Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/Wu4ZjQNwCguoOSFe6U6xElaLUcI.roa
File: Wu4ZjQNwCguoOSFe6U6xElaLUcI.roa (raw, json)
Hash identifier: zycLtPSuexOm8dfk3Cl/LEOroWRG6+HyAW/EmTJ/2nc=
Subject key identifier: 5A:EE:19:8D:03:70:0A:0B:A8:39:21:5E:E9:4E:B1:12:56:8B:51:C2
Certificate issuer: /CN=31cb00d2f84401810c3200b52fa388e93651ddf3
Certificate serial: 018DA788793E9E976B789DEBDD3408C557BE
Authority key identifier: 31:CB:00:D2:F8:44:01:81:0C:32:00:B5:2F:A3:88:E9:36:51:DD:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/McsA0vhEAYEMMgC1L6OI6TZR3fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/Wu4ZjQNwCguoOSFe6U6xElaLUcI.roa
Signing time: Wed 14 Feb 2024 12:12:35 +0000
ROA not before: Wed 14 Feb 2024 12:12:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44651
IP address blocks: 85.159.48.0/21 maxlen: 21
93.92.56.0/21 maxlen: 21
178.21.48.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/McsA0vhEAYEMMgC1L6OI6TZR3fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/McsA0vhEAYEMMgC1L6OI6TZR3fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/McsA0vhEAYEMMgC1L6OI6TZR3fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:88:79:3e:9e:97:6b:78:9d:eb:dd:34:08:c5:57:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31cb00d2f84401810c3200b52fa388e93651ddf3
Validity
Not Before: Feb 14 12:12:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aee198d03700a0ba839215ee94eb112568b51c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:29:54:0f:a9:c9:01:5d:a1:a7:af:e5:63:19:
e9:60:bb:59:6a:3b:95:a6:d4:7e:e0:64:82:b7:a6:
54:47:22:2d:b4:77:8f:42:98:68:d9:fe:25:2b:0b:
83:f0:a4:e9:bf:4f:89:12:91:87:2a:04:88:1d:c0:
d0:50:72:8f:c4:7e:b2:80:07:4c:66:79:69:73:9c:
e1:3f:59:ab:27:d9:ae:cd:a7:0c:48:95:1b:54:a5:
d3:c1:07:7d:8e:50:ed:f5:49:7e:1f:b2:3e:a8:4d:
1c:16:02:6e:85:6e:d2:59:8e:fc:a9:5c:5c:91:3a:
46:7b:09:b8:0d:b3:18:4b:31:97:f6:1e:ff:62:78:
54:3c:86:57:56:08:ab:e0:b0:22:4b:6a:56:d4:88:
28:a0:d0:4b:d3:a0:44:8b:a0:6c:a8:02:66:a6:e9:
aa:81:1a:5b:3e:30:be:7c:9e:4e:9e:d2:50:21:d9:
64:24:51:88:0e:14:f7:20:b1:5e:ed:f4:aa:c5:76:
38:f5:c1:12:21:2f:b9:b9:68:c7:fe:c0:aa:d3:89:
ec:e5:4d:45:9f:5f:00:ce:fb:6b:06:0f:45:4d:16:
c9:30:fc:8b:72:9c:b3:34:f5:57:54:c4:4d:a0:12:
f0:11:4f:5f:96:0c:0a:39:53:5e:b6:02:2f:03:4e:
68:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:EE:19:8D:03:70:0A:0B:A8:39:21:5E:E9:4E:B1:12:56:8B:51:C2
X509v3 Authority Key Identifier:
keyid:31:CB:00:D2:F8:44:01:81:0C:32:00:B5:2F:A3:88:E9:36:51:DD:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/McsA0vhEAYEMMgC1L6OI6TZR3fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/Wu4ZjQNwCguoOSFe6U6xElaLUcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/McsA0vhEAYEMMgC1L6OI6TZR3fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.48.0/21
