Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/w4bgzdHXlhTQm0Jno-V0D4IgG4U.roa
File: w4bgzdHXlhTQm0Jno-V0D4IgG4U.roa (raw, json)
Hash identifier: YLY/lmYKi81bTyvbqABd02hMpUXrHCUs/MN/tH5na50=
Subject key identifier: C3:86:E0:CD:D1:D7:96:14:D0:9B:42:67:A3:E5:74:0F:82:20:1B:85
Certificate issuer: /CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
Certificate serial: 018CC8019ACE776F36165CF158D8F0B8E429
Authority key identifier: 22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/w4bgzdHXlhTQm0Jno-V0D4IgG4U.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 176.103.220.0/23 maxlen: 23
91.227.74.0/24 maxlen: 24
193.148.68.0/22 maxlen: 22
91.216.248.0/24 maxlen: 24
2a10:fc80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9a:ce:77:6f:36:16:5c:f1:58:d8:f0:b8:e4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c386e0cdd1d79614d09b4267a3e5740f82201b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:ea:28:bf:45:bf:1a:09:52:99:7e:0e:8a:
41:33:e3:56:41:25:45:1b:6b:9e:02:ee:b8:5e:e3:
26:38:e7:48:02:8c:13:fa:8c:e8:b4:0c:6c:f2:e9:
98:ca:74:95:d7:90:6b:d2:dd:56:74:17:39:ae:d3:
23:3d:26:24:a2:fd:7e:80:4f:6d:df:af:49:62:8b:
c3:69:1d:da:7f:35:37:bf:0e:af:b3:07:a8:88:fe:
e6:35:1d:d8:1c:8c:dd:3a:b8:32:71:c2:0b:72:45:
ff:3e:a4:5f:a7:94:ee:e1:d0:08:6f:f9:6c:bc:4a:
16:48:24:5c:a2:3a:07:9b:cf:95:e3:50:61:6a:a8:
99:b8:88:a0:d9:66:87:3e:63:12:0c:1f:a5:4b:ac:
38:5e:5c:f5:86:41:61:87:04:74:cc:29:ca:5d:4b:
8c:25:9d:41:01:6a:ec:3f:f6:4a:61:9e:ef:fc:48:
cb:30:68:26:81:f6:1d:af:1a:7b:95:a3:f7:24:42:
d1:06:c7:54:2f:1c:44:40:90:8a:2e:c2:89:bc:bb:
11:f5:dd:66:3d:de:96:a0:9c:21:b0:ca:32:be:5a:
da:2c:30:90:03:6c:66:5d:00:c2:18:7f:d2:13:77:
9b:f9:5b:ce:f2:c2:c6:f2:53:fb:ea:18:4f:37:78:
5b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:86:E0:CD:D1:D7:96:14:D0:9B:42:67:A3:E5:74:0F:82:20:1B:85
X509v3 Authority Key Identifier:
keyid:22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/w4bgzdHXlhTQm0Jno-V0D4IgG4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.248.0/24
91.227.74.0/24
176.103.220.0/23
193.148.68.0/22
IPv6:
2a10:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:cf:3f:2d:04:22:64:38:d1:1a:69:f0:27:c5:25:2f:c7:df:
dc:13:a6:b6:66:78:bb:38:44:cb:ce:a5:de:28:9b:af:11:22:
56:ad:24:be:04:aa:3b:76:b1:13:22:12:2f:47:21:e3:31:98:
30:db:63:0c:5a:18:1d:dc:af:bc:c8:82:35:62:15:cb:25:c9:
71:81:47:ff:dd:64:e2:21:da:95:18:3a:53:64:8b:a7:25:99:
5c:e7:99:5c:f6:24:76:4f:98:38:84:6d:52:2a:2e:7c:d7:34:
1a:9e:0d:10:68:81:aa:ab:ef:73:b1:5e:81:7f:c4:ba:b8:b0:
7b:ef:e7:f6:74:e5:9c:c1:bb:8a:a1:a9:bc:4e:8f:3f:8b:1a:
55:33:3b:2a:f7:fe:13:e6:77:96:c0:7e:8d:81:29:a5:49:7d:
13:dd:83:5b:44:bb:d9:f7:c2:89:e1:21:af:78:3e:05:64:46:
53:ff:9b:2a:7d:e2:d5:0f:6b:37:75:fa:90:44:f9:15:de:03:
ee:5f:f6:a2:35:90:e4:53:12:6b:91:d0:7e:ef:fd:a9:ed:5a:
fe:67:81:83:52:a7:1d:6a:76:10:7e:12:96:00:d3:45:e9:14:
95:2d:d8:7a:16:b4:32:03:43:b6:88:59:d3:3e:8b:2c:a5:62:
1c:57:1d:10
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIAZrOd282FlzxWNjwuOQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTc3NmE2OTU1YzAxNjNjOWNmMWE4MzhjNDFkZmVlNWRh
OWRiM2QwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzg2ZTBjZGQxZDc5NjE0ZDA5YjQyNjdhM2U1NzQwZjgyMjAxYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTHqKL9FvxoJUpl+DopBM+NWQSVF
G2ueAu64XuMmOOdIAowT+ozotAxs8umYynSV15Br0t1WdBc5rtMjPSYkov1+gE9t
369JYovDaR3afzU3vw6vsweoiP7mNR3YHIzdOrgyccILckX/PqRfp5Tu4dAIb/ls
vEoWSCRcojoHm8+V41BhaqiZuIig2WaHPmMSDB+lS6w4Xlz1hkFhhwR0zCnKXUuM
JZ1BAWrsP/ZKYZ7v/EjLMGgmgfYdrxp7laP3JELRBsdULxxEQJCKLsKJvLsR9d1m
Pd6WoJwhsMoyvlraLDCQA2xmXQDCGH/SE3eb+VvO8sLG8lP76hhPN3hbfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMOG4M3R15YU0JtCZ6PldA+CIBuFMB8GA1UdIwQY
MBaAFCKndqaVXAFjyc8ag4xB3+5dqds9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFkMnBwVmNBV1BKenhxRGpFSGY3bDJwMnowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81Y2VkOGYtZDAyNC00NWJiLTkyMmMt
YWYxZGUzZDBmMjE3LzEvdzRiZ3pkSFhsaFRRbTBKbm8tVjBENElnRzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81Y2VkOGYtZDAyNC00NWJiLTkyMmMtYWYxZGUzZDBmMjE3
LzEvSXFkMnBwVmNBV1BKenhxRGpFSGY3bDJwMnowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9j4AwQA
W+NKAwQBsGfcAwQCwZREMA0EAgACMAcDBQMqEPyAMA0GCSqGSIb3DQEBCwUAA4IB
AQBKzz8tBCJkONEaafAnxSUvx9/cE6a2Zni7OETLzqXeKJuvESJWrSS+BKo7drET
IhIvRyHjMZgw22MMWhgd3K+8yII1YhXLJclxgUf/3WTiIdqVGDpTZIunJZlc55lc
9iR2T5g4hG1SKi581zQang0QaIGqq+9zsV6Bf8S6uLB77+f2dOWcwbuKoam8To8/
ixpVMzsq9/4T5neWwH6NgSmlSX0T3YNbRLvZ98KJ4SGveD4FZEZT/5sqfeLVD2s3
dfqQRPkV3gPuX/aiNZDkUxJrkdB+7/2p7Vr+Z4GDUqcdanYQfhKWANNF6RSVLdh6
FrQyA0O2iFnTPosspWIcVx0Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:41 2024 by rpki-client on console-ams.rpki-client.org