Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/wCt_HKw0qJtassiVC1WFWbrvWu0.roa
File: wCt_HKw0qJtassiVC1WFWbrvWu0.roa (raw, json)
Hash identifier: 8whIjVr6ci0hNSgfSadK1zUotvSnQaaAPVbf980znsQ=
Subject key identifier: C0:2B:7F:1C:AC:34:A8:9B:5A:B2:C8:95:0B:55:85:59:BA:EF:5A:ED
Certificate issuer: /CN=53a125890a4af092455abc7bb5abfe48cd852c06
Certificate serial: 018D9D3439BAFDC71B61A6421FE73CDF9555
Authority key identifier: 53:A1:25:89:0A:4A:F0:92:45:5A:BC:7B:B5:AB:FE:48:CD:85:2C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6EliQpK8JJFWrx7tav-SM2FLAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/wCt_HKw0qJtassiVC1WFWbrvWu0.roa
Signing time: Mon 12 Feb 2024 12:04:21 +0000
ROA not before: Mon 12 Feb 2024 12:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201869
IP address blocks: 156.51.150.0/23 maxlen: 23
156.51.152.0/21 maxlen: 21
156.51.160.0/19 maxlen: 19
156.51.192.0/21 maxlen: 21
156.51.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/U6EliQpK8JJFWrx7tav-SM2FLAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/U6EliQpK8JJFWrx7tav-SM2FLAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/U6EliQpK8JJFWrx7tav-SM2FLAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:34:39:ba:fd:c7:1b:61:a6:42:1f:e7:3c:df:95:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a125890a4af092455abc7bb5abfe48cd852c06
Validity
Not Before: Feb 12 12:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c02b7f1cac34a89b5ab2c8950b558559baef5aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:af:e2:9a:be:4d:39:e7:40:10:c4:41:08:
2c:e3:e4:41:31:5c:d0:f6:45:8d:62:4a:84:c4:b0:
7d:6d:e0:ae:4e:fd:d1:49:9f:53:be:e5:4d:b2:14:
27:68:c2:4d:75:43:ae:29:9e:5f:86:21:4a:33:1c:
a6:2b:1d:9e:cf:86:67:db:52:c4:42:cd:df:ed:d9:
d1:64:62:d6:7f:ad:55:d5:5b:fb:a4:ff:bf:af:8a:
e9:26:da:90:6b:01:c2:e3:e3:a5:df:eb:75:22:9c:
99:10:df:6c:92:6a:3a:34:2f:45:70:32:b3:3b:c0:
b7:fc:31:ec:34:77:d8:3b:6f:bf:d1:58:0e:08:74:
ab:af:27:82:87:37:63:f4:91:60:f4:d6:a7:b0:48:
a7:b3:c5:c3:4d:11:41:d5:f8:86:3c:1c:df:28:10:
6e:44:6d:8e:e4:99:54:a0:06:21:7c:a6:3f:3a:9a:
dd:b3:86:cd:40:9f:d6:b1:bb:26:1e:bf:70:88:d3:
c5:7a:d5:73:52:4d:35:43:f7:d7:c3:17:77:69:13:
5d:a0:21:29:4e:35:ce:c3:05:7c:51:19:7e:37:2e:
d0:66:f6:e7:12:9f:74:a9:e5:da:32:f1:83:8f:07:
42:b0:2c:e8:df:9e:25:9e:e6:05:17:c5:e1:a5:7d:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2B:7F:1C:AC:34:A8:9B:5A:B2:C8:95:0B:55:85:59:BA:EF:5A:ED
X509v3 Authority Key Identifier:
keyid:53:A1:25:89:0A:4A:F0:92:45:5A:BC:7B:B5:AB:FE:48:CD:85:2C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6EliQpK8JJFWrx7tav-SM2FLAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/wCt_HKw0qJtassiVC1WFWbrvWu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/U6EliQpK8JJFWrx7tav-SM2FLAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.51.150.0-156.51.200.255
