Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/wDp0nlix7M8Kst7S3tHs4D_R2i4.roa
File: wDp0nlix7M8Kst7S3tHs4D_R2i4.roa (raw, json)
Hash identifier: l+Gtj5vEk1M5GrGG1HyyFczUPRj3ClNU2QsrZ6fwzgY=
Subject key identifier: C0:3A:74:9E:58:B1:EC:CF:0A:B2:DE:D2:DE:D1:EC:E0:3F:D1:DA:2E
Certificate issuer: /CN=2681b7b4ae3e75dc4b36cff2937923ecdff7259b
Certificate serial: 018CC64A4CE1E4799FEE2FE47A93F464F1C6
Authority key identifier: 26:81:B7:B4:AE:3E:75:DC:4B:36:CF:F2:93:79:23:EC:DF:F7:25:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JoG3tK4-ddxLNs_yk3kj7N_3JZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/wDp0nlix7M8Kst7S3tHs4D_R2i4.roa
Signing time: Mon 01 Jan 2024 18:30:07 +0000
ROA not before: Mon 01 Jan 2024 18:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.19.15.0/24 maxlen: 24
185.19.12.0/24 maxlen: 24
185.19.13.0/24 maxlen: 24
185.19.14.0/24 maxlen: 24
185.192.157.0/24 maxlen: 24
185.192.158.0/24 maxlen: 24
185.192.159.0/24 maxlen: 24
185.192.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/JoG3tK4-ddxLNs_yk3kj7N_3JZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/JoG3tK4-ddxLNs_yk3kj7N_3JZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JoG3tK4-ddxLNs_yk3kj7N_3JZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:4c:e1:e4:79:9f:ee:2f:e4:7a:93:f4:64:f1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2681b7b4ae3e75dc4b36cff2937923ecdff7259b
Validity
Not Before: Jan 1 18:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c03a749e58b1eccf0ab2ded2ded1ece03fd1da2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:03:34:05:0c:02:10:47:d3:b0:20:63:0e:
51:6b:bd:39:7f:4c:1f:81:2e:3c:42:73:a5:96:2e:
63:d9:b0:68:af:fc:01:1e:40:04:43:94:d7:46:d4:
40:73:28:42:2f:42:ce:a3:8d:21:09:d5:85:c5:cd:
f2:d2:23:e2:8e:7c:5f:fc:f2:4c:4f:07:8e:59:a7:
17:54:cd:50:d7:aa:af:85:f7:00:1a:22:78:b9:fd:
8c:4b:c5:3d:10:4f:0f:92:18:6e:cd:a1:6e:fb:b7:
76:37:1c:4d:f1:96:65:45:6a:f5:6e:87:97:a7:9b:
16:96:ad:b5:af:59:12:26:54:30:17:1b:6e:d9:48:
8a:19:0b:5f:46:fe:5c:36:5d:6f:51:0a:1b:5a:a9:
ae:0f:bc:e3:ab:a3:a7:01:08:0b:61:4b:4c:8d:5d:
c8:5a:82:9a:58:fb:b5:e2:af:56:14:eb:3c:84:2d:
43:08:1a:93:d5:9a:9b:e5:6a:3d:6f:3e:6e:6e:68:
a9:a3:05:94:a8:db:57:d1:bd:df:78:62:b9:ba:9e:
d0:f1:15:b9:9b:72:d0:cb:b5:7b:c7:12:4c:2a:83:
6f:49:ad:f4:b0:8e:58:3f:1b:79:ef:12:03:46:2d:
19:e2:60:5b:b3:19:06:0d:4b:62:be:dd:be:36:dc:
9e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3A:74:9E:58:B1:EC:CF:0A:B2:DE:D2:DE:D1:EC:E0:3F:D1:DA:2E
X509v3 Authority Key Identifier:
keyid:26:81:B7:B4:AE:3E:75:DC:4B:36:CF:F2:93:79:23:EC:DF:F7:25:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoG3tK4-ddxLNs_yk3kj7N_3JZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/wDp0nlix7M8Kst7S3tHs4D_R2i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/978871-255b-443a-8e01-fc839bb6d173/1/JoG3tK4-ddxLNs_yk3kj7N_3JZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.12.0/22
