Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/WfyIx_aAibcIEzp9Gdk36nwTUdU.roa
File: WfyIx_aAibcIEzp9Gdk36nwTUdU.roa (raw, json)
Hash identifier: bj3DUQ/27CkQjgP4qNj0urWul7BNnBRYWqBydpjpHlY=
Subject key identifier: 59:FC:88:C7:F6:80:89:B7:08:13:3A:7D:19:D9:37:EA:7C:13:51:D5
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018EA02E7DE36B0240C626CA8B40C61DD789
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/WfyIx_aAibcIEzp9Gdk36nwTUdU.roa
Signing time: Tue 02 Apr 2024 18:59:45 +0000
ROA not before: Tue 02 Apr 2024 18:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134351
IP address blocks: 195.206.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:2e:7d:e3:6b:02:40:c6:26:ca:8b:40:c6:1d:d7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Apr 2 18:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59fc88c7f68089b708133a7d19d937ea7c1351d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:46:74:39:09:2b:fa:16:f5:45:52:27:35:
0c:78:d5:83:a3:0d:77:00:6b:d3:73:ff:3d:5c:f3:
ef:99:53:ad:45:69:2b:e1:01:f8:8d:35:10:5b:43:
07:8e:76:5a:22:d8:5d:4c:25:36:5d:2f:ac:89:fc:
af:62:34:ba:a0:d4:26:32:36:21:93:ef:a0:4f:30:
bd:5f:22:51:c2:27:54:b0:c7:13:8e:56:b9:a2:e3:
45:7c:e6:80:fa:8b:7f:0e:b3:d6:db:50:f1:50:c3:
72:e5:e6:0d:8b:0a:6a:74:94:98:aa:57:a2:44:a1:
5d:07:82:b2:75:70:33:4e:9c:9f:71:ed:57:68:07:
3e:ee:dc:28:c3:7f:d2:72:3d:a9:57:45:56:9d:85:
79:0b:0d:4f:13:e0:e5:22:77:9e:37:fa:97:b2:e5:
8f:e6:8b:90:a2:1e:12:27:3e:4a:16:03:48:3f:a5:
53:9e:2f:14:86:98:f8:41:59:ba:26:ad:ee:ce:73:
85:33:35:af:c3:19:61:91:9f:f2:0c:c9:0a:dc:8a:
dc:87:47:88:14:66:7e:d6:3c:7f:8f:98:c7:05:25:
2f:48:59:65:80:ad:02:62:2a:56:54:f0:b3:89:ee:
56:14:81:3f:02:9b:ef:f2:c4:83:f1:73:e2:0f:66:
86:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FC:88:C7:F6:80:89:B7:08:13:3A:7D:19:D9:37:EA:7C:13:51:D5
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/WfyIx_aAibcIEzp9Gdk36nwTUdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.206.110.0/24
Signature Algorithm: sha256WithRSAEncryption
51:9e:a5:6a:62:30:5c:24:8b:63:c2:ab:6a:4c:70:3b:08:e3:
3b:6e:a0:65:7f:ca:22:9a:0a:34:c2:fa:5c:54:c4:05:4c:ed:
4f:ad:1d:63:df:38:44:51:6d:0d:8e:d8:78:27:02:19:92:24:
09:ef:ec:41:2d:65:f5:76:ab:44:51:25:cf:81:ba:31:57:01:
df:f4:c9:65:8c:48:1d:03:29:1e:e0:60:bd:d2:ce:5d:03:d3:
4f:44:00:d1:c3:39:2a:1d:0f:d9:73:c2:b4:db:62:4a:25:1a:
0b:de:b5:9c:54:da:90:00:99:4d:70:26:7a:ba:17:49:98:e1:
df:ef:b0:64:ee:7b:02:8e:b6:01:16:b6:bf:ed:56:b7:ed:4e:
6c:52:7c:6c:bd:4e:a3:39:e9:fe:45:70:2a:fa:dc:a6:82:e6:
e0:14:f1:a8:60:f6:64:43:ad:f5:ca:1a:7a:59:8d:38:6d:cd:
c1:99:f7:11:c9:0c:d0:48:da:a6:de:cc:dc:90:49:18:cc:18:
27:88:24:6e:aa:08:62:0d:47:20:de:b1:8f:10:69:45:44:d8:
bd:5c:1a:cc:82:25:b2:4f:3b:f3:7a:44:a4:3e:5f:5d:2c:dd:
75:62:0a:40:a3:5f:c9:52:bd:e1:4b:30:ba:fb:20:92:26:68:
80:5f:77:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6gLn3jawJAxibKi0DGHdeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwNDAyMTg1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZjODhjN2Y2ODA4OWI3MDgxMzNhN2QxOWQ5MzdlYTdjMTM1MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTZGdDkJK/oW9UVSJzUMeNWDow13
AGvTc/89XPPvmVOtRWkr4QH4jTUQW0MHjnZaIthdTCU2XS+sifyvYjS6oNQmMjYh
k++gTzC9XyJRwidUsMcTjla5ouNFfOaA+ot/DrPW21DxUMNy5eYNiwpqdJSYqlei
RKFdB4KydXAzTpyfce1XaAc+7twow3/Scj2pV0VWnYV5Cw1PE+DlIneeN/qXsuWP
5ouQoh4SJz5KFgNIP6VTni8Uhpj4QVm6Jq3uznOFMzWvwxlhkZ/yDMkK3Irch0eI
FGZ+1jx/j5jHBSUvSFllgK0CYipWVPCzie5WFIE/Apvv8sSD8XPiD2aGFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn8iMf2gIm3CBM6fRnZN+p8E1HVMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvV2Z5SXhfYUFpYmNJRXpwOUdkazM2bndUVWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw85uMA0G
CSqGSIb3DQEBCwUAA4IBAQBRnqVqYjBcJItjwqtqTHA7COM7bqBlf8oimgo0wvpc
VMQFTO1PrR1j3zhEUW0Njth4JwIZkiQJ7+xBLWX1dqtEUSXPgboxVwHf9MlljEgd
Ayke4GC90s5dA9NPRADRwzkqHQ/Zc8K022JKJRoL3rWcVNqQAJlNcCZ6uhdJmOHf
77Bk7nsCjrYBFra/7Va37U5sUnxsvU6jOen+RXAq+tymgubgFPGoYPZkQ631yhp6
WY04bc3BmfcRyQzQSNqm3szckEkYzBgniCRuqghiDUcg3rGPEGlFRNi9XBrMgiWy
TzvzekSkPl9dLN11YgpAo1/JUr3hSzC6+yCSJmiAX3fJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:44:21 2024 by rpki-client on console-ams.rpki-client.org