Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/WOWWo0gnevUj5tw5MCGOh59dN8o.roa
File: WOWWo0gnevUj5tw5MCGOh59dN8o.roa (raw, json)
Hash identifier: 0MXt6+WlnYMGniV+s2c8uUvZIE08eilVp1IAUxHkrLo=
Subject key identifier: 58:E5:96:A3:48:27:7A:F5:23:E6:DC:39:30:21:8E:87:9F:5D:37:CA
Certificate issuer: /CN=f58acd43c0033b13b88bb397415583aa51d9303a
Certificate serial: 018CC26D7540A58A95461382A665CDABA1D6
Authority key identifier: F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/WOWWo0gnevUj5tw5MCGOh59dN8o.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198726
IP address blocks: 5.10.0.0/21 maxlen: 24
185.238.160.0/22 maxlen: 22
185.14.64.0/22 maxlen: 22
91.137.64.0/18 maxlen: 24
185.240.224.0/22 maxlen: 22
185.35.216.0/22 maxlen: 22
185.233.220.0/22 maxlen: 22
2a02:acc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:75:40:a5:8a:95:46:13:82:a6:65:cd:ab:a1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58acd43c0033b13b88bb397415583aa51d9303a
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58e596a348277af523e6dc3930218e879f5d37ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:32:e7:2c:70:ac:54:db:b2:8d:5e:c9:b4:63:
92:24:2a:f5:8a:1e:76:e9:4d:80:08:fb:61:bd:52:
d4:9d:8b:20:25:9b:8f:a7:3e:6c:c3:96:69:da:fb:
a5:ba:15:22:e2:21:f1:ee:59:96:a2:9a:14:7a:71:
59:69:18:39:22:0c:b7:48:22:9d:e0:3c:f5:90:12:
1e:48:2d:0d:77:86:e0:b3:9b:86:68:d4:7e:4d:8e:
a2:01:4b:a1:6d:dd:36:13:b6:c5:f7:ee:cc:1c:68:
76:95:d6:b9:aa:f5:a6:c9:65:37:29:11:ba:01:f4:
0c:91:2d:7e:02:31:4a:c7:fd:aa:88:0a:8b:d1:1a:
31:6e:bb:5e:ee:05:4b:db:06:be:c4:cb:78:f4:cc:
90:25:9f:df:9c:35:27:1d:e3:43:72:63:0b:6d:1d:
ec:c8:44:7a:35:55:fb:ca:b1:48:75:f1:f5:9c:8e:
a6:ff:2a:ea:88:46:e2:63:bb:de:2c:10:fc:cf:7c:
60:ac:0d:53:21:b6:b1:39:61:f4:25:43:4b:5a:40:
a2:68:e3:1c:7b:e9:f2:a9:ee:be:57:92:cd:08:2f:
6d:85:11:e1:cf:18:ce:a9:b7:0d:9b:3a:b7:52:72:
2f:08:12:49:9f:05:38:1c:46:d7:e5:50:bf:6d:e3:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E5:96:A3:48:27:7A:F5:23:E6:DC:39:30:21:8E:87:9F:5D:37:CA
X509v3 Authority Key Identifier:
keyid:F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/WOWWo0gnevUj5tw5MCGOh59dN8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.0.0/21
91.137.64.0/18
185.14.64.0/22
185.35.216.0/22
185.233.220.0/22
185.238.160.0/22
185.240.224.0/22
IPv6:
2a02:acc1::/32
Signature Algorithm: sha256WithRSAEncryption
