Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WacNSfnNSW_vCvQvzxWt5nQraAw.roa
File: WacNSfnNSW_vCvQvzxWt5nQraAw.roa (raw, json)
Hash identifier: JU9cDFzbkcb7s3Ue4RnmuGoIq8jq4fkvWytWGPc2Kb4=
Subject key identifier: 59:A7:0D:49:F9:CD:49:6F:EF:0A:F4:2F:CF:15:AD:E6:74:2B:68:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193443E8E93798AAB4ED90EDB16CBB54FAD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WacNSfnNSW_vCvQvzxWt5nQraAw.roa
Signing time: Tue 19 Nov 2024 11:46:10 +0000
ROA not before: Tue 19 Nov 2024 11:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 45.12.254.0/24 maxlen: 24
45.14.165.0/24 maxlen: 24
45.81.243.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
85.209.134.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:3e:8e:93:79:8a:ab:4e:d9:0e:db:16:cb:b5:4f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 19 11:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59a70d49f9cd496fef0af42fcf15ade6742b680c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:6e:f3:d8:4f:5e:70:71:55:48:1f:1f:8b:
3a:d2:6d:7e:df:40:b1:18:bc:05:7f:68:eb:e5:66:
69:11:52:cd:3b:39:62:e8:52:12:1c:17:9c:ab:5e:
8a:56:ce:f7:64:7c:c3:17:54:bb:2f:f7:82:47:24:
66:4d:3d:67:e3:65:d1:cd:33:dd:53:98:28:5e:db:
93:f4:5e:aa:77:fd:d2:64:95:79:29:88:28:7f:e0:
72:b8:15:fa:8a:fe:34:80:84:77:e7:38:9d:0d:17:
4a:ae:7f:f6:1d:46:4e:47:7f:84:d9:c1:92:bf:eb:
10:81:9b:14:1c:8c:fc:c7:76:e3:f2:d7:72:70:e1:
e8:b8:75:0b:75:21:52:fc:9f:a6:98:0c:8a:90:fe:
1d:cb:c0:66:e1:a4:ec:ff:cf:99:d7:f2:2e:1d:8f:
e6:2f:27:4b:75:ba:fe:ae:54:8a:b8:ef:25:57:52:
3e:ff:90:64:9d:e0:dc:78:fe:ac:28:bc:15:45:50:
b7:d6:d0:ad:a4:1c:82:f8:c1:ef:2d:f3:fe:44:b9:
df:0a:fa:2f:14:14:07:95:f6:07:f4:f9:23:53:3b:
6e:fd:0b:fb:82:0a:85:89:c7:74:0e:be:8b:ab:ec:
7f:11:db:3f:c2:ad:0a:cd:18:f8:7d:a2:b9:1f:50:
af:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A7:0D:49:F9:CD:49:6F:EF:0A:F4:2F:CF:15:AD:E6:74:2B:68:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WacNSfnNSW_vCvQvzxWt5nQraAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.14.165.0/24
45.81.243.0/24
45.88.67.0/24
84.21.172.0/24
85.31.45.0/24
85.209.132.0/24
85.209.134.0/24
109.206.241.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ca:ef:65:2f:53:55:03:3c:06:a9:3c:c1:9a:c0:35:fd:0d:
d3:19:a2:8d:92:1b:19:77:69:39:fb:99:1c:98:21:27:68:c6:
12:34:3f:5b:86:c1:3e:a3:0d:5d:1d:67:c8:7f:68:31:28:fa:
ca:da:f5:95:10:4b:0f:b7:a7:5c:c5:26:61:05:13:76:72:8a:
c5:54:02:e6:9f:6a:07:36:a2:0e:6c:56:a5:b5:54:f0:1f:fe:
1a:1f:9e:c7:43:29:31:d6:ef:52:5b:78:c3:6b:82:c5:a8:6e:
0e:32:b4:40:09:0f:d8:93:90:da:f1:3d:8f:a6:43:be:09:ca:
c7:7d:7a:9b:cd:4f:fc:77:c0:8d:cb:b5:4c:6f:d7:c4:42:7c:
bd:10:7b:d0:98:d3:16:a7:a5:c8:7b:c2:22:09:fb:71:0e:ba:
c9:b4:0a:7d:56:dc:28:fe:36:3c:d0:17:11:ee:14:45:27:70:
87:cb:6c:2b:02:ed:7c:7d:60:ec:82:64:c7:38:0b:7d:47:b5:
3d:71:04:69:36:c4:89:04:cc:9d:0a:50:76:0f:f4:12:01:c2:
22:33:c2:14:52:c6:da:ee:29:c0:4c:2f:b7:8e:b7:73:d2:ca:
0a:c2:bd:e8:ed:d3:36:f3:d3:e4:72:97:e7:c9:80:8d:fc:d4:
61:28:ce:60
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNEPo6TeYqrTtkO2xbLtU+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE5MTE0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWE3MGQ0OWY5Y2Q0OTZmZWYwYWY0MmZjZjE1YWRlNjc0MmI2ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudpu89hPXnBxVUgfH4s60m1+30Cx
GLwFf2jr5WZpEVLNOzli6FISHBecq16KVs73ZHzDF1S7L/eCRyRmTT1n42XRzTPd
U5goXtuT9F6qd/3SZJV5KYgof+ByuBX6iv40gIR35zidDRdKrn/2HUZOR3+E2cGS
v+sQgZsUHIz8x3bj8tdycOHouHULdSFS/J+mmAyKkP4dy8Bm4aTs/8+Z1/IuHY/m
LydLdbr+rlSKuO8lV1I+/5BkneDceP6sKLwVRVC31tCtpByC+MHvLfP+RLnfCvov
FBQHlfYH9PkjUztu/Qv7ggqFicd0Dr6Lq+x/Eds/wq0KzRj4faK5H1CvoQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFmnDUn5zUlv7wr0L88VreZ0K2gMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV2FjTlNmbk5TV192Q3ZRdnp4V3Q1blFyYUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQz+AwQA
LQ6lAwQALVHzAwQALVhDAwQAVBWsAwQAVR8tAwQAVdGEAwQAVdGGAwQAbc7xMA0G
CSqGSIb3DQEBCwUAA4IBAQBayu9lL1NVAzwGqTzBmsA1/Q3TGaKNkhsZd2k5+5kc
mCEnaMYSND9bhsE+ow1dHWfIf2gxKPrK2vWVEEsPt6dcxSZhBRN2corFVALmn2oH
NqIObFaltVTwH/4aH57HQykx1u9SW3jDa4LFqG4OMrRACQ/Yk5Da8T2PpkO+CcrH
fXqbzU/8d8CNy7VMb9fEQny9EHvQmNMWp6XIe8IiCftxDrrJtAp9Vtwo/jY80BcR
7hRFJ3CHy2wrAu18fWDsgmTHOAt9R7U9cQRpNsSJBMydClB2D/QSAcIiM8IUUsba
7inATC+3jrdz0soKwr3o7dM289PkcpfnyYCN/NRhKM5g
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:56 2024 by rpki-client on console-fra.rpki-client.org