Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/wMM18iw6KfsEVoeHTtSD5WWQwOQ.roa
File: wMM18iw6KfsEVoeHTtSD5WWQwOQ.roa (raw, json)
Hash identifier: ih+qjUlzKnvY0xlgJk6MLglwCxDR+s2wz9psc98Ad2s=
Subject key identifier: C0:C3:35:F2:2C:3A:29:FB:04:56:87:87:4E:D4:83:E5:65:90:C0:E4
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC42456F9ADB88DA46C6386405904617D
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/wMM18iw6KfsEVoeHTtSD5WWQwOQ.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59930
IP address blocks: 91.108.12.0/22 maxlen: 22
149.154.172.0/22 maxlen: 22
2001:b28:f23d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:56:f9:ad:b8:8d:a4:6c:63:86:40:59:04:61:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0c335f22c3a29fb045687874ed483e56590c0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:30:5e:e1:10:8b:c7:48:82:10:37:7b:e8:bf:
6f:ed:a2:ad:9b:7a:e1:52:ca:a4:88:0c:a5:74:2b:
13:3c:2e:df:29:f7:ae:da:42:21:28:0d:f0:03:d3:
e6:60:24:f8:87:56:46:4b:c6:50:a4:be:de:d7:5d:
57:57:c1:1c:0a:34:18:37:1f:bc:fd:23:92:20:22:
58:0c:a4:ad:e6:ad:a8:b5:9b:e8:96:6d:29:c6:70:
38:fe:b4:c8:ac:d0:07:e4:92:23:ee:32:19:4f:fc:
66:44:50:4d:ae:2c:76:3a:68:a3:7a:a6:9d:35:9c:
eb:ad:b2:ee:bd:af:b0:78:09:c2:42:d3:a9:c8:dc:
43:29:10:7f:4b:8c:14:b1:86:34:c6:91:c1:aa:a5:
6e:2f:29:f9:68:9b:ba:a1:1f:0d:65:45:9d:35:b4:
cf:d1:95:77:09:a1:3e:0c:c3:e1:cf:cd:e4:d8:7d:
de:3e:80:f5:cc:7b:da:c6:65:f3:33:7a:b5:a7:60:
38:51:f4:24:86:ad:fb:41:13:de:b4:89:72:e5:bc:
d7:f9:97:b4:c5:f5:24:4d:b3:0f:86:4f:a8:8f:b8:
21:80:31:e1:82:14:19:94:95:a3:47:9c:87:1e:76:
ae:61:b3:02:6c:89:21:f7:6a:fa:29:6a:47:3e:72:
76:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C3:35:F2:2C:3A:29:FB:04:56:87:87:4E:D4:83:E5:65:90:C0:E4
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/wMM18iw6KfsEVoeHTtSD5WWQwOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.12.0/22
149.154.172.0/22
IPv6:
2001:b28:f23d::/48
Signature Algorithm: sha256WithRSAEncryption
b4:b5:8d:e8:31:4d:dc:88:a9:75:d5:c7:53:68:14:20:7e:a0:
97:b0:60:1f:a7:7a:28:48:fc:cc:a9:c4:0b:f7:3b:9c:2a:34:
e9:b3:ce:e0:1f:51:22:9d:26:e5:a6:ff:d8:9c:94:c1:c9:2f:
dd:e8:c8:8a:08:e5:03:5a:f7:d4:22:2f:23:05:02:df:f9:4a:
c2:3e:2e:c1:c7:44:18:4e:da:22:95:33:84:59:ab:e6:5f:9f:
0a:00:e0:db:3d:dc:43:95:3c:9e:2c:de:bd:96:38:a5:c7:ff:
8e:73:84:be:7c:77:16:ea:94:ae:f4:bd:9b:e2:21:46:af:f4:
20:e5:2b:53:a2:d2:89:9d:57:e8:1c:f1:b7:f4:2c:f7:56:8f:
68:41:5c:34:49:16:d4:75:8f:0a:2c:fa:3c:ee:25:63:1d:fd:
0f:18:84:89:4e:94:5c:14:8e:87:2f:5b:31:8c:c7:f3:29:a6:
7d:7a:69:e5:f8:e5:59:94:77:84:86:ef:ac:e1:bc:86:5b:42:
ce:4e:c8:f1:04:73:b7:ed:ea:f4:1c:f4:f2:86:11:cf:76:32:
ad:ff:b1:f5:c0:a8:f9:61:17:40:57:5d:2b:38:7e:44:92:04:
4b:1a:4a:23:2e:ba:89:11:c8:b8:93:f2:ba:85:c5:b8:8d:37:
82:81:21:2e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJFb5rbiNpGxjhkBZBGF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMzMzVmMjJjM2EyOWZiMDQ1Njg3ODc0ZWQ0ODNlNTY1OTBjMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTBe4RCLx0iCEDd76L9v7aKtm3rh
UsqkiAyldCsTPC7fKfeu2kIhKA3wA9PmYCT4h1ZGS8ZQpL7e111XV8EcCjQYNx+8
/SOSICJYDKSt5q2otZvolm0pxnA4/rTIrNAH5JIj7jIZT/xmRFBNrix2Omijeqad
NZzrrbLuva+weAnCQtOpyNxDKRB/S4wUsYY0xpHBqqVuLyn5aJu6oR8NZUWdNbTP
0ZV3CaE+DMPhz83k2H3ePoD1zHvaxmXzM3q1p2A4UfQkhq37QRPetIly5bzX+Ze0
xfUkTbMPhk+oj7ghgDHhghQZlJWjR5yHHnauYbMCbIkh92r6KWpHPnJ2rQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMDDNfIsOin7BFaHh07Ug+VlkMDkMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvd01NMThpdzZLZnNFVm9lSFR0U0Q1V1dRd09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW2wMAwQC
lZqsMA8EAgACMAkDBwAgAQso8j0wDQYJKoZIhvcNAQELBQADggEBALS1jegxTdyI
qXXVx1NoFCB+oJewYB+neihI/MypxAv3O5wqNOmzzuAfUSKdJuWm/9iclMHJL93o
yIoI5QNa99QiLyMFAt/5SsI+LsHHRBhO2iKVM4RZq+ZfnwoA4Ns93EOVPJ4s3r2W
OKXH/45zhL58dxbqlK70vZviIUav9CDlK1Oi0omdV+gc8bf0LPdWj2hBXDRJFtR1
jwos+jzuJWMd/Q8YhIlOlFwUjocvWzGMx/Mppn16aeX45VmUd4SG76zhvIZbQs5O
yPEEc7ft6vQc9PKGEc92Mq3/sfXAqPlhF0BXXSs4fkSSBEsaSiMuuokRyLiT8rqF
xbiNN4KBIS4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:02:54 2024 by rpki-client on console-ams.rpki-client.org