Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wbomfPUy19klEDGB4NC2OIGSel4.roa
File: wbomfPUy19klEDGB4NC2OIGSel4.roa (raw, json)
Hash identifier: RipwjABoDGmBYvT4ggpPgjGIuYq/TuMZurNU8JmTWl4=
Subject key identifier: C1:BA:26:7C:F5:32:D7:D9:25:10:31:81:E0:D0:B6:38:81:92:7A:5E
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E2DFF47B819C33BF0864878A8C296
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wbomfPUy19klEDGB4NC2OIGSel4.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23422
IP address blocks: 152.89.252.0/24 maxlen: 24
45.10.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2d:ff:47:b8:19:c3:3b:f0:86:48:78:a8:c2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1ba267cf532d7d925103181e0d0b63881927a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ed:f3:d1:9c:e1:34:ad:59:b2:c1:d5:4d:6f:
37:66:b2:17:2c:c3:88:4e:ce:4a:5a:cf:f8:c8:a1:
23:46:32:af:68:17:53:5f:4c:b7:ee:84:4f:f1:7a:
37:f6:43:d3:52:80:ff:40:e7:3e:f2:01:e4:2d:81:
5c:a7:e8:b0:10:94:82:20:fe:33:a2:2c:66:78:86:
58:df:22:cc:f7:67:78:1d:84:b7:b8:78:5d:0e:9b:
cd:aa:eb:f0:b5:7b:7d:6f:f4:23:f3:8b:d8:ba:84:
4e:60:a8:87:c6:35:bb:19:af:0f:68:2e:6c:51:e9:
65:a0:70:3c:e3:c3:a9:33:d7:9d:0d:0e:74:1b:93:
f5:dd:50:90:06:8f:66:ef:87:d3:c1:f3:39:7b:0a:
d5:06:cd:dc:7c:9d:92:70:79:1f:cc:dc:33:af:27:
c5:40:47:f8:86:5b:27:46:52:42:4a:7a:47:90:f7:
e7:81:14:c3:2c:a3:67:89:08:bf:fd:b0:5b:97:38:
d2:2a:85:12:77:9c:7d:da:ca:5b:95:16:6d:5d:d3:
3b:c4:de:c8:d8:de:da:24:0b:ac:a8:00:09:58:ff:
e5:bd:6a:2a:4f:06:fc:3b:2a:8d:0b:41:18:21:97:
39:87:7c:be:8d:75:29:81:da:0b:92:cc:d5:d5:d7:
68:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BA:26:7C:F5:32:D7:D9:25:10:31:81:E0:D0:B6:38:81:92:7A:5E
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wbomfPUy19klEDGB4NC2OIGSel4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.21.0/24
152.89.252.0/24
Signature Algorithm: sha256WithRSAEncryption
44:90:06:e4:e2:8e:57:ed:40:c7:b1:de:da:bb:8c:84:ce:fd:
cd:bf:83:0d:f3:c4:2d:60:d2:19:df:a1:ed:a4:59:92:cd:24:
09:36:6e:53:28:aa:e2:a2:3c:44:ef:ad:bc:00:08:99:c3:8c:
30:4f:64:58:76:33:40:47:fc:f1:a8:23:4c:ee:c2:46:ba:16:
44:bd:15:8b:6e:ca:3d:22:44:50:1b:c6:a5:e6:d6:71:df:98:
19:01:04:85:60:8f:eb:91:db:40:8e:2c:5a:91:01:b5:82:b9:
66:18:87:a7:64:6a:78:75:47:cf:00:ec:61:c9:5d:cd:7a:a0:
4b:a9:c6:bc:a2:2e:57:d8:95:31:9a:6f:03:63:bc:8b:df:b4:
2e:73:95:31:eb:cd:0a:17:45:f7:de:7b:d4:15:82:ba:62:56:
71:2b:34:10:a4:fd:76:2d:c3:1c:28:da:4f:7e:ab:6a:4f:75:
0f:b1:3e:3d:45:7b:7a:e9:5e:f1:f7:66:1b:6d:a3:c3:fe:bf:
68:23:e3:73:d0:aa:58:00:37:5c:0a:58:47:b2:0e:b1:fd:c6:
d3:f3:dd:f2:c1:6d:e6:45:a5:09:7c:ff:9a:23:db:18:b8:7e:
59:1e:19:15:56:96:c0:0b:4f:c4:39:00:b4:d9:82:71:56:a6:
ec:86:ce:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTi3/R7gZwzvwhkh4qMKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWJhMjY3Y2Y1MzJkN2Q5MjUxMDMxODFlMGQwYjYzODgxOTI3YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO3z0ZzhNK1ZssHVTW83ZrIXLMOI
Ts5KWs/4yKEjRjKvaBdTX0y37oRP8Xo39kPTUoD/QOc+8gHkLYFcp+iwEJSCIP4z
oixmeIZY3yLM92d4HYS3uHhdDpvNquvwtXt9b/Qj84vYuoROYKiHxjW7Ga8PaC5s
UelloHA848OpM9edDQ50G5P13VCQBo9m74fTwfM5ewrVBs3cfJ2ScHkfzNwzryfF
QEf4hlsnRlJCSnpHkPfngRTDLKNniQi//bBblzjSKoUSd5x92spblRZtXdM7xN7I
2N7aJAusqAAJWP/lvWoqTwb8OyqNC0EYIZc5h3y+jXUpgdoLkszV1ddobQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMG6Jnz1MtfZJRAxgeDQtjiBknpeMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvd2JvbWZQVXkxOWtsRURHQjROQzJPSUdTZWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQoVAwQA
mFn8MA0GCSqGSIb3DQEBCwUAA4IBAQBEkAbk4o5X7UDHsd7au4yEzv3Nv4MN88Qt
YNIZ36HtpFmSzSQJNm5TKKriojxE7628AAiZw4wwT2RYdjNAR/zxqCNM7sJGuhZE
vRWLbso9IkRQG8al5tZx35gZAQSFYI/rkdtAjixakQG1grlmGIenZGp4dUfPAOxh
yV3NeqBLqca8oi5X2JUxmm8DY7yL37Quc5Ux680KF0X33nvUFYK6YlZxKzQQpP12
LcMcKNpPfqtqT3UPsT49RXt66V7x92YbbaPD/r9oI+Nz0KpYADdcClhHsg6x/cbT
893ywW3mRaUJfP+aI9sYuH5ZHhkVVpbAC0/EOQC02YJxVqbshs70
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org