Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa
File: wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa (raw, json)
Hash identifier: lAiJhWx0wurckxT2qRPZ3VnuL/y7ExpbY0azLy30Nd0=
Subject key identifier: C0:B5:D8:C1:C6:82:0C:88:DE:42:EF:69:15:70:FE:F4:F1:3F:C4:5E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7951F6EB53FF9EBB9B92830AB378514
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa
Signing time: Tue 02 Jan 2024 00:31:28 +0000
ROA not before: Tue 02 Jan 2024 00:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2895
IP address blocks: 147.45.194.0/23 maxlen: 23
147.45.0.0/19 maxlen: 19
147.45.32.0/23 maxlen: 23
193.233.0.0/22 maxlen: 22
193.233.4.0/24 maxlen: 24
193.233.10.0/23 maxlen: 23
147.45.64.0/24 maxlen: 24
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1f:6e:b5:3f:f9:eb:b9:b9:28:30:ab:37:85:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0b5d8c1c6820c88de42ef691570fef4f13fc45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:39:1b:40:0c:a3:44:3a:b3:98:28:fe:1b:d8:
b8:74:fb:20:2c:88:b3:80:73:9b:a4:83:0a:17:7c:
61:e9:80:2d:d7:f0:25:75:2e:03:3a:2d:9c:63:de:
61:94:22:16:19:79:67:0c:2a:30:a4:29:79:0d:79:
9e:30:0a:e8:60:16:1b:e9:84:fe:a4:c5:82:1a:4b:
9f:c8:17:cb:83:c8:06:36:b7:26:4c:71:d2:63:85:
e9:98:da:a3:7e:42:b1:f2:bf:c6:9d:4b:67:7d:b1:
3f:1b:9a:f2:19:88:f8:3e:8b:83:1e:5e:b2:f2:03:
23:28:d7:8c:79:26:c3:b7:00:6b:cd:8d:bf:8c:4e:
98:a8:6b:34:d9:e4:f1:c4:93:4e:18:4e:b1:56:d0:
bb:ff:47:df:77:89:34:c3:4e:f8:d2:da:84:07:82:
08:45:d8:1c:85:d1:87:9b:54:70:fc:96:81:4a:2b:
de:dc:ac:8e:d0:99:99:38:aa:38:83:86:d8:a3:cd:
50:f5:96:a6:a1:bc:14:39:54:70:a4:f3:a9:66:bb:
90:2e:e0:b3:72:7e:f6:61:38:08:30:8a:ba:15:4e:
fb:49:ae:ff:e9:7c:49:c4:3c:b9:ef:4a:6f:2a:69:
89:80:86:ce:91:8b:73:59:54:02:be:e9:97:ff:f0:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B5:D8:C1:C6:82:0C:88:DE:42:EF:69:15:70:FE:F4:F1:3F:C4:5E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0-147.45.33.255
147.45.64.0/24
147.45.194.0/23
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
6d:30:68:d0:ea:86:8f:a2:be:20:68:be:2b:d0:51:e3:18:35:
f7:a4:2c:bb:a7:c2:b7:d0:eb:7f:86:32:31:40:68:bd:b2:f1:
f1:d4:65:cf:a7:af:dd:7d:9e:80:b3:57:4a:65:e5:01:4c:0d:
90:f0:3e:ee:ba:4d:9c:10:3e:c4:f7:b6:7e:b7:f0:57:06:db:
54:79:e5:02:a1:96:0e:63:6d:c0:85:10:a1:92:a4:3c:b8:70:
66:b7:16:a6:93:b0:b1:07:c7:6e:7a:a4:a6:a8:54:0a:e1:d8:
7f:23:c9:d4:5e:3a:52:52:11:0e:86:52:c2:12:5b:e1:e3:b9:
70:6d:26:5f:11:77:cd:76:df:dc:f7:a2:b7:d9:41:27:1e:84:
ce:01:80:9b:1a:65:2c:b9:10:52:23:2d:3e:bc:9b:9a:0f:61:
13:f7:94:b1:10:da:27:54:be:d0:d3:d7:37:24:44:f3:2f:d9:
bb:e8:76:e5:b6:3c:a4:c0:3e:cf:63:e4:dc:df:a5:a1:9c:ee:
e9:6b:31:28:8e:22:03:ea:8e:3f:4c:51:70:29:f8:84:58:a6:
de:82:60:38:7b:1d:d7:db:ee:eb:72:1d:c0:e1:1a:c2:be:9b:
34:cb:5f:cc:5a:38:54:8e:44:ce:40:be:c7:b2:74:41:51:11:
59:98:7a:97
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzHlR9utT/567m5KDCrN4UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI1ZDhjMWM2ODIwYzg4ZGU0MmVmNjkxNTcwZmVmNGYxM2ZjNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozkbQAyjRDqzmCj+G9i4dPsgLIiz
gHObpIMKF3xh6YAt1/AldS4DOi2cY95hlCIWGXlnDCowpCl5DXmeMAroYBYb6YT+
pMWCGkufyBfLg8gGNrcmTHHSY4XpmNqjfkKx8r/GnUtnfbE/G5ryGYj4PouDHl6y
8gMjKNeMeSbDtwBrzY2/jE6YqGs02eTxxJNOGE6xVtC7/0ffd4k0w0740tqEB4II
RdgchdGHm1Rw/JaBSive3KyO0JmZOKo4g4bYo81Q9ZamobwUOVRwpPOpZruQLuCz
cn72YTgIMIq6FU77Sa7/6XxJxDy570pvKmmJgIbOkYtzWVQCvumX//AkvwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMC12MHGggyI3kLvaRVw/vTxP8ReMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvd0xYWXdjYUNESWplUXU5cEZYRC05UEVfeEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAsDAwCTLQME
AZMtIAMEAJMtQAMEAZMtwjALAwMAwekDBADB6QQDBADB6QgDBAHB6QowDQQCAAIw
BwMFACABBkAwDQYJKoZIhvcNAQELBQADggEBAG0waNDqho+iviBovivQUeMYNfek
LLunwrfQ63+GMjFAaL2y8fHUZc+nr919noCzV0pl5QFMDZDwPu66TZwQPsT3tn63
8FcG21R55QKhlg5jbcCFEKGSpDy4cGa3FqaTsLEHx256pKaoVArh2H8jydReOlJS
EQ6GUsISW+HjuXBtJl8Rd81239z3orfZQScehM4BgJsaZSy5EFIjLT68m5oPYRP3
lLEQ2idUvtDT1zckRPMv2bvoduW2PKTAPs9j5NzfpaGc7ulrMSiOIgPqjj9MUXAp
+IRYpt6CYDh7Hdfb7utyHcDhGsK+mzTLX8xaOFSORM5AvseydEFREVmYepc=
-----END CERTIFICATE-----
Generated at Sun May 5 00:16:14 2024 by rpki-client on console-ams.rpki-client.org