Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/WzNvFfKw6XvNQgdpa-KEF_iCdws.roa
File: WzNvFfKw6XvNQgdpa-KEF_iCdws.roa (raw, json)
Hash identifier: fxamaJboZXZYwPtZHF70xTjaytnyADJSL6lWP7ARrYE=
Subject key identifier: 5B:33:6F:15:F2:B0:E9:7B:CD:42:07:69:6B:E2:84:17:F8:82:77:0B
Certificate issuer: /CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Certificate serial: 018F76676C3C3CF7BBBFE60E6759B25E40AD
Authority key identifier: 2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/WzNvFfKw6XvNQgdpa-KEF_iCdws.roa
Signing time: Tue 14 May 2024 09:20:40 +0000
ROA not before: Tue 14 May 2024 09:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57118
IP address blocks: 185.72.236.0/23 maxlen: 23
185.95.216.0/22 maxlen: 24
2a05:fc80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:67:6c:3c:3c:f7:bb:bf:e6:0e:67:59:b2:5e:40:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Validity
Not Before: May 14 09:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b336f15f2b0e97bcd4207696be28417f882770b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:1e:16:ba:40:c1:0a:c6:94:a2:80:e6:ee:
88:83:a2:ed:7a:fa:22:65:4b:f4:4f:36:3a:38:a6:
db:52:d0:1c:d0:52:fd:d8:59:98:cc:8e:7a:f0:06:
87:ea:56:41:0e:9b:a6:d2:ed:7b:a1:66:a3:c7:37:
39:b1:fd:a2:91:1a:bb:6d:9f:64:cd:85:cb:c1:a3:
2f:ed:1d:2c:9a:ec:fc:ba:73:0d:b4:0d:16:78:96:
38:0f:ef:76:4e:c5:21:87:0c:29:17:56:da:0e:9f:
e7:c2:ea:88:84:f1:a1:a3:4b:b4:b3:49:d5:61:2b:
dc:68:1c:40:02:28:65:dd:98:1f:2f:84:e1:3f:06:
47:8d:e9:b9:93:e3:ca:b4:27:ab:e1:57:99:4a:1b:
5d:d8:35:2b:63:7d:40:17:38:74:e8:db:e2:a4:97:
0a:83:70:f7:87:b6:7d:af:a4:8f:fb:51:3c:84:b6:
59:99:eb:6a:a5:43:bb:c8:ea:c7:c4:85:61:67:80:
e6:b1:f2:97:50:05:54:43:56:8c:93:3a:c9:ba:5c:
12:46:a5:49:72:c4:8c:87:19:f3:0e:aa:6f:db:9c:
65:50:ba:83:49:eb:1d:7b:41:9a:61:6d:70:cd:49:
dc:16:cd:69:fc:20:88:38:96:19:a2:fb:d0:37:e9:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:33:6F:15:F2:B0:E9:7B:CD:42:07:69:6B:E2:84:17:F8:82:77:0B
X509v3 Authority Key Identifier:
keyid:2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/WzNvFfKw6XvNQgdpa-KEF_iCdws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.236.0/23
185.95.216.0/22
IPv6:
2a05:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
ba:b4:5e:06:5d:b4:04:81:e0:66:d9:97:73:70:dd:ba:3f:6d:
5b:94:af:b5:bd:27:0d:02:96:d8:b9:7e:61:cf:67:4f:8e:36:
18:35:50:6c:6a:46:dd:2a:65:b1:bb:b0:ec:52:d3:ec:71:1f:
17:87:2a:11:46:44:51:17:df:8b:9e:96:04:15:d0:e3:2f:3d:
07:4d:b2:0d:b5:8b:5c:12:82:bd:65:fd:eb:5c:c0:fc:95:8d:
e0:81:87:e0:9b:a6:fb:1e:c9:0b:e0:a1:f7:11:33:6b:6e:a7:
57:c0:74:25:b6:45:4b:a7:53:3b:5d:36:dc:1b:1f:aa:0b:b6:
63:db:51:c4:66:4f:b3:9c:1c:6c:75:70:1b:b1:d8:18:78:5a:
04:07:8c:8a:03:7e:4c:d4:95:ae:27:f0:1d:43:1f:de:97:3a:
8d:ed:0d:0b:de:24:6c:f0:cc:83:f3:c9:56:0a:d0:96:69:a1:
7a:77:3f:e3:9c:db:11:a3:04:01:b9:95:8d:a5:de:a0:47:4b:
cc:dd:c7:fe:67:7c:6d:99:f7:76:4b:fb:b9:42:32:54:43:9f:
f5:e3:79:63:a7:6a:e3:d6:11:0a:85:f8:d2:cb:c6:c2:df:35:
68:57:fd:a1:a3:f3:77:9a:48:da:26:12:b3:ef:c0:05:64:71:
60:42:3b:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY92Z2w8PPe7v+YOZ1myXkCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMGNjNDYzMDFjOGIxZmQ0NjM5MjkzMDE4ZmJhNTM2NTNh
MjY1YjIwHhcNMjQwNTE0MDkyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjMzNmYxNWYyYjBlOTdiY2Q0MjA3Njk2YmUyODQxN2Y4ODI3NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/seFrpAwQrGlKKA5u6Ig6Ltevoi
ZUv0TzY6OKbbUtAc0FL92FmYzI568AaH6lZBDpum0u17oWajxzc5sf2ikRq7bZ9k
zYXLwaMv7R0smuz8unMNtA0WeJY4D+92TsUhhwwpF1baDp/nwuqIhPGho0u0s0nV
YSvcaBxAAihl3ZgfL4ThPwZHjem5k+PKtCer4VeZShtd2DUrY31AFzh06NvipJcK
g3D3h7Z9r6SP+1E8hLZZmetqpUO7yOrHxIVhZ4DmsfKXUAVUQ1aMkzrJulwSRqVJ
csSMhxnzDqpv25xlULqDSesde0GaYW1wzUncFs1p/CCIOJYZovvQN+ljhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFszbxXysOl7zUIHaWvihBf4gncLMB8GA1UdIwQY
MBaAFCoMxGMByLH9RjkpMBj7pTZTomWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzIt
MmJiNTU5N2EyNDM1LzEvV3pOdkZmS3c2WHZOUWdkcGEtS0VGX2lDZHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzItMmJiNTU5N2EyNDM1
LzEvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuUjsAwQC
uV/YMA0EAgACMAcDBQMqBfyAMA0GCSqGSIb3DQEBCwUAA4IBAQC6tF4GXbQEgeBm
2ZdzcN26P21blK+1vScNApbYuX5hz2dPjjYYNVBsakbdKmWxu7DsUtPscR8XhyoR
RkRRF9+LnpYEFdDjLz0HTbINtYtcEoK9Zf3rXMD8lY3ggYfgm6b7HskL4KH3ETNr
bqdXwHQltkVLp1M7XTbcGx+qC7Zj21HEZk+znBxsdXAbsdgYeFoEB4yKA35M1JWu
J/AdQx/elzqN7Q0L3iRs8MyD88lWCtCWaaF6dz/jnNsRowQBuZWNpd6gR0vM3cf+
Z3xtmfd2S/u5QjJUQ5/143ljp2rj1hEKhfjSy8bC3zVoV/2ho/N3mkjaJhKz78AF
ZHFgQjs7
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:17:57 2024 by rpki-client on console-ams.rpki-client.org