Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/wyPRge4TS7jb3RewyePTtLUJY5U.roa
File: wyPRge4TS7jb3RewyePTtLUJY5U.roa (raw, json)
Hash identifier: 6zFi9GbXxv2Vd27FUTsFfRUT/HT0Dx5LmOX0WGl4Y8I=
Subject key identifier: C3:23:D1:81:EE:13:4B:B8:DB:DD:17:B0:C9:E3:D3:B4:B5:09:63:95
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 0191208221094FDCBE898024296F9E189B2F
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/wyPRge4TS7jb3RewyePTtLUJY5U.roa
Signing time: Mon 05 Aug 2024 03:08:04 +0000
ROA not before: Mon 05 Aug 2024 03:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42574
IP address blocks: 31.41.192.0/21 maxlen: 21
91.189.160.0/24 maxlen: 24
91.189.161.0/24 maxlen: 24
91.189.162.0/24 maxlen: 24
91.189.163.0/24 maxlen: 24
91.189.164.0/24 maxlen: 24
91.189.165.0/24 maxlen: 24
91.189.166.0/24 maxlen: 24
91.189.167.0/24 maxlen: 24
91.201.204.0/24 maxlen: 24
91.201.205.0/24 maxlen: 24
91.201.206.0/24 maxlen: 24
91.201.207.0/24 maxlen: 24
91.203.0.0/24 maxlen: 24
91.203.1.0/24 maxlen: 24
91.203.2.0/24 maxlen: 24
91.203.3.0/24 maxlen: 24
94.232.232.0/24 maxlen: 24
94.232.233.0/24 maxlen: 24
94.232.234.0/24 maxlen: 24
94.232.235.0/24 maxlen: 24
94.232.236.0/24 maxlen: 24
94.232.237.0/24 maxlen: 24
94.232.238.0/24 maxlen: 24
94.232.239.0/24 maxlen: 24
193.33.100.0/24 maxlen: 24
193.33.101.0/24 maxlen: 24
194.146.200.0/24 maxlen: 24
194.146.201.0/24 maxlen: 24
194.146.202.0/24 maxlen: 24
194.146.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:20:82:21:09:4f:dc:be:89:80:24:29:6f:9e:18:9b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Aug 5 03:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c323d181ee134bb8dbdd17b0c9e3d3b4b5096395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1d:2f:53:bf:a7:17:4b:71:43:99:7a:5c:a3:
fa:51:73:63:d1:54:4d:10:1b:1b:6d:a3:17:f3:3e:
77:e5:07:b0:68:10:c7:f9:2d:8b:73:98:1b:07:da:
9d:be:a3:db:02:0d:c8:f2:7b:d1:00:b2:c2:e7:76:
22:77:5f:14:9b:e7:80:56:0c:76:38:9b:27:dd:5c:
21:b8:69:0d:24:0b:f9:ed:1b:0d:fa:7b:4a:cd:65:
d1:22:bb:a5:81:2a:63:61:de:2f:a7:a3:aa:9c:83:
c6:83:81:7b:a9:32:c6:11:de:f1:de:ea:78:8a:43:
fc:62:08:11:83:62:13:aa:53:e5:74:ed:74:c7:ee:
e5:e7:9b:dc:12:59:42:15:0b:b2:f3:44:32:e7:61:
c8:c8:83:5b:c1:9c:a1:13:b2:67:db:a0:d5:3a:59:
eb:11:94:2b:08:82:7b:bf:13:ba:5b:b7:9b:59:22:
97:7c:41:44:06:87:08:41:1f:a5:7c:7e:ab:0b:e2:
8d:6f:ea:81:df:8c:4e:4e:8c:b5:db:22:38:ce:49:
ed:a3:32:31:57:55:05:ac:1f:ad:f8:56:e5:0e:32:
5c:4e:dc:65:0b:00:5a:dd:ec:a5:a4:65:ed:41:1d:
