Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/wRIgE3EkGwXNycGnvHQ86lpcZcE.roa
File: wRIgE3EkGwXNycGnvHQ86lpcZcE.roa (raw, json)
Hash identifier: tuPVfTx9Q1niFV4yVMswNKMzJsSB4NE+8v7cp7WJEB4=
Subject key identifier: C1:12:20:13:71:24:1B:05:CD:C9:C1:A7:BC:74:3C:EA:5A:5C:65:C1
Certificate issuer: /CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Certificate serial: 018CC94E25CADAB9F1DD07F068925CE6D184
Authority key identifier: DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/wRIgE3EkGwXNycGnvHQ86lpcZcE.roa
Signing time: Tue 02 Jan 2024 08:33:11 +0000
ROA not before: Tue 02 Jan 2024 08:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39090
IP address blocks: 185.116.17.0/24 maxlen: 24
185.116.19.0/24 maxlen: 24
84.39.64.0/19 maxlen: 19
2a02:d180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:25:ca:da:b9:f1:dd:07:f0:68:92:5c:e6:d1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Validity
Not Before: Jan 2 08:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c112201371241b05cdc9c1a7bc743cea5a5c65c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:f0:91:25:c6:37:1f:dc:7e:ad:8f:99:5b:
4a:09:81:a9:c8:65:f5:e0:60:bd:e2:60:f7:4a:41:
3e:a6:26:b4:b6:0b:66:c8:f9:53:9a:9a:b5:15:9f:
3b:9a:77:bf:f6:d0:26:af:d5:af:62:c0:3c:e4:30:
8b:0c:d3:5b:2f:97:3c:35:d7:07:03:ea:27:8d:dc:
e2:9a:1f:d1:5e:3f:53:03:06:7a:a4:3b:5f:bc:d9:
98:f8:ac:25:47:f4:c2:a2:ff:84:63:52:cb:78:3f:
95:66:12:73:2c:ba:f0:4c:e0:2a:f4:e1:d2:fb:d4:
20:24:72:2f:62:c8:9c:8f:03:6d:35:3e:68:98:80:
38:80:9a:c8:f7:33:96:78:ab:bc:71:6c:2c:c4:1e:
75:bc:b3:e8:b1:3e:7f:85:b3:e8:20:50:f0:0e:bb:
86:9f:a1:51:14:03:64:11:0a:60:74:0c:b6:12:77:
6e:be:d3:ac:5f:64:b4:64:c7:50:5b:af:33:78:73:
2a:6d:2c:54:12:df:ab:3a:85:e9:2c:1f:12:ae:ba:
8e:2f:af:ba:75:c0:46:1c:03:69:1f:43:fa:76:0d:
f1:c9:b0:74:67:33:92:26:e4:a0:78:37:8d:76:fe:
bb:e8:0b:e0:7f:c9:c5:f6:c3:d7:91:f8:41:27:8a:
ba:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:12:20:13:71:24:1B:05:CD:C9:C1:A7:BC:74:3C:EA:5A:5C:65:C1
X509v3 Authority Key Identifier:
keyid:DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/wRIgE3EkGwXNycGnvHQ86lpcZcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.64.0/19
185.116.17.0/24
185.116.19.0/24
IPv6:
2a02:d180::/29
Signature Algorithm: sha256WithRSAEncryption
0f:87:fe:c8:8b:aa:f5:08:f9:b8:1a:e6:85:e5:0f:3d:f2:d7:
