Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/wFiSwk2rJMUy9X1ybXUZlA-fiJY.roa
File: wFiSwk2rJMUy9X1ybXUZlA-fiJY.roa (raw, json)
Hash identifier: 5kv6x4/qjOlajxWaiVvakmaM6LSM31tX1xwLlKZlVD4=
Subject key identifier: C0:58:92:C2:4D:AB:24:C5:32:F5:7D:72:6D:75:19:94:0F:9F:88:96
Certificate issuer: /CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Certificate serial: 018CCA2B6C24676F0F4FB0FEAC53A952C7F8
Authority key identifier: F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/wFiSwk2rJMUy9X1ybXUZlA-fiJY.roa
Signing time: Tue 02 Jan 2024 12:34:52 +0000
ROA not before: Tue 02 Jan 2024 12:34:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21032
IP address blocks: 185.159.208.0/22 maxlen: 22
195.85.202.0/24 maxlen: 24
80.78.160.0/20 maxlen: 20
80.78.176.0/20 maxlen: 20
193.109.138.0/23 maxlen: 23
89.145.0.0/18 maxlen: 18
2a02:5d5::/32 maxlen: 32
2a02:5d7::/32 maxlen: 32
2a02:5d0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:6c:24:67:6f:0f:4f:b0:fe:ac:53:a9:52:c7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Validity
Not Before: Jan 2 12:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05892c24dab24c532f57d726d7519940f9f8896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4a:ec:14:fb:ab:2a:3a:2d:02:f8:75:f5:e5:
5d:07:98:2e:16:be:af:3e:b7:89:4d:58:ab:66:86:
31:41:d2:bc:42:0b:c7:b1:9f:e3:e1:f9:8e:d7:ca:
c8:e0:16:47:e6:7f:22:8d:6b:2c:d2:3d:28:74:c1:
95:5e:d5:4d:3d:70:0d:94:ff:79:23:47:af:75:0d:
01:94:3a:ca:2c:47:84:44:c2:f6:5c:9e:8c:08:7c:
24:49:8c:3f:42:7e:3b:c7:cc:70:b0:7c:a3:73:77:
87:20:c2:e9:2e:47:d5:93:d1:cc:2e:16:ad:96:a4:
8f:1c:3a:81:fe:b1:7b:6b:2f:03:00:97:f4:38:9d:
6a:15:41:a9:d0:ad:38:c0:81:85:fb:71:c2:37:d8:
67:8d:28:0b:8c:70:ee:72:f0:45:9d:b2:66:e3:f9:
9f:fb:fa:ba:f3:f2:b8:8b:92:55:93:5d:e2:21:9b:
c1:5a:2b:f1:e1:6a:8c:c5:2c:bf:e1:2e:2b:e3:7c:
3a:68:4b:f4:49:35:19:8f:9f:cf:07:10:d8:ec:c9:
3b:b0:ef:b1:de:d1:fb:8c:23:56:aa:ac:b0:e7:18:
43:4f:34:74:95:a8:73:b6:f8:9c:2f:59:ed:bd:70:
95:ca:57:c3:aa:e5:46:42:b4:29:d4:14:f6:7c:d5:
e6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:58:92:C2:4D:AB:24:C5:32:F5:7D:72:6D:75:19:94:0F:9F:88:96
X509v3 Authority Key Identifier:
keyid:F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/wFiSwk2rJMUy9X1ybXUZlA-fiJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.160.0/19
89.145.0.0/18
185.159.208.0/22
193.109.138.0/23
195.85.202.0/24
IPv6:
2a02:5d0::/29
Signature Algorithm: sha256WithRSAEncryption
02:2b:83:e6:a2:49:f3:7e:6c:bf:ba:98:52:87:d9:50:d5:b7:
