Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/WI8vXMORAvZHFiTZISMcJhBZ-io.roa
File: WI8vXMORAvZHFiTZISMcJhBZ-io.roa (raw, json)
Hash identifier: obY8AhHD347kG1rj0GtH4nlZKEZysY9jQFC1ssA6U4s=
Subject key identifier: 58:8F:2F:5C:C3:91:02:F6:47:16:24:D9:21:23:1C:26:10:59:FA:2A
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 0190C013627AE7E0A28EBC0272B11AD2C47A
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/WI8vXMORAvZHFiTZISMcJhBZ-io.roa
Signing time: Wed 17 Jul 2024 09:43:34 +0000
ROA not before: Wed 17 Jul 2024 09:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29650
IP address blocks: 45.139.240.0/22 maxlen: 24
79.140.128.0/20 maxlen: 24
82.195.128.0/19 maxlen: 24
84.51.224.0/21 maxlen: 21
84.51.236.0/22 maxlen: 22
84.51.240.0/20 maxlen: 20
212.78.224.0/20 maxlen: 20
212.78.240.0/23 maxlen: 23
212.78.252.0/22 maxlen: 22
212.84.40.0/21 maxlen: 24
2001:1bd8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:13:62:7a:e7:e0:a2:8e:bc:02:72:b1:1a:d2:c4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Jul 17 09:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=588f2f5cc39102f6471624d921231c261059fa2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f2:4b:82:3b:9f:04:67:f6:68:79:56:76:e6:
02:ac:57:ba:a7:53:cb:cf:d2:c8:e9:40:13:ad:ac:
c4:9d:a3:9a:7d:83:36:54:18:8f:1b:98:bd:af:bf:
98:bf:74:a5:42:c1:3b:03:31:a9:c3:f5:99:6b:30:
25:de:2a:94:bd:e9:1d:dd:9d:32:6a:50:4c:c1:73:
1a:02:4c:ff:53:5e:84:07:8f:be:08:9d:3c:40:19:
49:1a:2c:d5:45:50:c8:9c:2f:18:de:44:5e:d3:2c:
08:b4:bd:15:59:b6:fd:ec:f3:85:11:8d:88:c0:b9:
13:cb:10:f8:97:75:e8:ad:e7:8c:31:6c:bb:3c:8e:
7b:4c:38:4d:e7:be:77:e1:11:4c:bd:21:8a:ea:9e:
7f:fd:49:95:cb:39:3c:53:64:00:e4:41:f3:3e:7f:
d9:f8:e8:bf:07:7c:58:9b:83:99:61:3a:17:16:bc:
cd:ed:d6:76:1b:d9:05:ee:f2:24:fa:84:22:44:83:
db:42:f1:50:be:cb:f7:03:6f:ca:22:88:4d:68:d0:
8d:7c:8b:ec:11:10:4e:69:2b:3a:a6:3f:d6:dd:9a:
6f:ce:5e:e0:bf:ad:fd:64:1d:f8:af:bd:e2:4d:4b:
06:f8:7a:e2:07:da:f4:77:ae:f1:ca:bf:88:94:ce:
07:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8F:2F:5C:C3:91:02:F6:47:16:24:D9:21:23:1C:26:10:59:FA:2A
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/WI8vXMORAvZHFiTZISMcJhBZ-io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.240.0/22
79.140.128.0/20
82.195.128.0/19
84.51.224.0/21
84.51.236.0-84.51.255.255
212.78.224.0-212.78.241.255
212.78.252.0/22
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
2d:80:23:da:15:01:71:9a:16:57:59:81:84:ac:c8:88:3c:ce:
ad:a4:ce:44:e4:67:75:04:18:31:3e:21:0f:8d:91:57:92:35:
bc:0f:b0:ea:58:da:55:80:00:6a:26:e3:ec:2c:92:8f:da:2f:
e9:fb:fe:17:c8:a8:bc:80:d2:82:e0:8e:bc:40:4f:fe:87:f8:
51:cd:f3:f0:47:7b:e3:49:9f:e6:3a:31:ca:12:41:19:09:0c:
63:33:ec:19:f6:10:f5:67:67:0c:4b:c8:53:84:aa:3c:5c:15:
0b:e9:7a:68:a4:20:62:ab:9b:28:05:b0:48:87:52:f4:74:86:
89:51:9c:64:ea:33:ae:92:e7:b9:b2:15:72:2b:ec:11:3b:29:
3b:82:c1:19:f5:b1:c7:a4:6e:71:be:9e:24:67:fe:c5:f8:69:
30:be:29:8a:81:2a:71:72:75:d9:2c:61:fc:f3:09:2a:91:11:
5e:dc:ce:2d:5e:92:52:29:b6:be:3e:9e:c6:87:d2:a2:8e:f7:
c5:b7:e7:66:c6:f3:fe:9e:24:2c:2a:c4:5e:3d:b1:8a:a0:2a:
f5:41:ca:49:7c:16:64:fb:bd:bb:fd:8f:f5:a2:52:d2:25:4e:
39:5d:f0:55:fc:e2:e3:38:99:87:91:dd:fb:bd:3e:1d:76:fe:
3f:b7:bc:ba
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZDAE2J65+CijrwCcrEa0sR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjQwNzE3MDk0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODhmMmY1Y2MzOTEwMmY2NDcxNjI0ZDkyMTIzMWMyNjEwNTlmYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/JLgjufBGf2aHlWduYCrFe6p1PL
z9LI6UATrazEnaOafYM2VBiPG5i9r7+Yv3SlQsE7AzGpw/WZazAl3iqUvekd3Z0y
alBMwXMaAkz/U16EB4++CJ08QBlJGizVRVDInC8Y3kRe0ywItL0VWbb97POFEY2I
wLkTyxD4l3XoreeMMWy7PI57TDhN57534RFMvSGK6p5//UmVyzk8U2QA5EHzPn/Z
+Oi/B3xYm4OZYToXFrzN7dZ2G9kF7vIk+oQiRIPbQvFQvsv3A2/KIohNaNCNfIvs
ERBOaSs6pj/W3Zpvzl7gv639ZB34r73iTUsG+HriB9r0d67xyr+IlM4H+wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFiPL1zDkQL2RxYk2SEjHCYQWfoqMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvV0k4dlhNT1JBdlpIRmlUWklTTWNKaEJaLWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQCLYvwAwQE
T4yAAwQFUsOAAwQDVDPgMAsDBAJUM+wDAwJUMDAMAwQF1E7gAwQB1E7wAwQC1E78
AwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqGSIb3DQEBCwUAA4IBAQAtgCPaFQFx
mhZXWYGErMiIPM6tpM5E5Gd1BBgxPiEPjZFXkjW8D7DqWNpVgABqJuPsLJKP2i/p
+/4XyKi8gNKC4I68QE/+h/hRzfPwR3vjSZ/mOjHKEkEZCQxjM+wZ9hD1Z2cMS8hT
hKo8XBUL6XpopCBiq5soBbBIh1L0dIaJUZxk6jOukue5shVyK+wROyk7gsEZ9bHH
pG5xvp4kZ/7F+GkwvimKgSpxcnXZLGH88wkqkRFe3M4tXpJSKba+Pp7Gh9KijvfF
t+dmxvP+niQsKsRePbGKoCr1QcpJfBZk+727/Y/1olLSJU45XfBV/OLjOJmHkd37
vT4ddv4/t7y6
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:19:16 2024 by rpki-client on console-fra.rpki-client.org