93.92.56.0/21
178.21.48.0/21
Signature Algorithm: sha256WithRSAEncryption
63:ff:2c:25:b7:17:44:2e:cb:e8:7a:c3:3c:d0:1c:df:54:ad:
96:ac:e0:66:17:b4:d2:a4:a0:6c:81:7f:be:ed:53:0b:74:7e:
48:a2:6b:34:c6:c6:01:30:8f:77:c9:e2:f6:83:7b:f1:33:1e:
a1:ee:3e:1e:28:d3:b8:4a:a4:23:4a:6f:7c:e0:52:87:2d:1d:
ad:4c:c3:02:be:ba:8f:b0:63:f3:5e:ea:c9:2f:d9:c7:29:21:
06:51:82:c5:17:30:c0:13:10:d2:0c:d0:26:7d:2b:db:7c:a8:
26:6d:5b:8e:3d:cd:da:02:2e:83:c4:ab:b4:bb:d6:d4:0b:86:
91:d0:0c:4b:3a:22:45:2e:14:ae:a3:5b:5b:16:fa:7e:e4:0d:
25:61:6a:be:1c:7a:df:e7:6d:c6:05:b0:8f:93:41:a1:8f:b1:
bf:cf:dd:cc:c8:fe:30:c7:ee:2e:5e:2b:46:3e:55:a3:3b:1f:
b0:1c:d5:40:7f:5e:1f:b1:5b:28:fb:19:94:13:69:73:fc:ec:
96:26:24:e0:ad:b0:f7:48:53:87:db:c5:f7:76:62:37:fd:aa:
62:23:3b:c3:3f:11:86:df:19:58:0e:6f:b8:64:96:2e:e6:91:
81:bc:6d:6f:76:6c:7e:d4:28:cd:4d:84:96:39:db:32:6d:b7:
f9:0c:47:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2niHk+npdreJ3r3TQIxVe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxY2IwMGQyZjg0NDAxODEwYzMyMDBiNTJmYTM4OGU5MzY1
MWRkZjMwHhcNMjQwMjE0MTIxMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWVlMTk4ZDAzNzAwYTBiYTgzOTIxNWVlOTRlYjExMjU2OGI1MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgilUD6nJAV2hp6/lYxnpYLtZajuV
ptR+4GSCt6ZURyIttHePQpho2f4lKwuD8KTpv0+JEpGHKgSIHcDQUHKPxH6ygAdM
Znlpc5zhP1mrJ9muzacMSJUbVKXTwQd9jlDt9Ul+H7I+qE0cFgJuhW7SWY78qVxc
kTpGewm4DbMYSzGX9h7/YnhUPIZXVgir4LAiS2pW1IgooNBL06BEi6BsqAJmpumq
gRpbPjC+fJ5OntJQIdlkJFGIDhT3ILFe7fSqxXY49cESIS+5uWjH/sCq04ns5U1F
n18AzvtrBg9FTRbJMPyLcpyzNPVXVMRNoBLwEU9flgwKOVNetgIvA05oNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFruGY0DcAoLqDkhXulOsRJWi1HCMB8GA1UdIwQY
MBaAFDHLANL4RAGBDDIAtS+jiOk2Ud3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNzQTB2aEVBWUVNTWdDMUw2T0k2VFpSM2ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZTk1MTktZmY2MS00Njc5LTkwMTUt
ODBlNDI3NTk2YjVkLzEvV3U0WmpRTndDZ3VvT1NGZTZVNnhFbGFMVWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZTk1MTktZmY2MS00Njc5LTkwMTUtODBlNDI3NTk2YjVk
LzEvTWNzQTB2aEVBWUVNTWdDMUw2T0k2VFpSM2ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVZ8wAwQD
XVw4AwQDshUwMA0GCSqGSIb3DQEBCwUAA4IBAQBj/ywltxdELsvoesM80BzfVK2W
rOBmF7TSpKBsgX++7VMLdH5Ioms0xsYBMI93yeL2g3vxMx6h7j4eKNO4SqQjSm98
4FKHLR2tTMMCvrqPsGPzXurJL9nHKSEGUYLFFzDAExDSDNAmfSvbfKgmbVuOPc3a
Ai6DxKu0u9bUC4aR0AxLOiJFLhSuo1tbFvp+5A0lYWq+HHrf523GBbCPk0Ghj7G/
z93MyP4wx+4uXitGPlWjOx+wHNVAf14fsVso+xmUE2lz/OyWJiTgrbD3SFOH28X3
dmI3/apiIzvDPxGG3xlYDm+4ZJYu5pGBvG1vdmx+1CjNTYSWOdsybbf5DEf+
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:07 2024 by rpki-client on console-ams.rpki-client.org