5d:f7:24:1c:4b:cc:e0:78:5a:a7:ba:ce:0b:c0:1d:3e:79:cc:
f2:7f:f7:5e:b3:28:90:57:04:a8:7c:0a:7b:d5:5f:fd:4b:e4:
f5:36:39:28:81:28:87:a7:a4:d9:97:6a:72:c4:54:ce:0f:32:
f2:26:0a:76:ae:d5:52:6d:5d:8a:c5:80:d1:a9:08:1e:aa:d0:
6b:d3:9e:76:de:69:8d:d5:15:d9:67:86:b3:c8:ef:92:69:ac:
3e:64:c0:e4:c2:cc:a7:19:35:41:db:ba:e3:a0:1a:4c:32:dd:
e9:fd:1d:f6:78:26:31:27:3d:a9:3b:4d:37:de:b1:2b:84:a6:
6c:a3:9e:17:98:55:8d:37:0a:0b:55:c3:2b:a7:b7:03:59:65:
1d:74:58:08:fd:90:f4:30:ab:b4:91:54:c9:fd:d3:f9:11:72:
cd:18:7a:d9:0b:a0:4f:45:d4:a4:43:64:18:fc:c7:df:5c:2a:
ec:bc:e6:88:e4:5c:87:48:4b:f6:9a:95:c5:6c:b9:27:5e:64:
71:00:74:9b:cd:b3:28:0d:95:d1:30:d5:57:a4:08:18:e4:11:
4f:44:20:ac:ad:31:29:d5:94:94:87:62:fe:73:8b:7a:cd:08:
5d:58:8b:03
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzKK2wkZ28PT7D+rFOpUsf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDZlYzljZjFkZWFiZjlkNmNkNWY4ODkxYmI4MmQ1NmY5
MWQ2NzgwHhcNMjQwMTAyMTIzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU4OTJjMjRkYWIyNGM1MzJmNTdkNzI2ZDc1MTk5NDBmOWY4ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0rsFPurKjotAvh19eVdB5guFr6v
PreJTVirZoYxQdK8QgvHsZ/j4fmO18rI4BZH5n8ijWss0j0odMGVXtVNPXANlP95
I0evdQ0BlDrKLEeERML2XJ6MCHwkSYw/Qn47x8xwsHyjc3eHIMLpLkfVk9HMLhat
lqSPHDqB/rF7ay8DAJf0OJ1qFUGp0K04wIGF+3HCN9hnjSgLjHDucvBFnbJm4/mf
+/q68/K4i5JVk13iIZvBWivx4WqMxSy/4S4r43w6aEv0STUZj5/PBxDY7Mk7sO+x
3tH7jCNWqqyw5xhDTzR0lahztvicL1ntvXCVylfDquVGQrQp1BT2fNXm/QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMBYksJNqyTFMvV9cm11GZQPn4iWMB8GA1UdIwQY
MBaAFPgG7Jzx3qv51s1fiJG7gtVvkdZ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BYnNuUEhlcV9uV3pWLUlrYnVDMVctUjFuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05Mjcw
LWFjMGE4NGEyN2Q1My8xL3dGaVN3azJySk1VeTlYMXliWFVabEEtZmlKWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05MjcwLWFjMGE4NGEyN2Q1
My8xLzEtQWJzblBIZXFfbld6Vi1Ja2J1QzFXLVIxbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAVQTqAD
BAZZkQADBAK5n9ADBAHBbYoDBADDVcowDQQCAAIwBwMFAyoCBdAwDQYJKoZIhvcN
AQELBQADggEBAAIrg+aiSfN+bL+6mFKH2VDVt133JBxLzOB4Wqe6zgvAHT55zPJ/
916zKJBXBKh8CnvVX/1L5PU2OSiBKIenpNmXanLEVM4PMvImCnau1VJtXYrFgNGp
CB6q0GvTnnbeaY3VFdlnhrPI75JprD5kwOTCzKcZNUHbuuOgGkwy3en9HfZ4JjEn
Pak7TTfesSuEpmyjnheYVY03CgtVwyuntwNZZR10WAj9kPQwq7SRVMn90/kRcs0Y
etkLoE9F1KRDZBj8x99cKuy85ojkXIdIS/aalcVsuSdeZHEAdJvNsygNldEw1Vek
CBjkEU9EIKytMSnVlJSHYv5zi3rNCF1YiwM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:44 2024 by rpki-client on console-fra.rpki-client.org