8b:21:80:3a:20:04:bb:d6:e6:ba:79:af:4c:14:11:9c:7b:0b:
0b:64:a7:00:a7:a5:9e:76:73:57:58:87:89:95:86:e8:02:a0:
69:c7:e7:05:3f:1d:e7:ef:a5:da:11:62:10:cf:eb:7b:0c:a5:
50:ab:48:9b:fa:b8:de:b1:e7:9f:b1:4f:3f:7c:cd:01:b1:a5:
bb:45:bc:d6:2f:9e:6c:53:97:6f:51:a0:02:d9:d9:14:90:b0:
60:0e:79:e2:4e:b0:0f:74:f0:e2:7b:65:d5:d3:d0:15:97:a2:
f5:ec:34:71:72:aa:5a:09:3d:83:2a:35:fa:1d:f6:76:c6:ee:
2a:1f:c2:a9:41:45:f3:f3:58:1b:9a:13:55:0c:c5:fd:24:dd:
e3:a8:fb:d3:26:10:44:22:15:27:2f:02:6f:1f:d2:e8:29:a5:
15:1c:c3:ff:83:20:12:e1:cf:94:5d:6a:b4:fd:f0:48:8a:50:
35:63:79:75:df:67:cf:04:8d:37:c4:8f:a6:f5:50:58:74:5f:
2f:44:71:1b:59:04:01:d3:70:12:57:d7:9c:8e:7b:94:79:ea:
28:6b:74:37:ff:69:a5:99:ac:69:cd:69:fe:3b:c8:77:67:18:
62:cd:0d:ef
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJTiXK2rnx3QfwaJJc5tGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMmE2OTVjNDEyMjFkZDhlZGRjZmM1YzRiNWNjMGI3ODlj
Yjk1M2IwHhcNMjQwMTAyMDgzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTEyMjAxMzcxMjQxYjA1Y2RjOWMxYTdiYzc0M2NlYTVhNWM2NWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw/wkSXGNx/cfq2PmVtKCYGpyGX1
4GC94mD3SkE+pia0tgtmyPlTmpq1FZ87mne/9tAmr9WvYsA85DCLDNNbL5c8NdcH
A+onjdzimh/RXj9TAwZ6pDtfvNmY+KwlR/TCov+EY1LLeD+VZhJzLLrwTOAq9OHS
+9QgJHIvYsicjwNtNT5omIA4gJrI9zOWeKu8cWwsxB51vLPosT5/hbPoIFDwDruG
n6FRFANkEQpgdAy2EnduvtOsX2S0ZMdQW68zeHMqbSxUEt+rOoXpLB8SrrqOL6+6
dcBGHANpH0P6dg3xybB0ZzOSJuSgeDeNdv676Avgf8nF9sPXkfhBJ4q6ZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMESIBNxJBsFzcnBp7x0POpaXGXBMB8GA1UdIwQY
MBaAFN0qaVxBIh3Y7dz8XEtcwLeJy5U7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEt
MjA4ZGMwNjhkNTNjLzEvd1JJZ0UzRWtHd1hOeWNHbnZIUTg2bHBjWmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEtMjA4ZGMwNjhkNTNj
LzEvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVCdAAwQA
uXQRAwQAuXQTMA0EAgACMAcDBQMqAtGAMA0GCSqGSIb3DQEBCwUAA4IBAQAPh/7I
i6r1CPm4GuaF5Q898teLIYA6IAS71ua6ea9MFBGcewsLZKcAp6WednNXWIeJlYbo
AqBpx+cFPx3n76XaEWIQz+t7DKVQq0ib+rjeseefsU8/fM0BsaW7RbzWL55sU5dv
UaAC2dkUkLBgDnniTrAPdPDie2XV09AVl6L17DRxcqpaCT2DKjX6HfZ2xu4qH8Kp
QUXz81gbmhNVDMX9JN3jqPvTJhBEIhUnLwJvH9LoKaUVHMP/gyAS4c+UXWq0/fBI
ilA1Y3l132fPBI03xI+m9VBYdF8vRHEbWQQB03ASV9ecjnuUeeooa3Q3/2mlmaxp
zWn+O8h3ZxhizQ3v
-----END CERTIFICATE-----
Generated at Sun May 19 08:27:54 2024 by rpki-client on console-fra.rpki-client.org