Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/wAMkDmw_G3goQ_UxRGl4DgWX7Hs.roa
File: wAMkDmw_G3goQ_UxRGl4DgWX7Hs.roa (raw, json)
Hash identifier: j2SLiyJXAC+7DgQ0bBFM6cgGM2iaoAhqoYliTr3VYzc=
Subject key identifier: C0:03:24:0E:6C:3F:1B:78:28:43:F5:31:44:69:78:0E:05:97:EC:7B
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 018CC6B91971DE25270A112CC199380C58E1
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/wAMkDmw_G3goQ_UxRGl4DgWX7Hs.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47674
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.230.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.229.0/24 maxlen: 24
185.236.228.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:19:71:de:25:27:0a:11:2c:c1:99:38:0c:58:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c003240e6c3f1b782843f5314469780e0597ec7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e7:30:1d:0f:4c:21:b9:c7:f2:cd:a4:47:f8:
c2:bc:0a:64:09:73:74:91:28:25:98:9c:b7:1d:27:
49:c8:c4:8c:67:c2:7e:6d:40:12:5c:58:74:06:5c:
01:9b:4a:15:8d:87:78:59:e2:be:19:c7:7c:63:ac:
09:35:ef:e3:41:5e:b9:46:39:2a:cd:03:b6:03:bb:
5e:c7:40:02:8e:ea:0b:d8:c9:de:a3:76:92:8c:ad:
ba:fe:60:8d:18:63:31:d1:c1:7d:ce:70:e3:49:b3:
a0:ea:18:75:15:2a:63:36:ab:69:f9:18:22:36:37:
6a:0c:b3:91:67:14:af:70:aa:b1:73:c5:61:95:4d:
96:d6:da:8d:39:36:fd:5a:04:c1:59:5c:21:59:89:
e9:27:ed:1c:36:3e:4d:17:04:f1:c9:a4:e0:d2:f5:
04:df:ab:1c:65:57:5b:c2:92:c5:99:e1:46:e5:4e:
09:a1:c3:a4:20:ae:c6:73:9b:c0:bb:ef:41:78:28:
8c:3b:a9:d9:e2:a9:70:80:f2:a0:aa:20:ca:29:cc:
a0:7a:fd:60:0e:01:8b:fe:68:e9:af:dc:9b:13:22:
c6:90:0a:79:bf:77:35:5c:dd:fe:5a:ef:f6:5c:2c:
c6:a0:cd:5f:0f:71:12:75:c9:d6:d6:ed:44:99:80:
75:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:03:24:0E:6C:3F:1B:78:28:43:F5:31:44:69:78:0E:05:97:EC:7B
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/wAMkDmw_G3goQ_UxRGl4DgWX7Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.228.0/22
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
71:59:d5:2f:19:ad:18:f7:56:bd:8c:2e:8f:5e:62:32:c3:44:
02:b0:63:50:89:5e:a9:b3:d8:a8:1d:fc:26:09:04:b5:c0:c4:
2e:eb:e7:8d:2d:30:62:a3:0b:a3:12:ca:95:aa:a4:1b:45:14:
48:07:c7:04:59:42:a6:ef:7b:2c:50:ae:53:70:2e:7c:7f:40:
6e:52:8c:d5:bf:1b:d9:dd:02:eb:2a:1a:99:d3:d4:ed:43:be:
8c:76:35:8c:ab:84:ff:1b:08:53:e3:83:fb:da:a4:b0:99:84:
ed:82:f9:c9:cc:05:ef:ca:1a:e6:9c:70:43:7b:bc:25:71:e2:
a9:d5:00:87:8d:cc:b3:0d:7d:ec:f0:8c:69:a4:38:48:3e:0f:
16:03:17:10:d4:6f:c2:ad:bb:27:b6:5c:7f:b2:d3:1f:3e:15:
27:4b:ee:e5:5b:8c:1b:41:d3:93:a1:b4:5d:7f:96:b0:1d:47:
f3:a7:e3:4a:8a:77:9f:a3:25:73:47:eb:6f:63:02:18:ad:4c:
4e:c9:c4:e5:8b:db:71:c0:ff:8f:67:34:c2:3e:3a:29:38:fc:
e5:8b:8a:24:4c:d5:e8:96:8a:0b:94:8d:78:38:1c:88:c0:e7:
b1:5e:df:d7:2a:a6:e0:0d:bf:22:3c:5c:51:25:28:05:76:3b:
ed:dc:91:0f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuRlx3iUnChEswZk4DFjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDAzMjQwZTZjM2YxYjc4Mjg0M2Y1MzE0NDY5NzgwZTA1OTdlYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOcwHQ9MIbnH8s2kR/jCvApkCXN0
kSglmJy3HSdJyMSMZ8J+bUASXFh0BlwBm0oVjYd4WeK+Gcd8Y6wJNe/jQV65Rjkq
zQO2A7tex0ACjuoL2Mneo3aSjK26/mCNGGMx0cF9znDjSbOg6hh1FSpjNqtp+Rgi
NjdqDLORZxSvcKqxc8VhlU2W1tqNOTb9WgTBWVwhWYnpJ+0cNj5NFwTxyaTg0vUE
36scZVdbwpLFmeFG5U4JocOkIK7Gc5vAu+9BeCiMO6nZ4qlwgPKgqiDKKcygev1g
DgGL/mjpr9ybEyLGkAp5v3c1XN3+Wu/2XCzGoM1fD3ESdcnW1u1EmYB1tQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMADJA5sPxt4KEP1MURpeA4Fl+x7MB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvd0FNa0Rtd19HM2dvUV9VeFJHbDREZ1dYN0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBc7gAwQC
uSaMAwQCuezkAwQDvF3oMA0EAgACMAcDBQAqABxgMA0GCSqGSIb3DQEBCwUAA4IB
AQBxWdUvGa0Y91a9jC6PXmIyw0QCsGNQiV6ps9ioHfwmCQS1wMQu6+eNLTBiowuj
EsqVqqQbRRRIB8cEWUKm73ssUK5TcC58f0BuUozVvxvZ3QLrKhqZ09TtQ76MdjWM
q4T/GwhT44P72qSwmYTtgvnJzAXvyhrmnHBDe7wlceKp1QCHjcyzDX3s8IxppDhI
Pg8WAxcQ1G/Crbsntlx/stMfPhUnS+7lW4wbQdOTobRdf5awHUfzp+NKinefoyVz
R+tvYwIYrUxOycTli9txwP+PZzTCPjopOPzli4okTNXolooLlI14OByIwOexXt/X
KqbgDb8iPFxRJSgFdjvt3JEP
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:14 2024 by rpki-client on console-fra.rpki-client.org