Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WRx8zJvL4HmBP1QLy3TFtAFsV64.roa
File: WRx8zJvL4HmBP1QLy3TFtAFsV64.roa (raw, json)
Hash identifier: 9J3OZlf8I6DhNfjk9aVlrcR6bzedetDI1qkl2qF+X2g=
Subject key identifier: 59:1C:7C:CC:9B:CB:E0:79:81:3F:54:0B:CB:74:C5:B4:01:6C:57:AE
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E2C71DA20D309D3DDDD4CC7F90592
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WRx8zJvL4HmBP1QLy3TFtAFsV64.roa
Signing time: Tue 02 Jan 2024 08:33:12 +0000
ROA not before: Tue 02 Jan 2024 08:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 152.89.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 19:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2c:71:da:20:d3:09:d3:dd:dd:4c:c7:f9:05:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=591c7ccc9bcbe079813f540bcb74c5b4016c57ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:8c:11:70:4f:61:a3:f8:46:b7:2e:5b:82:
79:63:00:85:ab:bc:1e:53:ba:25:da:47:cd:b7:66:
e3:05:3b:48:f1:52:dd:df:a3:7e:f4:e5:3c:0d:c0:
80:b5:ed:00:2f:89:d8:ff:88:50:3f:15:b4:0c:f5:
0a:5f:31:34:ca:c7:3d:ce:bc:ab:ed:4d:42:40:3d:
41:32:2e:95:f7:ab:9b:8f:0d:2a:08:05:a8:19:ec:
ba:39:2a:72:b5:4a:47:0a:d2:e3:e6:07:1e:53:77:
2b:28:b0:5d:ae:5e:8d:9d:8c:3f:6d:04:ef:1c:0a:
8c:37:d5:24:48:77:a0:f7:7b:b8:49:ef:2a:5d:ef:
0e:0e:b2:2f:ab:6b:99:e6:56:f6:dd:c8:55:d7:a7:
04:95:83:68:d0:9a:0c:2a:2a:42:7a:1f:9e:0d:78:
33:3a:f0:8d:00:4a:f6:cf:8e:52:5c:78:36:02:20:
eb:76:4b:04:33:d0:94:cd:82:82:9c:c1:58:97:aa:
0c:2f:25:e4:31:71:cb:a9:0b:be:3c:b6:ce:41:ed:
81:85:5e:8e:57:17:f4:76:13:d5:b4:6c:04:a7:77:
b3:61:5d:98:73:a2:7d:e6:68:48:d5:f8:ee:a5:8f:
c6:21:74:67:77:9b:cf:8a:18:bb:c0:0a:6d:27:24:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:1C:7C:CC:9B:CB:E0:79:81:3F:54:0B:CB:74:C5:B4:01:6C:57:AE
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WRx8zJvL4HmBP1QLy3TFtAFsV64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c5:f7:be:10:ff:d3:11:67:0e:2c:4a:41:94:1e:3a:09:af:
95:0e:6b:07:3b:e1:bc:c7:84:b5:60:1b:c4:08:b1:3e:e5:a3:
8c:89:f1:87:8f:d7:e7:e0:b9:47:4d:13:2c:cc:0c:fb:00:75:
2f:f4:f5:0e:0e:09:31:be:78:62:d2:12:b2:43:33:7f:48:2b:
d5:b1:63:92:4b:47:a6:3d:68:63:58:c2:1f:a6:72:3c:ba:13:
07:1f:f8:66:7d:be:23:89:01:ca:64:3a:05:ce:8f:16:1d:ad:
45:ac:1c:28:ef:3a:cc:8c:2f:c5:b3:55:ad:5e:f2:30:db:33:
a2:79:4e:7b:ef:04:34:fb:01:ac:0c:24:5d:c0:df:c0:ef:7f:
da:d6:a1:00:96:97:d6:c7:9e:3d:3b:4e:e1:51:0c:19:4b:5a:
2d:6b:80:c5:d6:0e:9c:b2:f0:41:26:6f:09:f0:b3:92:44:85:
0c:fd:6f:94:76:c6:79:73:c3:b5:9a:2d:01:b2:0a:24:54:04:
c4:c2:02:af:49:2c:08:b6:7b:bc:32:72:01:b0:d7:94:c8:f1:
b7:ea:d0:81:76:17:7f:35:47:4d:f5:75:80:2f:94:6a:e3:f4:
72:55:ab:7a:61:d0:b0:0a:a5:4e:f9:3a:49:08:dd:83:89:04:
c5:90:d1:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTixx2iDTCdPd3UzH+QWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTFjN2NjYzliY2JlMDc5ODEzZjU0MGJjYjc0YzViNDAxNmM1N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIeMEXBPYaP4RrcuW4J5YwCFq7we
U7ol2kfNt2bjBTtI8VLd36N+9OU8DcCAte0AL4nY/4hQPxW0DPUKXzE0ysc9zryr
7U1CQD1BMi6V96ubjw0qCAWoGey6OSpytUpHCtLj5gceU3crKLBdrl6NnYw/bQTv
HAqMN9UkSHeg93u4Se8qXe8ODrIvq2uZ5lb23chV16cElYNo0JoMKipCeh+eDXgz
OvCNAEr2z45SXHg2AiDrdksEM9CUzYKCnMFYl6oMLyXkMXHLqQu+PLbOQe2BhV6O
Vxf0dhPVtGwEp3ezYV2Yc6J95mhI1fjupY/GIXRnd5vPihi7wAptJyT/VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFkcfMyby+B5gT9UC8t0xbQBbFeuMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvV1J4OHpKdkw0SG1CUDFRTHkzVEZ0QUZzVjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFn9MA0G
CSqGSIb3DQEBCwUAA4IBAQAtxfe+EP/TEWcOLEpBlB46Ca+VDmsHO+G8x4S1YBvE
CLE+5aOMifGHj9fn4LlHTRMszAz7AHUv9PUODgkxvnhi0hKyQzN/SCvVsWOSS0em
PWhjWMIfpnI8uhMHH/hmfb4jiQHKZDoFzo8WHa1FrBwo7zrMjC/Fs1WtXvIw2zOi
eU577wQ0+wGsDCRdwN/A73/a1qEAlpfWx549O07hUQwZS1ota4DF1g6csvBBJm8J
8LOSRIUM/W+UdsZ5c8O1mi0BsgokVATEwgKvSSwItnu8MnIBsNeUyPG36tCBdhd/
NUdN9XWAL5Rq4/RyVat6YdCwCqVO+TpJCN2DiQTFkNH5
-----END CERTIFICATE-----
Generated at Mon May 6 22:55:45 2024 by rpki-client on console-ams.rpki-client.org