185.192.156.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:37:ae:6f:fc:f9:14:f6:5b:69:bd:24:73:52:02:b5:d0:3a:
5c:15:01:8b:24:c5:6c:63:4d:23:3d:ce:24:a4:d2:3c:fb:46:
74:76:af:6d:b4:35:34:f5:9d:76:4a:8c:9c:65:4c:07:ec:53:
9e:26:59:3f:de:f6:ab:2a:7d:49:e1:5b:f5:f7:e8:d8:b2:9d:
1a:6b:0a:a3:0d:70:d1:a1:65:42:cb:0a:f5:35:10:22:17:e8:
87:cd:a0:a2:6f:64:84:de:26:8d:ac:0d:54:79:8e:89:fa:53:
09:6f:6a:d9:f5:2e:21:5a:1e:c6:f8:8e:41:a1:24:1f:39:c5:
ca:91:90:d2:8c:e0:f1:8c:4f:82:c1:7b:15:be:22:7e:7f:da:
5b:23:24:a4:bf:6a:4c:59:bf:26:5c:88:56:d1:74:04:f1:1c:
c5:3a:5b:20:64:6b:5b:0b:5d:c8:6e:e6:ba:d3:39:4b:fe:60:
6e:ef:76:19:66:bf:58:e8:06:25:04:9a:c0:1d:91:ae:d8:13:
2f:cf:4e:c0:29:2a:d1:a2:f3:fa:b1:77:07:77:45:49:0c:61:
aa:a9:f5:8d:eb:55:ac:c4:ff:e2:7b:57:e1:18:bd:18:0e:04:
bc:15:4a:ae:87:6d:25:ad:36:41:96:ab:70:d3:20:3a:7f:75:
34:4b:eb:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSkzh5Hmf7i/kepP0ZPHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODFiN2I0YWUzZTc1ZGM0YjM2Y2ZmMjkzNzkyM2VjZGZm
NzI1OWIwHhcNMjQwMTAxMTgzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNhNzQ5ZTU4YjFlY2NmMGFiMmRlZDJkZWQxZWNlMDNmZDFkYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/IDNAUMAhBH07AgYw5Ra705f0wf
gS48QnOlli5j2bBor/wBHkAEQ5TXRtRAcyhCL0LOo40hCdWFxc3y0iPijnxf/PJM
TweOWacXVM1Q16qvhfcAGiJ4uf2MS8U9EE8PkhhuzaFu+7d2NxxN8ZZlRWr1boeX
p5sWlq21r1kSJlQwFxtu2UiKGQtfRv5cNl1vUQobWqmuD7zjq6OnAQgLYUtMjV3I
WoKaWPu14q9WFOs8hC1DCBqT1Zqb5Wo9bz5ubmipowWUqNtX0b3feGK5up7Q8RW5
m3LQy7V7xxJMKoNvSa30sI5YPxt57xIDRi0Z4mBbsxkGDUtivt2+NtyeNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMA6dJ5YsezPCrLe0t7R7OA/0douMB8GA1UdIwQY
MBaAFCaBt7SuPnXcSzbP8pN5I+zf9yWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9HM3RLNC1kZHhMTnNfeWsza2o3Tl8zSlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC85Nzg4NzEtMjU1Yi00NDNhLThlMDEt
ZmM4MzliYjZkMTczLzEvd0RwMG5saXg3TThLc3Q3UzN0SHM0RF9SMmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC85Nzg4NzEtMjU1Yi00NDNhLThlMDEtZmM4MzliYjZkMTcz
LzEvSm9HM3RLNC1kZHhMTnNfeWsza2o3Tl8zSlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRMMAwQC
ucCcMA0GCSqGSIb3DQEBCwUAA4IBAQCeN65v/PkU9ltpvSRzUgK10DpcFQGLJMVs
Y00jPc4kpNI8+0Z0dq9ttDU09Z12SoycZUwH7FOeJlk/3varKn1J4Vv19+jYsp0a
awqjDXDRoWVCywr1NRAiF+iHzaCib2SE3iaNrA1UeY6J+lMJb2rZ9S4hWh7G+I5B
oSQfOcXKkZDSjODxjE+CwXsVviJ+f9pbIySkv2pMWb8mXIhW0XQE8RzFOlsgZGtb
C13Ibua60zlL/mBu73YZZr9Y6AYlBJrAHZGu2BMvz07AKSrRovP6sXcHd0VJDGGq
qfWN61WsxP/ie1fhGL0YDgS8FUquh20lrTZBlqtw0yA6f3U0S+vR
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:03:10 2024 by rpki-client on console-ams.rpki-client.org