Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/wo4Y1wMpnA2CgKUERzaJ3EW-BSw.roa
File: wo4Y1wMpnA2CgKUERzaJ3EW-BSw.roa (raw, json)
Hash identifier: l/OtaR9oVJUjSw+8j+Y0cXy+0MnxXoo4oMBvu4PuzjM=
Subject key identifier: C2:8E:18:D7:03:29:9C:0D:82:80:A5:04:47:36:89:DC:45:BE:05:2C
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 018CC425394FF3CFB4DA1DF78A2C6BDB5ED8
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/wo4Y1wMpnA2CgKUERzaJ3EW-BSw.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39775
IP address blocks: 91.204.16.0/22 maxlen: 24
81.90.208.0/20 maxlen: 24
185.149.124.0/22 maxlen: 24
185.190.0.0/22 maxlen: 24
62.192.32.0/19 maxlen: 24
2a02:1378::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:39:4f:f3:cf:b4:da:1d:f7:8a:2c:6b:db:5e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c28e18d703299c0d8280a504473689dc45be052c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:6f:26:7d:7b:99:b1:34:9b:88:47:e3:23:
24:8d:35:68:ef:38:66:da:64:25:ce:d2:0f:e3:e0:
a5:84:ae:15:2f:c0:6c:6e:be:56:f7:bf:ef:7a:e9:
2b:01:41:2e:00:0a:c8:c6:ed:13:44:6e:99:14:12:
dd:e2:01:ef:ab:9c:9c:de:d8:9a:3f:ef:be:f1:fb:
f6:11:29:20:cd:7d:f3:46:88:4a:93:06:3a:cb:cd:
ad:ad:4d:9f:61:41:ed:e6:6c:15:e6:c7:9c:d4:19:
55:e9:14:29:19:29:44:0d:6d:17:f0:a0:73:0c:37:
21:de:3c:d8:0e:aa:06:23:41:7e:8c:44:a7:ef:4d:
6d:05:27:03:c4:62:84:18:d2:99:18:c5:04:85:be:
4b:d7:a9:db:26:12:c8:de:1f:4a:5e:59:3a:b4:f4:
de:04:2c:6c:54:e7:eb:35:a9:1b:a3:ed:04:40:20:
4c:f6:1c:2f:19:b4:84:0b:90:b1:da:9e:05:84:cc:
e4:87:e8:21:e5:3d:e7:60:f3:85:11:ee:88:6b:86:
22:ff:e7:12:2d:84:2d:a5:60:29:61:a1:1e:e6:8e:
53:46:3e:64:55:b6:de:52:36:74:86:54:ba:12:f0:
e0:da:92:b9:ad:81:fb:3f:4d:9b:33:30:a4:a7:3a:
6d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8E:18:D7:03:29:9C:0D:82:80:A5:04:47:36:89:DC:45:BE:05:2C
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/wo4Y1wMpnA2CgKUERzaJ3EW-BSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.32.0/19
81.90.208.0/20
91.204.16.0/22
185.149.124.0/22
185.190.0.0/22
IPv6:
2a02:1378::/32
Signature Algorithm: sha256WithRSAEncryption
5e:05:99:7b:fe:47:a6:8e:83:86:ee:7f:72:9e:3c:ec:f4:3b:
af:f0:c7:db:40:35:78:82:d8:8e:63:e1:e6:ed:0f:98:d2:e2:
06:92:1e:1b:f5:f0:ed:15:55:ce:5f:bd:32:98:57:91:10:41:
1b:fd:7c:b1:3a:21:d4:4e:91:ec:fd:3a:4e:61:ac:84:da:35:
6d:64:bb:29:8b:df:a7:11:77:ab:7f:a1:82:52:68:03:33:79:
cf:02:da:2c:6d:37:22:be:8c:95:af:f6:b4:64:1b:3d:13:42:
bb:83:70:99:8d:5b:c2:1e:56:75:c6:4f:22:ea:43:0a:c1:d4:
c5:49:ae:90:09:c7:4a:4a:91:1e:dc:97:82:4c:6f:15:df:c1:
45:8a:4b:ea:38:0f:ff:de:8d:ba:02:06:73:ac:c9:e9:8c:78:
fc:0c:40:2a:10:83:f0:55:c2:1e:d4:25:c5:57:65:d1:dc:e0:
ce:95:92:18:98:d4:4f:f3:2c:91:84:83:57:9b:60:90:86:a2:
48:40:d4:a2:7b:87:7a:46:b0:a0:cf:67:eb:a3:0f:79:6d:6b:
fe:28:d0:83:e3:e2:1b:03:06:ab:8b:a8:94:be:ca:cd:65:de:
ad:b9:35:05:1f:d6:4f:fa:90:84:78:7c:f6:b3:c3:83:34:56:
76:b3:13:ff
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJTlP88+02h33iixr217YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhlMThkNzAzMjk5YzBkODI4MGE1MDQ0NzM2ODlkYzQ1YmUwNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9tvJn17mbE0m4hH4yMkjTVo7zhm
2mQlztIP4+ClhK4VL8Bsbr5W97/veukrAUEuAArIxu0TRG6ZFBLd4gHvq5yc3tia
P+++8fv2ESkgzX3zRohKkwY6y82trU2fYUHt5mwV5sec1BlV6RQpGSlEDW0X8KBz
DDch3jzYDqoGI0F+jESn701tBScDxGKEGNKZGMUEhb5L16nbJhLI3h9KXlk6tPTe
BCxsVOfrNakbo+0EQCBM9hwvGbSEC5Cx2p4FhMzkh+gh5T3nYPOFEe6Ia4Yi/+cS
LYQtpWApYaEe5o5TRj5kVbbeUjZ0hlS6EvDg2pK5rYH7P02bMzCkpzptiwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMKOGNcDKZwNgoClBEc2idxFvgUsMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvd280WTF3TXBuQTJDZ0tVRVJ6YUozRVctQlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsAgAwQE
UVrQAwQCW8wQAwQCuZV8AwQCub4AMA0EAgACMAcDBQAqAhN4MA0GCSqGSIb3DQEB
CwUAA4IBAQBeBZl7/kemjoOG7n9ynjzs9Duv8MfbQDV4gtiOY+Hm7Q+Y0uIGkh4b
9fDtFVXOX70ymFeREEEb/XyxOiHUTpHs/TpOYayE2jVtZLspi9+nEXerf6GCUmgD
M3nPAtosbTcivoyVr/a0ZBs9E0K7g3CZjVvCHlZ1xk8i6kMKwdTFSa6QCcdKSpEe
3JeCTG8V38FFikvqOA//3o26AgZzrMnpjHj8DEAqEIPwVcIe1CXFV2XR3ODOlZIY
mNRP8yyRhINXm2CQhqJIQNSie4d6RrCgz2frow95bWv+KNCD4+IbAwari6iUvsrN
Zd6tuTUFH9ZP+pCEeHz2s8ODNFZ2sxP/
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:22 2024 by rpki-client on console-fra.rpki-client.org