f8:64:b0:f0:b0:ae:b4:49:4c:c4:5e:78:dc:0b:4d:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:23:D1:81:EE:13:4B:B8:DB:DD:17:B0:C9:E3:D3:B4:B5:09:63:95
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/wyPRge4TS7jb3RewyePTtLUJY5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.192.0/21
91.189.160.0/21
91.201.204.0/22
91.203.0.0/22
94.232.232.0/21
193.33.100.0/23
194.146.200.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:06:52:8e:34:a4:80:c6:64:62:90:14:ca:f2:a9:ec:d2:71:
7a:f3:f1:50:61:f1:86:69:d8:72:87:d1:3c:cf:5e:d4:b0:16:
e7:fd:46:02:56:5c:bb:d6:b6:c7:6f:0f:98:b9:61:96:22:de:
e2:0f:ed:71:69:67:90:a3:20:b8:81:89:f1:77:d1:b6:e6:3d:
70:aa:02:b8:21:78:6f:95:95:59:1b:6a:1b:2a:a0:6e:c5:8b:
7f:83:17:56:24:2d:d7:fd:d6:c7:48:ef:2e:a9:4f:55:a0:ce:
c0:b2:18:a2:af:24:fa:b6:d1:02:dd:c0:a6:f7:e2:77:8e:38:
62:5b:e2:b9:60:21:1a:07:1d:cc:84:c6:be:29:69:47:0b:bd:
92:48:9f:51:43:d2:a5:31:12:b4:d9:ea:bb:cc:d6:be:3d:b6:
65:30:5a:46:2a:df:24:55:74:b8:0d:41:13:26:c9:34:ff:13:
35:d6:1d:84:c9:d0:5a:f4:2c:66:01:a0:12:4d:ea:47:cc:5f:
5e:95:c9:4e:6d:65:49:f3:11:f1:e8:76:da:3a:38:5a:e5:93:
43:4a:92:26:e5:54:db:1e:4a:cf:c0:dd:9d:73:f0:65:e3:3d:
21:e7:e7:f9:ce:29:95:4f:0f:37:39:cd:d4:6f:e5:3f:3f:fc:
28:ba:55:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZEggiEJT9y+iYAkKW+eGJsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjQwODA1MDMwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzIzZDE4MWVlMTM0YmI4ZGJkZDE3YjBjOWUzZDNiNGI1MDk2Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B0vU7+nF0txQ5l6XKP6UXNj0VRN
EBsbbaMX8z535QewaBDH+S2Lc5gbB9qdvqPbAg3I8nvRALLC53Yid18Um+eAVgx2
OJsn3VwhuGkNJAv57RsN+ntKzWXRIrulgSpjYd4vp6OqnIPGg4F7qTLGEd7x3up4
ikP8YggRg2ITqlPldO10x+7l55vcEllCFQuy80Qy52HIyINbwZyhE7Jn26DVOlnr
EZQrCIJ7vxO6W7ebWSKXfEFEBocIQR+lfH6rC+KNb+qB34xOToy12yI4zkntozIx
V1UFrB+t+FblDjJcTtxlCwBa3eylpGXtQR34ZLDwsK60SUzEXnjcC002eQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMMj0YHuE0u4290XsMnj07S1CWOVMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvd3lQUmdlNFRTN2piM1Jld3llUFR0TFVKWTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDHynAAwQD
W72gAwQCW8nMAwQCW8sAAwQDXujoAwQBwSFkAwQCwpLIMA0GCSqGSIb3DQEBCwUA
A4IBAQCyBlKONKSAxmRikBTK8qns0nF68/FQYfGGadhyh9E8z17UsBbn/UYCVly7
1rbHbw+YuWGWIt7iD+1xaWeQoyC4gYnxd9G25j1wqgK4IXhvlZVZG2obKqBuxYt/
gxdWJC3X/dbHSO8uqU9VoM7AshiiryT6ttEC3cCm9+J3jjhiW+K5YCEaBx3MhMa+
KWlHC72SSJ9RQ9KlMRK02eq7zNa+PbZlMFpGKt8kVXS4DUETJsk0/xM11h2EydBa
9CxmAaASTepHzF9elclObWVJ8xHx6HbaOjha5ZNDSpIm5VTbHkrPwN2dc/Bl4z0h
5+f5zimVTw83Oc3Ub+U/P/woulV+
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:30 2024 by rpki-client on console-ams.rpki-client.org