Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/WC0IhePnuYF6VVL6XwRCSsy3Ic0.roa
File: WC0IhePnuYF6VVL6XwRCSsy3Ic0.roa (raw, json)
Hash identifier: fj3x+THA3nzZlF7xD2mrVhA7oRwgzF2bUbQRcAhfGl0=
Subject key identifier: 58:2D:08:85:E3:E7:B9:81:7A:55:52:FA:5F:04:42:4A:CC:B7:21:CD
Certificate issuer: /CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Certificate serial: 01917431BE5B95AD4E15718F54A707E030C9
Authority key identifier: AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/WC0IhePnuYF6VVL6XwRCSsy3Ic0.roa
Signing time: Wed 21 Aug 2024 09:08:22 +0000
ROA not before: Wed 21 Aug 2024 09:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 45.91.33.0/24 maxlen: 24
45.91.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:31:be:5b:95:ad:4e:15:71:8f:54:a7:07:e0:30:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Validity
Not Before: Aug 21 09:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=582d0885e3e7b9817a5552fa5f04424accb721cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:d7:5c:d6:9e:5d:c0:f7:eb:c6:f7:28:a8:
cc:f5:bd:7b:30:cd:83:4a:14:cd:18:a5:67:d1:3c:
88:a4:b7:ba:00:59:c3:c0:09:62:2e:65:4e:7e:06:
0a:95:d7:45:d4:c3:54:b7:1f:5f:85:1a:28:3a:d5:
6a:1b:3a:81:12:31:00:a0:99:fd:a4:d9:8d:38:ed:
38:15:31:4e:f0:03:6b:e3:27:2a:19:1e:ca:69:57:
d2:6a:07:e4:65:76:ec:ad:6d:e5:90:71:34:e0:55:
44:6f:3a:0d:43:59:46:0a:7e:16:f6:6d:02:d9:44:
cf:7e:f3:4c:03:6d:61:d3:ff:91:09:aa:9a:db:c0:
3c:2e:67:da:c7:68:67:62:70:02:ef:64:bf:00:e0:
e2:64:63:ea:f0:21:41:ef:23:17:ff:22:c7:d3:57:
b6:f2:6c:57:e9:31:c0:4b:71:7f:dc:96:19:04:78:
8d:5f:d9:ae:93:bb:49:aa:07:f7:30:28:ba:0f:06:
19:c2:ff:0b:c3:3e:da:5f:2c:9f:fb:10:d2:37:f6:
6f:49:1f:d1:93:c6:92:f8:ee:ea:41:84:59:51:60:
1f:a5:ac:cc:dc:39:6c:67:a3:0b:50:e8:6a:07:ee:
cf:55:e4:60:c3:e1:8c:73:85:df:54:c8:f1:4a:9b:
9a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2D:08:85:E3:E7:B9:81:7A:55:52:FA:5F:04:42:4A:CC:B7:21:CD
X509v3 Authority Key Identifier:
keyid:AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/WC0IhePnuYF6VVL6XwRCSsy3Ic0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.33.0/24
45.91.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:eb:a4:b0:b4:14:2b:02:0d:75:e3:a9:34:d0:62:ac:5c:85:
a3:8b:e4:ca:a6:2c:30:ff:e7:a3:bf:e0:d2:62:b8:2b:5f:8f:
35:ab:ca:07:9b:b9:50:a7:5b:6b:d5:43:fd:2c:cb:f0:36:55:
f1:08:7f:9b:36:70:a7:5c:31:d7:81:5a:ff:a9:34:3e:62:e0:
04:b0:52:e7:c0:75:77:6e:9f:55:64:a8:ca:5c:f0:40:87:2f:
a1:5f:28:84:1e:92:8b:59:44:15:39:fc:cc:d9:57:bf:6b:7c:
d3:09:35:4c:ed:08:a6:a5:18:57:19:1b:0d:eb:ae:11:8b:04:
0b:ee:95:89:e8:d5:ce:64:63:fd:de:a0:36:b4:71:d7:8b:57:
e7:5d:3e:93:32:c1:97:c7:d3:06:a1:4e:9a:d4:39:a1:54:4d:
ae:76:cd:f2:e1:08:c0:72:92:9f:b4:71:3c:7e:b7:68:96:30:
e8:f7:18:fb:3a:37:89:48:b4:be:fa:2a:f1:85:f5:9f:5a:79:
e6:8f:bc:d8:ba:58:ee:42:31:7b:4f:98:44:ea:8b:79:a8:93:
a3:18:01:e0:14:0a:b1:6f:a4:7b:4e:a5:61:7c:e8:43:32:89:
df:10:32:a7:88:ba:a2:d0:be:f1:e4:1a:56:a5:2f:f2:b7:6d:
50:38:da:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF0Mb5bla1OFXGPVKcH4DDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWMyZTc0YzZkNDZjYzczYzk4YTRjMTYwODdhOGEzYjNh
NmY3NTkwHhcNMjQwODIxMDkwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODJkMDg4NWUzZTdiOTgxN2E1NTUyZmE1ZjA0NDI0YWNjYjcyMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQXXXNaeXcD368b3KKjM9b17MM2D
ShTNGKVn0TyIpLe6AFnDwAliLmVOfgYKlddF1MNUtx9fhRooOtVqGzqBEjEAoJn9
pNmNOO04FTFO8ANr4ycqGR7KaVfSagfkZXbsrW3lkHE04FVEbzoNQ1lGCn4W9m0C
2UTPfvNMA21h0/+RCaqa28A8Lmfax2hnYnAC72S/AODiZGPq8CFB7yMX/yLH01e2
8mxX6THAS3F/3JYZBHiNX9muk7tJqgf3MCi6DwYZwv8Lwz7aXyyf+xDSN/ZvSR/R
k8aS+O7qQYRZUWAfpazM3DlsZ6MLUOhqB+7PVeRgw+GMc4XfVMjxSpuarwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFgtCIXj57mBelVS+l8EQkrMtyHNMB8GA1UdIwQY
MBaAFK1cLnTG1GzHPJikwWCHqKOzpvdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjkt
Y2VjODkzMWNlNjMxLzEvV0MwSWhlUG51WUY2VlZMNlh3UkNTc3kzSWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjktY2VjODkzMWNlNjMx
LzEvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVshAwQA
LVsjMA0GCSqGSIb3DQEBCwUAA4IBAQAL66SwtBQrAg1146k00GKsXIWji+TKpiww
/+ejv+DSYrgrX481q8oHm7lQp1tr1UP9LMvwNlXxCH+bNnCnXDHXgVr/qTQ+YuAE
sFLnwHV3bp9VZKjKXPBAhy+hXyiEHpKLWUQVOfzM2Ve/a3zTCTVM7QimpRhXGRsN
664RiwQL7pWJ6NXOZGP93qA2tHHXi1fnXT6TMsGXx9MGoU6a1DmhVE2uds3y4QjA
cpKftHE8frdoljDo9xj7OjeJSLS++irxhfWfWnnmj7zYuljuQjF7T5hE6ot5qJOj
GAHgFAqxb6R7TqVhfOhDMonfEDKniLqi0L7x5BpWpS/yt21QONpK
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:34:53 2024 by rpki-client on console-fra.rpki-client.org