Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WYc-xncAY1sIv3oJCwB_JTvYwbM.roa
File: WYc-xncAY1sIv3oJCwB_JTvYwbM.roa (raw, json)
Hash identifier: CtZgJ5ibcVr23e+icBOmcwI/1aZK1Gbz3qZHfWZmPAk=
Subject key identifier: 59:87:3E:C6:77:00:63:5B:08:BF:7A:09:0B:00:7F:25:3B:D8:C1:B3
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0192609EBD54B8124D5B127191D25F2DD375
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WYc-xncAY1sIv3oJCwB_JTvYwbM.roa
Signing time: Sun 06 Oct 2024 06:57:48 +0000
ROA not before: Sun 06 Oct 2024 06:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215826
IP address blocks: 147.45.45.0/24 maxlen: 24
193.233.112.0/23 maxlen: 23
193.233.134.0/24 maxlen: 24
193.233.254.0/24 maxlen: 24
193.233.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:60:9e:bd:54:b8:12:4d:5b:12:71:91:d2:5f:2d:d3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 6 06:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59873ec67700635b08bf7a090b007f253bd8c1b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:c1:f3:3f:82:99:25:f4:66:19:d4:24:12:
c9:38:a3:64:fa:ee:10:85:7c:1e:fb:c0:b0:ba:67:
17:46:00:ba:98:cb:91:30:56:ac:8c:f5:09:0c:22:
1a:0e:04:94:0b:06:32:a0:0a:f4:4e:8f:8e:59:87:
48:79:ed:bc:ea:5e:8f:d6:78:3a:23:c1:cf:f7:bf:
43:44:c4:61:0a:f3:a0:d8:9c:d1:00:7b:8e:c5:0f:
c3:fc:66:2e:73:1d:58:7d:1f:62:a6:f1:0c:57:cd:
98:b6:90:7a:a9:57:d0:5b:66:d3:61:81:20:ed:1c:
45:90:43:41:0d:0f:a3:eb:3c:db:01:d5:e5:b8:da:
20:61:ed:fd:1a:78:b2:34:30:f0:23:2f:e2:ae:8a:
2b:27:ea:c9:6b:bc:ed:af:b7:d1:71:94:1c:1d:da:
54:e3:83:79:cb:9e:db:fa:af:6a:d6:16:bf:04:4d:
ee:55:41:6d:0c:ec:17:0a:d9:f5:65:09:50:17:61:
72:76:94:94:d6:5a:6a:1e:6c:e3:59:5b:db:ea:07:
18:67:1b:8b:71:95:77:48:87:a5:47:b7:1b:44:6f:
86:07:56:b6:a1:80:ad:57:f2:8c:79:d6:6c:1f:65:
ce:df:cf:5c:c6:b3:ac:69:80:ac:50:2f:1a:95:35:
3d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:87:3E:C6:77:00:63:5B:08:BF:7A:09:0B:00:7F:25:3B:D8:C1:B3
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WYc-xncAY1sIv3oJCwB_JTvYwbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.45.0/24
193.233.112.0/23
193.233.134.0/24
193.233.254.0/23
Signature Algorithm: sha256WithRSAEncryption
94:4d:aa:4e:fb:60:5b:a8:ae:9c:0d:da:5b:94:cc:de:5e:b5:
11:88:c8:1c:29:53:d4:7a:74:d7:d4:c5:57:72:bf:b5:e9:6f:
3e:40:b1:f0:2a:38:36:14:16:cd:60:a1:eb:03:3e:22:59:f1:
6e:ec:45:8c:5f:ba:ed:57:fe:29:a4:c2:a7:05:25:af:bc:0d:
1d:49:9a:70:7d:47:9d:13:ef:c5:5c:5c:a1:6f:b2:ad:9a:93:
b0:c2:c2:75:4b:c4:87:89:27:f8:c1:55:76:b2:63:c7:79:33:
12:a9:e3:45:fb:b8:49:1e:7f:a3:a0:3c:69:06:5e:3c:57:af:
b3:c5:d7:8d:87:54:63:02:c9:83:34:b1:4b:91:af:18:8b:6c:
9d:6c:12:44:f2:e7:0f:b7:67:b0:2b:d5:53:70:22:13:fd:c3:
a9:df:e4:46:1f:39:92:f8:73:bf:2d:77:e8:08:4f:4c:fe:5d:
ef:9b:93:fd:55:d6:67:07:e7:55:f6:51:23:2a:06:7d:a3:3d:
1c:4b:44:55:ff:b8:db:42:e3:18:d9:74:b0:5c:29:61:05:15:
c8:8c:9d:05:09:b8:31:63:aa:86:6d:e5:69:4f:b9:af:ca:39:
f1:97:a4:d3:5d:98:c9:4f:ca:22:11:0d:ba:96:a1:e0:73:16:
7f:ba:ee:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJgnr1UuBJNWxJxkdJfLdN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQxMDA2MDY1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg3M2VjNjc3MDA2MzViMDhiZjdhMDkwYjAwN2YyNTNiZDhjMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCLB8z+CmSX0ZhnUJBLJOKNk+u4Q
hXwe+8CwumcXRgC6mMuRMFasjPUJDCIaDgSUCwYyoAr0To+OWYdIee286l6P1ng6
I8HP979DRMRhCvOg2JzRAHuOxQ/D/GYucx1YfR9ipvEMV82YtpB6qVfQW2bTYYEg
7RxFkENBDQ+j6zzbAdXluNogYe39GniyNDDwIy/iroorJ+rJa7ztr7fRcZQcHdpU
44N5y57b+q9q1ha/BE3uVUFtDOwXCtn1ZQlQF2FydpSU1lpqHmzjWVvb6gcYZxuL
cZV3SIelR7cbRG+GB1a2oYCtV/KMedZsH2XO389cxrOsaYCsUC8alTU9twIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFmHPsZ3AGNbCL96CQsAfyU72MGzMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvV1ljLXhuY0FZMXNJdjNvSkN3Ql9KVHZZd2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAky0tAwQB
welwAwQAwemGAwQBwen+MA0GCSqGSIb3DQEBCwUAA4IBAQCUTapO+2BbqK6cDdpb
lMzeXrURiMgcKVPUenTX1MVXcr+16W8+QLHwKjg2FBbNYKHrAz4iWfFu7EWMX7rt
V/4ppMKnBSWvvA0dSZpwfUedE+/FXFyhb7KtmpOwwsJ1S8SHiSf4wVV2smPHeTMS
qeNF+7hJHn+joDxpBl48V6+zxdeNh1RjAsmDNLFLka8Yi2ydbBJE8ucPt2ewK9VT
cCIT/cOp3+RGHzmS+HO/LXfoCE9M/l3vm5P9VdZnB+dV9lEjKgZ9oz0cS0RV/7jb
QuMY2XSwXClhBRXIjJ0FCbgxY6qGbeVpT7mvyjnxl6TTXZjJT8oiEQ26lqHgcxZ/
uu4A
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:33:58 2024 by rpki-client on console-fra.rpki-client.org