Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/wsFVFYnBMuGVq6Q8fIe1aUkeLoU.roa
File: wsFVFYnBMuGVq6Q8fIe1aUkeLoU.roa (raw, json)
Hash identifier: dUGwor+VrIGw7hT20j6uafZzkcOb9SW2nKt+0NL0CGc=
Subject key identifier: C2:C1:55:15:89:C1:32:E1:95:AB:A4:3C:7C:87:B5:69:49:1E:2E:85
Certificate issuer: /CN=4afc7f0beac2260702d05b69dd7b7a3fb2ddd69e
Certificate serial: 018CC492940AA2D77BF9CAD5FB82582E9A5F
Authority key identifier: 4A:FC:7F:0B:EA:C2:26:07:02:D0:5B:69:DD:7B:7A:3F:B2:DD:D6:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/wsFVFYnBMuGVq6Q8fIe1aUkeLoU.roa
Signing time: Mon 01 Jan 2024 10:29:49 +0000
ROA not before: Mon 01 Jan 2024 10:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31725
IP address blocks: 91.201.240.0/23 maxlen: 23
91.201.240.0/22 maxlen: 22
91.201.242.0/23 maxlen: 23
188.190.64.0/19 maxlen: 19
109.95.32.0/22 maxlen: 22
109.95.32.0/21 maxlen: 21
195.62.15.0/24 maxlen: 24
195.62.14.0/23 maxlen: 23
195.62.14.0/24 maxlen: 24
2001:67c:176c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:94:0a:a2:d7:7b:f9:ca:d5:fb:82:58:2e:9a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afc7f0beac2260702d05b69dd7b7a3fb2ddd69e
Validity
Not Before: Jan 1 10:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2c1551589c132e195aba43c7c87b569491e2e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:01:73:7e:29:30:26:19:2d:8a:ac:12:8e:91:
ca:89:a5:ec:16:66:76:61:40:ef:19:c6:a2:3d:a1:
a7:13:1d:62:1e:70:ba:45:63:bc:fd:c6:5b:59:f6:
90:d1:ad:fc:f4:10:54:66:4d:84:f8:de:b7:8e:93:
16:9c:d2:ed:11:82:53:f7:cd:fd:88:b5:8a:7e:1a:
e7:07:25:99:50:08:0d:7f:41:e2:88:63:39:af:23:
75:83:fe:29:c5:d3:a6:94:94:ae:df:44:4a:ed:8a:
d0:d4:87:12:54:6e:66:4e:a1:a7:fa:5e:b8:1e:99:
78:2c:7b:c9:d0:1e:13:48:f8:52:16:fe:63:5b:07:
f6:dd:a4:13:05:7f:d4:94:6f:3e:90:e9:1b:cb:4d:
4c:3c:f5:17:7d:8e:42:d3:42:31:c9:c1:f1:87:6d:
19:0b:97:32:40:94:72:2b:8a:e1:8a:93:44:6d:d3:
fe:87:f1:e5:8c:07:dc:74:c1:fe:d3:91:41:6e:13:
ea:e5:31:9d:5c:d7:0d:02:57:2a:56:9b:a6:79:ee:
dc:13:be:33:c0:ab:90:65:ba:60:9b:f4:91:7c:42:
8c:87:a0:36:e9:eb:3b:00:95:e6:11:86:cf:11:ff:
06:e4:6b:98:9e:ec:99:ee:05:a4:28:f1:2a:ac:c8:
41:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C1:55:15:89:C1:32:E1:95:AB:A4:3C:7C:87:B5:69:49:1E:2E:85
X509v3 Authority Key Identifier:
keyid:4A:FC:7F:0B:EA:C2:26:07:02:D0:5B:69:DD:7B:7A:3F:B2:DD:D6:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/wsFVFYnBMuGVq6Q8fIe1aUkeLoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.240.0/22
109.95.32.0/21
188.190.64.0/19
195.62.14.0/23
IPv6:
2001:67c:176c::/48
Signature Algorithm: sha256WithRSAEncryption
