Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/Wq1q89GOu2McBmuixfzPjaWLhhI.roa
File: Wq1q89GOu2McBmuixfzPjaWLhhI.roa (raw, json)
Hash identifier: wRHpMNZBCmITZqLhTuXBeVJnvfjdKheS3ODkIok2Jd4=
Subject key identifier: 5A:AD:6A:F3:D1:8E:BB:63:1C:06:6B:A2:C5:FC:CF:8D:A5:8B:86:12
Certificate issuer: /CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
Certificate serial: 018CC8016AA4117072E36D91A970A6501923
Authority key identifier: F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/Wq1q89GOu2McBmuixfzPjaWLhhI.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198605
IP address blocks: 77.234.40.0/21 maxlen: 24
77.234.40.0/24 maxlen: 24
37.156.184.0/22 maxlen: 24
195.74.76.0/24 maxlen: 24
185.189.94.0/24 maxlen: 24
185.189.92.0/22 maxlen: 24
69.94.64.0/20 maxlen: 24
31.14.74.0/24 maxlen: 24
31.14.73.0/24 maxlen: 24
31.14.72.0/24 maxlen: 24
91.213.143.0/24 maxlen: 24
185.167.64.0/24 maxlen: 24
185.51.228.0/22 maxlen: 24
5.45.56.0/21 maxlen: 24
2a0b:e180::/29 maxlen: 45
2001:67c:284::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6a:a4:11:70:72:e3:6d:91:a9:70:a6:50:19:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aad6af3d18ebb631c066ba2c5fccf8da58b8612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:81:5d:d7:bf:44:48:b5:fe:9b:41:a6:23:59:
18:bf:f2:22:63:11:13:f2:82:f7:93:e4:b9:1f:d3:
d9:e8:ca:43:06:60:10:3b:8c:a2:de:fe:c1:f2:d1:
dd:60:f3:b7:bd:f8:4b:1e:a5:ee:53:ce:98:75:63:
9c:23:55:41:75:5f:cf:dd:f7:13:41:a3:bd:04:ff:
8b:c2:d2:f1:15:1e:86:00:d0:7c:7d:39:81:71:8d:
f0:69:24:c6:90:9e:d7:10:f8:0d:87:26:7d:ea:3f:
f3:8a:53:20:87:12:b7:41:ec:77:19:50:cc:f2:64:
61:64:9f:4d:e7:e9:83:b1:16:3b:94:96:e2:88:75:
ee:b7:e0:5c:77:cb:8c:cd:6c:63:80:cc:37:01:f8:
97:bd:86:f8:44:55:5f:fa:91:a6:5f:11:ef:54:1c:
85:5c:53:77:d7:3b:e3:c6:03:c8:ee:8c:cc:30:94:
1b:3a:c1:30:37:07:8f:b4:c8:fc:e2:9c:17:94:89:
c6:8b:38:95:60:e2:10:e8:dc:5a:d8:f2:a4:da:00:
aa:63:88:90:af:88:c3:89:75:04:a3:15:4d:c6:b1:
3a:65:86:74:3f:b3:e7:78:04:82:ec:b4:d9:ac:bc:
b0:64:73:55:da:24:9b:6a:e7:56:e2:65:8b:dc:9c:
08:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AD:6A:F3:D1:8E:BB:63:1C:06:6B:A2:C5:FC:CF:8D:A5:8B:86:12
X509v3 Authority Key Identifier:
keyid:F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/Wq1q89GOu2McBmuixfzPjaWLhhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.56.0/21
31.14.72.0-31.14.74.255
37.156.184.0/22
69.94.64.0/20
77.234.40.0/21
91.213.143.0/24
185.51.228.0/22
185.167.64.0/24
185.189.92.0/22
195.74.76.0/24
IPv6:
2001:67c:284::/48
2a0b:e180::/29
Signature Algorithm: sha256WithRSAEncryption
