Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa
File: WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa (raw, json)
Hash identifier: 9iZavNTYfj4xHs3rWUe9mG5k/h4anS9fqfoTiD5IscI=
Subject key identifier: 59:57:C5:63:08:71:41:D3:C4:06:99:CB:2F:83:95:CC:05:B8:9A:49
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CC86FFFED460A87D0A432723AA52D98FE
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa
Signing time: Tue 02 Jan 2024 04:30:32 +0000
ROA not before: Tue 02 Jan 2024 04:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ff:ed:46:0a:87:d0:a4:32:72:3a:a5:2d:98:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 04:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5957c563087141d3c40699cb2f8395cc05b89a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:da:73:82:a5:3b:b5:3f:6a:6c:be:1e:ec:
20:6c:16:8b:10:f5:d4:3e:e1:d9:1f:98:8b:b8:81:
d5:c1:4b:f9:fa:30:06:79:47:66:4b:95:c3:ce:93:
7d:ff:a0:59:ea:72:2e:6e:85:ef:37:b1:ef:73:99:
48:f4:ae:a6:a7:6e:06:06:a4:61:7c:fe:af:17:2d:
72:da:27:e0:5e:f7:39:5b:8c:4a:75:be:a7:3e:06:
f6:1d:d6:ad:13:b7:c6:29:dc:fc:61:f5:a2:f5:91:
5c:05:b3:e6:20:1e:12:ac:01:31:5c:5a:3e:45:a3:
00:4b:47:a9:23:ab:bf:5f:92:c3:c1:71:e4:ba:99:
97:77:11:05:30:e4:42:66:83:d3:f5:f7:44:75:d7:
03:cb:68:cb:18:8f:d4:11:07:4a:54:1b:f0:a6:cb:
5d:9c:5b:06:0d:12:e8:11:81:a1:bb:f1:4c:d7:38:
ab:ef:16:97:dc:a7:6a:5e:4d:e8:35:88:eb:60:9b:
1f:e5:a8:d1:9f:f5:cf:a6:da:1c:f2:d5:12:94:f9:
30:ac:12:38:9e:27:23:1f:2f:bd:9e:e1:cc:8f:b2:
b4:91:a0:00:bf:fe:d4:25:57:a2:87:fe:af:e0:27:
19:be:7d:e3:7b:da:13:56:7d:e7:a4:e8:6a:8b:19:
8c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:57:C5:63:08:71:41:D3:C4:06:99:CB:2F:83:95:CC:05:B8:9A:49
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
54:3a:8a:0f:26:a0:e2:83:c2:0c:45:b9:1d:3e:c2:3c:40:ef:
0f:ae:f5:f5:69:6b:7e:93:0e:09:df:1d:7e:ee:43:a6:98:25:
3d:9b:72:9a:ca:78:4a:c1:c9:78:62:b7:a8:07:49:55:2f:f4:
90:8c:0c:19:30:47:8c:1d:39:1f:cb:7c:d8:64:9a:93:da:40:
90:0a:79:cd:56:27:bf:ea:b5:74:b2:35:c7:64:1c:f3:8f:88:
3e:11:c9:dd:ac:4a:ac:7d:7a:fe:9e:44:97:01:47:68:c4:4f:
b7:bc:e7:57:03:0b:73:34:1d:8e:32:16:f9:70:34:90:34:d8:
94:21:48:03:8b:81:68:cc:4f:de:dd:25:dd:c6:49:70:dd:07:
f5:37:f6:dd:97:42:34:b0:b9:50:a2:80:e7:f0:b8:04:33:ab:
32:48:64:1f:25:ea:05:2e:25:72:44:30:00:c2:54:a3:68:85:
7f:69:0f:2b:66:8d:ab:e5:31:b3:c9:f7:81:14:52:e8:2b:f7:
e8:14:c7:d8:82:e2:bb:0d:1f:91:62:8a:46:84:b7:a7:91:84:
11:6b:11:09:04:da:f1:38:e5:57:ba:49:2f:ac:b7:c0:2d:8a:
4d:c3:8d:71:18:b4:66:68:1c:04:64:88:d7:36:33:98:87:8c:
8c:bc:61:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIb//tRgqH0KQycjqlLZj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTAyMDQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTU3YzU2MzA4NzE0MWQzYzQwNjk5Y2IyZjgzOTVjYzA1Yjg5YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd7ac4KlO7U/amy+HuwgbBaLEPXU
PuHZH5iLuIHVwUv5+jAGeUdmS5XDzpN9/6BZ6nIuboXvN7Hvc5lI9K6mp24GBqRh
fP6vFy1y2ifgXvc5W4xKdb6nPgb2HdatE7fGKdz8YfWi9ZFcBbPmIB4SrAExXFo+
RaMAS0epI6u/X5LDwXHkupmXdxEFMORCZoPT9fdEddcDy2jLGI/UEQdKVBvwpstd
nFsGDRLoEYGhu/FM1zir7xaX3KdqXk3oNYjrYJsf5ajRn/XPptoc8tUSlPkwrBI4
nicjHy+9nuHMj7K0kaAAv/7UJVeih/6v4CcZvn3je9oTVn3npOhqixmMgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFlXxWMIcUHTxAaZyy+DlcwFuJpJMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvV1ZmRll3aHhRZFBFQnBuTEw0T1Z6QVc0bWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwe+XAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQBU
OooPJqDig8IMRbkdPsI8QO8PrvX1aWt+kw4J3x1+7kOmmCU9m3KaynhKwcl4Yreo
B0lVL/SQjAwZMEeMHTkfy3zYZJqT2kCQCnnNVie/6rV0sjXHZBzzj4g+EcndrEqs
fXr+nkSXAUdoxE+3vOdXAwtzNB2OMhb5cDSQNNiUIUgDi4FozE/e3SXdxklw3Qf1
N/bdl0I0sLlQooDn8LgEM6sySGQfJeoFLiVyRDAAwlSjaIV/aQ8rZo2r5TGzyfeB
FFLoK/foFMfYguK7DR+RYopGhLenkYQRaxEJBNrxOOVXukkvrLfALYpNw41xGLRm
aBwEZIjXNjOYh4yMvGEa
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:46:31 2024 by rpki-client on console-ams.rpki-client.org