3f:2c:2b:3a:9b:e5:e3:56:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C9:6D:E2:AD:D8:FF:79:3E:D3:8B:1E:B2:8B:87:65:8F:74:6E:43
X509v3 Authority Key Identifier:
keyid:58:DE:50:44:ED:83:87:5C:7E:9E:E8:EC:B8:7D:D6:D3:1D:D5:C4:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN5QRO2Dh1x-nujsuH3W0x3VxK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/cslt4q3Y_3k-04sesouHZY90bkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9d16a9-2757-42b1-8654-aa958788eebf/1/WN5QRO2Dh1x-nujsuH3W0x3VxK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.192.0/21
185.64.108.0/22
IPv6:
2a04:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:db:46:25:2d:e0:d3:07:50:aa:a7:7e:1d:a2:8e:27:09:6d:
e0:ad:24:c5:f2:b3:9f:51:fd:69:43:21:08:32:e3:9f:53:92:
07:9a:48:33:1b:72:44:6f:56:6d:6d:32:6f:83:57:01:60:c6:
1b:6a:a0:dc:5c:00:f0:e4:19:bf:85:18:c6:91:23:d8:71:a0:
3a:18:dc:5d:44:dd:5c:af:0c:0c:63:ab:4e:c0:00:73:8d:b8:
64:a9:f1:11:6c:f9:73:66:fb:29:ad:47:da:93:e5:47:81:c2:
01:7c:1c:d0:81:42:b8:ca:95:ea:d8:fb:7c:61:16:0a:c9:a7:
62:8d:97:5e:6b:12:c8:aa:97:e5:77:d4:b6:85:de:70:55:1a:
63:3b:cf:23:c5:62:0d:66:04:98:f8:bf:2e:ce:51:2b:b5:0a:
1d:a6:50:ad:de:e1:0f:c7:f0:73:6d:01:50:69:dc:66:7d:25:
61:bd:e4:92:d1:69:ec:63:be:03:15:07:1a:07:1a:f8:81:1a:
a5:5f:4c:10:a9:1f:40:1d:27:c0:66:00:50:ff:54:96:5a:cd:
72:9a:8d:d3:69:1f:83:a0:18:15:83:a2:68:b1:bd:f1:b1:c6:
f0:55:eb:71:6f:62:a1:7b:44:05:95:ac:eb:d6:59:f5:8f:cf:
c7:7e:d6:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8P5S3QHCgD4u6nBGDX7pcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGU1MDQ0ZWQ4Mzg3NWM3ZTllZThlY2I4N2RkNmQzMWRk
NWM0YWUwHhcNMjQwNDI0MTEzNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM5NmRlMmFkZDhmZjc5M2VkMzhiMWViMjhiODc2NThmNzQ2ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcVwC8TpzkXcUoS8/845ZEigqyJG
3hej7ZQ6E8UqebG4BsTdCvNFAMCEG226FxXosCWxTF4rHi2KQY+Ik+ZL78zyV4zi
NA/wJjP8ntvVCXRKwC1hHZQiia5oFoCU+/ngVjarx34z6QZOR6+rkkf8enKvLO/A
bb1JNw9ezzuDoBRIPoJwIVgbg7tQ8+4piWKKoK/EcEu8t8EboYjFrOrtioppTB2u
NyLclY6XetOkbrg6i+673hfgyfW9y/StOzEZ08Gv66sbTImvfdI/9Bk5NlFNfRdP
Jh157jvQSaaU7VGUVJvY+BVeSfxJtyqFdXAYG/hPxpdfPywrOpvl41YEewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHLJbeKt2P95PtOLHrKLh2WPdG5DMB8GA1UdIwQY
MBaAFFjeUETtg4dcfp7o7Lh91tMd1cSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV041UVJPMkRoMXgtbnVqc3VIM1cweDNWeEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85ZDE2YTktMjc1Ny00MmIxLTg2NTQt
YWE5NTg3ODhlZWJmLzEvY3NsdDRxM1lfM2stMDRzZXNvdUhaWTkwYmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85ZDE2YTktMjc1Ny00MmIxLTg2NTQtYWE5NTg3ODhlZWJm
LzEvV041UVJPMkRoMXgtbnVqc3VIM1cweDNWeEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvrAAwQC
uUBsMA0EAgACMAcDBQMqBDHAMA0GCSqGSIb3DQEBCwUAA4IBAQBF20YlLeDTB1Cq
p34doo4nCW3grSTF8rOfUf1pQyEIMuOfU5IHmkgzG3JEb1ZtbTJvg1cBYMYbaqDc
XADw5Bm/hRjGkSPYcaA6GNxdRN1crwwMY6tOwABzjbhkqfERbPlzZvsprUfak+VH
gcIBfBzQgUK4ypXq2Pt8YRYKyadijZdeaxLIqpfld9S2hd5wVRpjO88jxWINZgSY
+L8uzlErtQodplCt3uEPx/BzbQFQadxmfSVhveSS0WnsY74DFQcaBxr4gRqlX0wQ
qR9AHSfAZgBQ/1SWWs1ymo3TaR+DoBgVg6Josb3xscbwVetxb2Khe0QFlazr1ln1
j8/HftYC
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:45:28 2024 by rpki-client on console-ams.rpki-client.org