Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa
File: CWBWvEaltc5P41O91weClTDZJCs.roa (raw, json)
Hash identifier: vfN+sgvJctPv7X5Jnqif5QFOqIPZEWIg0AQtQT4eYGg=
Subject key identifier: 09:60:56:BC:46:A5:B5:CE:4F:E3:53:BD:D7:07:82:95:30:D9:24:2B
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018CF398B61B7901A8072CE5ABE2A465157B
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa
Signing time: Wed 10 Jan 2024 13:38:40 +0000
ROA not before: Wed 10 Jan 2024 13:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 157.97.123.0/24 maxlen: 24
62.100.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:98:b6:1b:79:01:a8:07:2c:e5:ab:e2:a4:65:15:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 10 13:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=096056bc46a5b5ce4fe353bdd707829530d9242b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:86:ba:99:60:d9:14:d0:0b:32:6f:42:6d:a2:
37:d6:20:37:24:23:e3:f1:23:58:05:7f:d7:e9:ff:
6a:72:73:50:55:90:a8:a8:49:ce:1e:ae:b7:18:fb:
2d:84:f3:ea:d6:65:02:29:d8:5a:88:a7:1a:f7:be:
ba:26:b5:df:1d:31:35:ab:eb:52:9d:a5:0f:64:c1:
5b:a8:d7:80:72:1c:94:00:ab:7f:68:80:0e:22:9c:
3b:bc:ee:bc:9f:83:4a:eb:a4:93:1f:98:b5:42:ad:
a3:3a:79:69:21:bf:fb:7e:1e:23:dd:f2:dc:b2:fd:
8b:a6:29:db:1c:bd:27:d4:67:a6:ef:29:0a:e9:83:
e4:f7:8d:78:6b:fc:8b:4d:94:bb:94:c5:04:e8:30:
6a:a8:32:00:68:97:c0:70:12:a8:86:ad:b6:13:b3:
64:5d:a2:ae:bd:88:05:de:51:59:8a:3a:14:92:a7:
d6:fe:7c:fa:da:e9:9e:ec:1d:5d:40:0b:d2:01:e4:
af:4f:58:7d:c2:09:20:90:12:d8:d0:56:14:16:f5:
6b:b3:22:65:34:85:04:51:6e:20:55:8d:27:0b:2a:
23:45:b9:a4:9f:3f:71:01:c6:c5:dd:61:f5:7c:7c:
73:23:92:f1:69:c9:b9:2e:bb:ee:e8:6b:ad:24:14:
ec:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:60:56:BC:46:A5:B5:CE:4F:E3:53:BD:D7:07:82:95:30:D9:24:2B
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.210.0/24
157.97.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d8:22:9f:72:df:9d:03:ba:06:83:76:a8:6c:51:1b:56:d9:
3a:e6:e5:f7:27:74:88:67:9b:be:81:eb:d5:1e:3b:09:2c:da:
f7:e9:48:2f:4f:97:5d:aa:06:27:5e:72:90:c6:e2:13:f9:cf:
eb:c4:09:d8:51:4c:a8:76:8b:c5:d2:e4:06:88:5c:56:d6:d6:
e1:9b:88:d2:72:77:fa:c8:7e:4d:25:cf:27:3b:e5:96:ea:62:
97:74:7c:98:46:1b:2f:e7:78:35:cf:ca:1f:0d:28:f0:b4:58:
17:24:e0:fd:d0:9a:20:ea:47:84:81:79:c0:38:60:0a:7b:dc:
eb:ef:ec:13:88:ee:c9:54:6c:19:1d:b5:ec:d5:65:bb:58:87:
2a:b1:8c:f8:17:19:5f:a5:88:9f:39:82:f1:d6:f2:57:ae:fd:
1c:cc:93:a8:ac:a8:b5:93:cd:7f:7f:f0:1f:0c:f2:f8:48:9f:
09:56:43:0b:99:ff:6f:b6:93:c8:c0:58:11:aa:20:57:71:29:
a5:a7:09:64:25:56:1c:8a:b3:74:47:72:08:88:28:8b:98:2b:
5c:46:87:72:ab:30:7c:52:8c:04:fc:a9:c6:df:61:96:ca:ee:
87:bf:e6:ea:f5:63:1f:ee:ba:12:6f:9c:b8:91:32:af:fa:95:
71:74:62:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzzmLYbeQGoByzlq+KkZRV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTEwMTMzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYwNTZiYzQ2YTViNWNlNGZlMzUzYmRkNzA3ODI5NTMwZDkyNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoa6mWDZFNALMm9CbaI31iA3JCPj
8SNYBX/X6f9qcnNQVZCoqEnOHq63GPsthPPq1mUCKdhaiKca9766JrXfHTE1q+tS
naUPZMFbqNeAchyUAKt/aIAOIpw7vO68n4NK66STH5i1Qq2jOnlpIb/7fh4j3fLc
sv2LpinbHL0n1Gem7ykK6YPk9414a/yLTZS7lMUE6DBqqDIAaJfAcBKohq22E7Nk
XaKuvYgF3lFZijoUkqfW/nz62ume7B1dQAvSAeSvT1h9wgkgkBLY0FYUFvVrsyJl
NIUEUW4gVY0nCyojRbmknz9xAcbF3WH1fHxzI5Lxacm5Lrvu6GutJBTsswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAlgVrxGpbXOT+NTvdcHgpUw2SQrMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvQ1dCV3ZFYWx0YzVQNDFPOTF3ZUNsVERaSkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPmTSAwQA
nWF7MA0GCSqGSIb3DQEBCwUAA4IBAQAr2CKfct+dA7oGg3aobFEbVtk65uX3J3SI
Z5u+gevVHjsJLNr36UgvT5ddqgYnXnKQxuIT+c/rxAnYUUyodovF0uQGiFxW1tbh
m4jScnf6yH5NJc8nO+WW6mKXdHyYRhsv53g1z8ofDSjwtFgXJOD90Jog6keEgXnA
OGAKe9zr7+wTiO7JVGwZHbXs1WW7WIcqsYz4FxlfpYifOYLx1vJXrv0czJOorKi1
k81/f/AfDPL4SJ8JVkMLmf9vtpPIwFgRqiBXcSmlpwlkJVYcirN0R3IIiCiLmCtc
RodyqzB8UowE/KnG32GWyu6Hv+bq9WMf7roSb5y4kTKv+pVxdGLB
-----END CERTIFICATE-----
Generated at Fri May 3 01:08:02 2024 by rpki-client on console-ams.rpki-client.org