40:b9:56:5a:72:f3:c3:7e:7d:fa:65:0d:53:ca:76:56:2c:9e:
24:0d:f2:f8:e8:92:1c:bf:3b:b9:90:84:6a:5d:de:9f:85:7d:
40:6b:6e:ec:21:df:a1:bf:f1:ca:33:86:79:d5:d7:2b:cc:27:
10:b4:07:6a:15:63:0e:7d:f2:03:af:c4:93:24:7d:ab:40:71:
ed:61:6d:64:b1:2b:b5:a2:32:61:76:84:f5:2d:e9:f8:83:fa:
d8:90:24:81:aa:cf:71:c2:11:d4:55:86:fb:05:69:ec:e1:56:
5d:4d:77:f9:37:9b:6a:77:4f:e4:7f:d2:4d:95:b8:10:b6:4a:
0e:48:89:bd:f9:bb:7b:b8:cc:da:b2:73:fe:aa:33:0f:27:93:
9b:91:74:80:f8:8e:df:6f:e0:e1:a6:75:ff:25:fd:c5:e5:49:
4d:0c:cb:ca:e6:fb:a0:97:4d:2a:43:9e:dc:5c:61:cd:74:bb:
6f:b0:85:47:9a:93:be:cf:b3:b3:62:01:07:e5:61:27:e4:af:
91:83:55:50:89:5c:6f:d9:96:50:2b:a6:85:80:a8:2e:a2:6a:
bc:1c:69:b2:0f:d5:6c:76:18:00:60:a6:5d:5a:e7:a3:d6:90:
69:a0:9a:f5:fb:17:05:b4:04:ad:ab:5b:49:c1:bb:b0:cd:d7:
b2:6a:41:50
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzIAWqkEXBy422RqXCmUBkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjczYzVjMGYzYTEwNmE4YmE3ZGZmM2UzNWM4MTZkMTA3
OGRjNzEwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFkNmFmM2QxOGViYjYzMWMwNjZiYTJjNWZjY2Y4ZGE1OGI4NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYFd179ESLX+m0GmI1kYv/IiYxET
8oL3k+S5H9PZ6MpDBmAQO4yi3v7B8tHdYPO3vfhLHqXuU86YdWOcI1VBdV/P3fcT
QaO9BP+LwtLxFR6GANB8fTmBcY3waSTGkJ7XEPgNhyZ96j/zilMghxK3Qex3GVDM
8mRhZJ9N5+mDsRY7lJbiiHXut+Bcd8uMzWxjgMw3AfiXvYb4RFVf+pGmXxHvVByF
XFN31zvjxgPI7ozMMJQbOsEwNwePtMj84pwXlInGiziVYOIQ6Nxa2PKk2gCqY4iQ
r4jDiXUEoxVNxrE6ZYZ0P7PneASC7LTZrLywZHNV2iSbaudW4mWL3JwIkwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFFqtavPRjrtjHAZrosX8z42li4YSMB8GA1UdIwQY
MBaAFPj3PFwPOhBqi6ff8+NcgW0QeNxxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QYzhYQTg2RUdxTHA5X3o0MXlCYlJCNDNIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhi
LTZkOGZkMzMwZTlhYS8xL1dxMXE4OUdPdTJNY0JtdWl4ZnpQamFXTGhoSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhiLTZkOGZkMzMwZTlh
YS8xLzEtUGM4WEE4NkVHcUxwOV96NDF5QmJSQjQzSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMEoEAgABMEQDBAMFLTgw
DAMEAx8OSAMEAB8OSgMEAiWcuAMEBEVeQAMEA03qKAMEAFvVjwMEArkz5AMEALmn
QAMEArm9XAMEAMNKTDAWBAIAAjAQAwcAIAEGfAKEAwUDKgvhgDANBgkqhkiG9w0B
AQsFAAOCAQEAQLlWWnLzw359+mUNU8p2ViyeJA3y+OiSHL87uZCEal3en4V9QGtu
7CHfob/xyjOGedXXK8wnELQHahVjDn3yA6/EkyR9q0Bx7WFtZLErtaIyYXaE9S3p
+IP62JAkgarPccIR1FWG+wVp7OFWXU13+TebandP5H/STZW4ELZKDkiJvfm7e7jM
2rJz/qozDyeTm5F0gPiO32/g4aZ1/yX9xeVJTQzLyub7oJdNKkOe3FxhzXS7b7CF
R5qTvs+zs2IBB+VhJ+SvkYNVUIlcb9mWUCumhYCoLqJqvBxpsg/VbHYYAGCmXVrn
o9aQaaCa9fsXBbQEratbScG7sM3XsmpBUA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:35:02 2024 by rpki-client on console-ams.rpki-client.org