46:05:76:62:d6:32:ac:d2:c5:75:7e:8d:22:b0:3f:0e:86:33:
99:5a:2e:52:8f:a7:95:aa:07:26:d4:93:67:30:78:42:8b:85:
94:0a:de:02:b4:b0:82:6b:d5:26:79:d5:c8:86:59:1b:5e:35:
f5:c5:42:9d:dd:2a:03:44:b5:6c:0e:8c:70:88:21:9c:dc:2c:
0e:ef:88:7a:1c:16:a4:cc:ce:45:be:14:b5:e1:e6:7e:98:d4:
ba:55:e0:3a:6a:ab:76:07:b4:09:96:23:d0:de:99:f4:6f:81:
29:9f:91:9a:06:5d:87:b7:0e:12:18:a0:dd:4f:31:b7:52:2b:
c2:c2:5c:f8:f1:84:63:20:41:7d:fa:d8:76:2b:b1:a4:3f:d6:
80:c6:8e:ef:6a:8b:34:1a:fb:cb:6e:87:6f:6f:90:a2:96:1a:
ec:08:ad:d7:a1:82:d1:fd:26:c0:4c:71:0c:d7:bd:89:92:7b:
5f:53:1c:a3:f2:16:47:58:b3:13:e5:61:b2:9e:2d:c2:a9:1b:
a8:26:1a:60:0e:e4:dc:de:05:54:28:09:9e:bf:53:5d:7e:26:
0e:96:e5:36:5c:92:a9:f2:85:dd:a3:1b:1c:b6:d1:70:13:9e:
33:7a:5a:ce:5c:a7:ff:36:fb:c2:8b:3b:77:15:90:4d:a3:2f:
aa:10:8e:d5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzCbXVApYqVRhOCpmXNq6HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGFjZDQzYzAwMzNiMTNiODhiYjM5NzQxNTU4M2FhNTFk
OTMwM2EwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU1OTZhMzQ4Mjc3YWY1MjNlNmRjMzkzMDIxOGU4NzlmNWQzN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzLnLHCsVNuyjV7JtGOSJCr1ih52
6U2ACPthvVLUnYsgJZuPpz5sw5Zp2vuluhUi4iHx7lmWopoUenFZaRg5Igy3SCKd
4Dz1kBIeSC0Nd4bgs5uGaNR+TY6iAUuhbd02E7bF9+7MHGh2lda5qvWmyWU3KRG6
AfQMkS1+AjFKx/2qiAqL0Roxbrte7gVL2wa+xMt49MyQJZ/fnDUnHeNDcmMLbR3s
yER6NVX7yrFIdfH1nI6m/yrqiEbiY7veLBD8z3xgrA1TIbaxOWH0JUNLWkCiaOMc
e+nyqe6+V5LNCC9thRHhzxjOqbcNmzq3UnIvCBJJnwU4HEbX5VC/beN1fQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFjllqNIJ3r1I+bcOTAhjoefXTfKMB8GA1UdIwQY
MBaAFPWKzUPAAzsTuIuzl0FVg6pR2TA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUt
Y2YyZDU4ZDBlMGVlLzEvV09XV28wZ25ldlVqNXR3NU1DR09oNTlkTjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUtY2YyZDU4ZDBlMGVl
LzEvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBQoAAwQG
W4lAAwQCuQ5AAwQCuSPYAwQCuencAwQCue6gAwQCufDgMA0EAgACMAcDBQAqAqzB
MA0GCSqGSIb3DQEBCwUAA4IBAQBGBXZi1jKs0sV1fo0isD8OhjOZWi5Sj6eVqgcm
1JNnMHhCi4WUCt4CtLCCa9UmedXIhlkbXjX1xUKd3SoDRLVsDoxwiCGc3CwO74h6
HBakzM5FvhS14eZ+mNS6VeA6aqt2B7QJliPQ3pn0b4Epn5GaBl2Htw4SGKDdTzG3
UivCwlz48YRjIEF9+th2K7GkP9aAxo7vaos0GvvLbodvb5CilhrsCK3XoYLR/SbA
THEM172JkntfUxyj8hZHWLMT5WGyni3CqRuoJhpgDuTc3gVUKAmev1NdfiYOluU2
XJKp8oXdoxscttFwE54zelrOXKf/NvvCizt3FZBNoy+qEI7V
-----END CERTIFICATE-----
Generated at Wed May 15 17:54:22 2024 by rpki-client on console-fra.rpki-client.org