Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/wbLK2otOAOyzqZHvZaDlxU_limI.roa
File: wbLK2otOAOyzqZHvZaDlxU_limI.roa (raw, json)
Hash identifier: jZG2FIe8Cqc3kMm6MvmUaKFRAVrURERRn8nYL8Ih564=
Subject key identifier: C1:B2:CA:DA:8B:4E:00:EC:B3:A9:91:EF:65:A0:E5:C5:4F:E5:8A:62
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 018CC94DA7F955C0CAECB6DD45144E14D3B0
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/wbLK2otOAOyzqZHvZaDlxU_limI.roa
Signing time: Tue 02 Jan 2024 08:32:38 +0000
ROA not before: Tue 02 Jan 2024 08:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 193.151.94.0/24 maxlen: 24
195.8.103.0/24 maxlen: 24
91.240.19.0/24 maxlen: 24
91.240.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a7:f9:55:c0:ca:ec:b6:dd:45:14:4e:14:d3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 2 08:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1b2cada8b4e00ecb3a991ef65a0e5c54fe58a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:72:87:31:f8:22:6e:83:f3:24:f5:c9:e7:2b:
67:09:b1:5f:8c:1c:6d:3f:f0:cc:ca:db:8c:fc:72:
35:14:b5:55:a7:44:9e:f4:ff:cc:71:82:80:99:7a:
fa:0b:dd:ed:9b:c7:03:fb:ea:47:c4:94:01:99:5f:
7b:b5:f7:8c:b3:f6:a4:61:bf:4a:bb:01:0c:bf:c4:
65:0c:75:8b:52:a6:a4:7c:36:c5:c5:a2:3a:ab:09:
d4:0a:86:1a:cf:66:d5:f6:98:4b:fb:9e:ec:0d:a6:
03:74:9f:26:e5:df:67:ff:0b:59:fb:6b:79:ec:89:
e8:9c:e0:1e:57:dd:a9:46:48:10:fd:21:3e:43:f8:
3c:1f:5d:dc:c7:5c:e9:f1:ff:cf:80:0a:ff:74:a5:
f8:9f:fb:ac:47:22:1d:6b:e1:0f:0a:80:66:0f:00:
5c:e9:9f:57:77:bd:2c:ea:8d:82:3f:54:ae:c5:47:
8f:15:7c:1d:e2:77:b3:d6:2d:0c:43:0c:cb:39:9a:
92:34:71:99:7e:9a:f2:01:31:cd:ea:a1:f7:17:9a:
12:61:c8:d8:79:b5:56:2f:fa:53:f8:e2:69:e3:de:
cc:f3:62:e5:55:c3:20:09:f1:5b:19:9a:5a:05:92:
40:4b:96:9f:91:2e:78:d8:8a:d2:72:d6:b1:a0:21:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B2:CA:DA:8B:4E:00:EC:B3:A9:91:EF:65:A0:E5:C5:4F:E5:8A:62
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/wbLK2otOAOyzqZHvZaDlxU_limI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.18.0/23
193.151.94.0/24
195.8.103.0/24
Signature Algorithm: sha256WithRSAEncryption
49:4c:38:54:04:b2:60:3e:18:31:b3:5a:33:dc:22:d5:63:b5:
5d:f3:66:0c:5f:6f:e3:c0:c9:52:9b:b1:82:c1:3f:0c:bd:da:
42:51:ca:a5:6f:7d:47:bb:71:00:54:ac:31:ac:b9:65:b2:cc:
ac:1b:96:37:ba:f7:f9:6c:e7:a0:35:eb:77:47:98:a7:1f:c2:
11:d9:75:35:71:9e:8a:6a:c0:36:93:be:b7:25:32:d6:88:b5:
b3:c6:6d:84:99:ca:97:06:68:2e:1e:35:ef:db:e4:6b:ff:00:
e4:d9:47:74:aa:96:27:c4:fa:33:2c:7d:64:c9:bc:60:5e:76:
db:ef:21:9c:b8:6f:34:9d:f6:92:a3:1b:fd:e7:8b:d4:53:a3:
22:ae:f8:1f:b9:b4:56:73:74:87:1a:7c:fa:90:c5:fb:76:3b:
23:82:e4:ab:91:b4:3e:89:18:57:1f:7a:f8:97:93:cc:1c:b5:
d0:cf:46:ca:16:ac:e3:98:ba:1c:74:e6:7d:25:34:09:de:3c:
03:d4:90:47:5a:f4:68:74:ac:72:ee:d2:e1:43:97:bc:11:f5:
e5:b6:ae:2b:a4:3d:8a:92:9c:d0:30:43:68:b0:1a:f6:6b:53:
10:32:e1:20:60:0e:47:8b:d6:02:bf:55:d9:cd:eb:4f:ab:bc:
76:30:9d:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTaf5VcDK7LbdRRROFNOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGNjNzc2YjJiZjU5NWJmNGIzZTYwYmJhNDI0NWYwMTIw
YTIxNzYwHhcNMjQwMTAyMDgzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIyY2FkYThiNGUwMGVjYjNhOTkxZWY2NWEwZTVjNTRmZTU4YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHKHMfgiboPzJPXJ5ytnCbFfjBxt
P/DMytuM/HI1FLVVp0Se9P/McYKAmXr6C93tm8cD++pHxJQBmV97tfeMs/akYb9K
uwEMv8RlDHWLUqakfDbFxaI6qwnUCoYaz2bV9phL+57sDaYDdJ8m5d9n/wtZ+2t5
7InonOAeV92pRkgQ/SE+Q/g8H13cx1zp8f/PgAr/dKX4n/usRyIda+EPCoBmDwBc
6Z9Xd70s6o2CP1SuxUePFXwd4nez1i0MQwzLOZqSNHGZfpryATHN6qH3F5oSYcjY
ebVWL/pT+OJp497M82LlVcMgCfFbGZpaBZJAS5afkS542IrSctaxoCG/uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMGyytqLTgDss6mR72Wg5cVP5YpiMB8GA1UdIwQY
MBaAFHXcx3ayv1lb9LPmC7pCRfASCiF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQt
NjQ1NDAyMDVlY2Y0LzEvd2JMSzJvdE9BT3l6cVpIdlphRGx4VV9saW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQtNjQ1NDAyMDVlY2Y0
LzEvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/ASAwQA
wZdeAwQAwwhnMA0GCSqGSIb3DQEBCwUAA4IBAQBJTDhUBLJgPhgxs1oz3CLVY7Vd
82YMX2/jwMlSm7GCwT8MvdpCUcqlb31Hu3EAVKwxrLllssysG5Y3uvf5bOegNet3
R5inH8IR2XU1cZ6KasA2k763JTLWiLWzxm2EmcqXBmguHjXv2+Rr/wDk2Ud0qpYn
xPozLH1kybxgXnbb7yGcuG80nfaSoxv954vUU6MirvgfubRWc3SHGnz6kMX7djsj
guSrkbQ+iRhXH3r4l5PMHLXQz0bKFqzjmLocdOZ9JTQJ3jwD1JBHWvRodKxy7tLh
Q5e8EfXltq4rpD2KkpzQMENosBr2a1MQMuEgYA5Hi9YCv1XZzetPq7x2MJ33
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:57 2024 by rpki-client on console-fra.rpki-client.org