25:98:62:e7:3c:39:96:e8:79:0a:c6:e6:f3:2f:3d:bd:dc:23:
8a:7d:1a:0e:2f:46:c9:c3:a8:11:ed:18:0f:3a:1a:1b:7e:af:
ac:53:70:80:ce:0c:db:82:98:89:b1:4a:7d:21:fe:81:2a:be:
96:40:79:7d:b9:d5:d8:91:48:61:23:b3:72:8f:23:0c:96:09:
ff:e3:f4:7e:8e:8f:42:df:68:3e:a7:d3:5f:f7:41:d4:4d:f6:
f9:57:d7:7b:ed:7b:fa:28:d6:5d:9b:cf:9d:fb:b4:52:cf:fe:
e1:12:ac:db:2c:2b:bc:f9:57:74:f2:e3:75:8e:4b:8f:2e:0d:
e4:e7:fd:c1:b6:c5:4c:c0:b6:86:6f:01:80:87:75:5e:f9:be:
4d:e2:26:88:3f:31:a0:12:5a:d5:b2:32:d5:b0:5e:a3:a0:f3:
fb:ff:ce:0a:bf:00:62:6f:83:fc:06:93:de:8e:08:cb:f0:fe:
f2:c7:34:47:54:b5:56:7d:ad:d0:71:9c:d2:ed:89:ca:3e:8b:
69:ee:f2:15:0d:51:f6:5f:86:9f:6b:fc:b8:95:0c:32:ff:72:
72:dd:0b:1f:41:eb:32:8d:37:f2:95:c7:42:f8:c7:b2:e4:71:
ea:60:61:f1:cf:de:37:01:87:7f:b3:78:77:fd:79:8e:b5:a3:
a2:0d:20:18
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzEkpQKotd7+crV+4JYLppfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmM3ZjBiZWFjMjI2MDcwMmQwNWI2OWRkN2I3YTNmYjJk
ZGQ2OWUwHhcNMjQwMTAxMTAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmMxNTUxNTg5YzEzMmUxOTVhYmE0M2M3Yzg3YjU2OTQ5MWUyZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAFzfikwJhktiqwSjpHKiaXsFmZ2
YUDvGcaiPaGnEx1iHnC6RWO8/cZbWfaQ0a389BBUZk2E+N63jpMWnNLtEYJT9839
iLWKfhrnByWZUAgNf0HiiGM5ryN1g/4pxdOmlJSu30RK7YrQ1IcSVG5mTqGn+l64
Hpl4LHvJ0B4TSPhSFv5jWwf23aQTBX/UlG8+kOkby01MPPUXfY5C00IxycHxh20Z
C5cyQJRyK4rhipNEbdP+h/HljAfcdMH+05FBbhPq5TGdXNcNAlcqVpumee7cE74z
wKuQZbpgm/SRfEKMh6A26es7AJXmEYbPEf8G5GuYnuyZ7gWkKPEqrMhBWwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMLBVRWJwTLhlaukPHyHtWlJHi6FMB8GA1UdIwQY
MBaAFEr8fwvqwiYHAtBbad17ej+y3daeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Z4X0MtckNKZ2NDMEZ0cDNYdDZQN0xkMXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80ZjQwNmEtMjk4MS00YWFmLThiNjEt
ZjRjZTIyZWNhZTM0LzEvd3NGVkZZbkJNdUdWcTZROGZJZTFhVWtlTG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80ZjQwNmEtMjk4MS00YWFmLThiNjEtZjRjZTIyZWNhZTM0
LzEvU3Z4X0MtckNKZ2NDMEZ0cDNYdDZQN0xkMXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW8nwAwQD
bV8gAwQFvL5AAwQBwz4OMA8EAgACMAkDBwAgAQZ8F2wwDQYJKoZIhvcNAQELBQAD
ggEBACWYYuc8OZboeQrG5vMvPb3cI4p9Gg4vRsnDqBHtGA86Ght+r6xTcIDODNuC
mImxSn0h/oEqvpZAeX251diRSGEjs3KPIwyWCf/j9H6Oj0LfaD6n01/3QdRN9vlX
13vte/oo1l2bz537tFLP/uESrNssK7z5V3Ty43WOS48uDeTn/cG2xUzAtoZvAYCH
dV75vk3iJog/MaASWtWyMtWwXqOg8/v/zgq/AGJvg/wGk96OCMvw/vLHNEdUtVZ9
rdBxnNLtico+i2nu8hUNUfZfhp9r/LiVDDL/cnLdCx9B6zKNN/KVx0L4x7Lkcepg
YfHP3jcBh3+zeHf9eY61o6INIBg=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:09:50 2024 by rpki-client on console-ams.rpki-client.org