Signature Algorithm: sha256WithRSAEncryption
b0:eb:f3:ef:92:7d:36:f2:28:94:62:77:08:31:a9:e6:dc:12:
e2:52:aa:c6:9b:f8:68:69:35:74:fb:4b:3a:51:74:7a:4a:f3:
29:70:96:63:0c:f3:1d:ad:04:1a:35:4e:69:00:ec:51:6b:aa:
df:f9:88:9f:2c:25:5d:99:58:93:6d:ae:51:c0:b8:43:3c:36:
c3:ec:22:ea:f1:2a:75:58:42:a9:96:a3:92:cc:05:d7:b9:2e:
55:ba:96:bd:a2:e1:86:f3:01:1d:7d:d6:d0:9e:c6:1e:4c:17:
f8:9c:40:ee:12:90:c9:75:9d:4a:9e:ed:61:0b:8a:aa:be:be:
47:28:89:d3:39:66:4f:ef:24:f6:c8:44:1b:e4:a4:5e:3f:e9:
33:98:ab:4d:2e:b4:ce:0c:63:9e:a3:aa:57:5c:c6:4b:9b:22:
eb:12:11:ec:8c:9b:e8:97:85:cc:3b:8a:af:9b:8e:d6:27:d6:
bc:b8:f8:8e:5e:de:2c:ef:c8:1b:45:a8:90:ed:b4:15:a8:5b:
66:b4:f7:94:39:ee:be:8e:4d:bb:f8:75:71:8a:a9:da:58:51:
89:6b:8f:58:09:c8:1d:05:ab:3f:35:e0:4f:05:e3:65:0f:55:
f7:1a:1a:4c:ec:13:eb:02:b8:f6:8b:4e:ce:f3:bd:5c:c5:e7:
89:3a:0a:32
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2dNDm6/ccbYaZCH+c835VVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTEyNTg5MGE0YWYwOTI0NTVhYmM3YmI1YWJmZTQ4Y2Q4
NTJjMDYwHhcNMjQwMjEyMTIwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDJiN2YxY2FjMzRhODliNWFiMmM4OTUwYjU1ODU1OWJhZWY1YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Cv4pq+TTnnQBDEQQgs4+RBMVzQ
9kWNYkqExLB9beCuTv3RSZ9TvuVNshQnaMJNdUOuKZ5fhiFKMxymKx2ez4Zn21LE
Qs3f7dnRZGLWf61V1Vv7pP+/r4rpJtqQawHC4+Ol3+t1IpyZEN9skmo6NC9FcDKz
O8C3/DHsNHfYO2+/0VgOCHSrryeChzdj9JFg9NansEins8XDTRFB1fiGPBzfKBBu
RG2O5JlUoAYhfKY/Oprds4bNQJ/WsbsmHr9wiNPFetVzUk01Q/fXwxd3aRNdoCEp
TjXOwwV8URl+Ny7QZvbnEp90qeXaMvGDjwdCsCzo354lnuYFF8XhpX0u6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMArfxysNKibWrLIlQtVhVm671rtMB8GA1UdIwQY
MBaAFFOhJYkKSvCSRVq8e7Wr/kjNhSwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZFbGlRcEs4SkpGV3J4N3Rhdi1TTTJGTEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82MmZmNzEtYzRmMi00OTI5LTg4OTkt
YzM4MzMwY2JkOTY1LzEvd0N0X0hLdzBxSnRhc3NpVkMxV0ZXYnJ2V3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82MmZmNzEtYzRmMi00OTI5LTg4OTktYzM4MzMwY2JkOTY1
LzEvVTZFbGlRcEs4SkpGV3J4N3Rhdi1TTTJGTEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGcM5YD
BACcM8gwDQYJKoZIhvcNAQELBQADggEBALDr8++SfTbyKJRidwgxqebcEuJSqsab
+GhpNXT7SzpRdHpK8ylwlmMM8x2tBBo1TmkA7FFrqt/5iJ8sJV2ZWJNtrlHAuEM8
NsPsIurxKnVYQqmWo5LMBde5LlW6lr2i4YbzAR191tCexh5MF/icQO4SkMl1nUqe
7WELiqq+vkcoidM5Zk/vJPbIRBvkpF4/6TOYq00utM4MY56jqldcxkubIusSEeyM
m+iXhcw7iq+bjtYn1ry4+I5e3izvyBtFqJDttBWoW2a095Q57r6OTbv4dXGKqdpY
UYlrj1gJyB0Fqz814E8F42UPVfcaGkzsE+sCuPaLTs7zvVzF54k6CjI=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:43:59 2024 by rpki-client on console-fra.rpki-client.org