Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/wqhINxVpVUPttsnmvlz2VrEbNbQ.roa
File: wqhINxVpVUPttsnmvlz2VrEbNbQ.roa (raw, json)
Hash identifier: WmZnorqkJb5HTLnx/m9wIS7fLHnf8Opjcmr0UPEf4es=
Subject key identifier: C2:A8:48:37:15:69:55:43:ED:B6:C9:E6:BE:5C:F6:56:B1:1B:35:B4
Certificate issuer: /CN=d779968e66edbea372ef95baa2bf689138567a40
Certificate serial: 018CC2DB06C952CD93D16BE84D2364F60394
Authority key identifier: D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/wqhINxVpVUPttsnmvlz2VrEbNbQ.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205496
IP address blocks: 194.15.137.0/24 maxlen: 24
185.214.228.0/24 maxlen: 24
185.214.228.0/22 maxlen: 22
185.214.231.0/24 maxlen: 24
185.214.230.0/24 maxlen: 24
185.214.229.0/24 maxlen: 24
2001:67c:2fd8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.mft
rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:c9:52:cd:93:d1:6b:e8:4d:23:64:f6:03:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d779968e66edbea372ef95baa2bf689138567a40
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2a8483715695543edb6c9e6be5cf656b11b35b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a3:7b:17:dd:06:d1:2e:75:73:ed:f9:b9:d6:
2f:0c:1a:b1:b9:c4:ae:5b:72:87:b3:c4:bb:29:ec:
b3:69:3f:d3:53:c7:02:74:8d:f3:f2:23:ef:9c:28:
0c:e0:42:b9:56:5a:31:93:4e:28:26:a9:79:85:12:
e6:e3:72:5d:3b:6c:3d:fe:05:20:f0:59:c7:39:71:
92:7d:60:a5:e9:6d:ae:3a:f1:7c:10:c4:44:87:b5:
5a:60:ae:26:17:ad:ad:75:88:ed:09:55:01:2d:5d:
f5:b0:b2:b7:c2:1a:7b:a6:a2:1a:82:34:61:20:c5:
64:93:42:67:63:06:ab:be:56:5d:8b:9c:2e:c7:e2:
7e:7f:bf:7e:c3:93:1f:0f:a8:2c:55:f5:af:45:fb:
9f:55:5f:28:78:cd:48:63:62:80:66:23:cd:d4:e0:
af:bb:be:37:76:01:8e:bc:bd:e2:4f:9e:ca:4d:39:
25:ae:fb:06:c1:ba:36:1c:22:82:ba:47:f9:8f:74:
18:e8:43:27:02:73:67:9e:a9:09:d2:b5:2d:4c:0f:
f9:1f:c1:de:1e:3a:82:ef:d6:5b:28:22:f3:84:9b:
73:de:80:a5:29:81:60:01:26:02:b4:68:fe:c7:d9:
54:f7:2f:65:08:f3:4a:a3:38:11:f6:91:42:ee:cc:
85:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A8:48:37:15:69:55:43:ED:B6:C9:E6:BE:5C:F6:56:B1:1B:35:B4
X509v3 Authority Key Identifier:
keyid:D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/wqhINxVpVUPttsnmvlz2VrEbNbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.228.0/22
194.15.137.0/24
IPv6:
2001:67c:2fd8::/48
Signature Algorithm: sha256WithRSAEncryption
40:cc:0a:12:3d:74:d9:57:a9:53:48:5f:55:92:38:87:f3:44:
41:14:6f:8e:a2:7c:04:c8:43:33:f8:7b:e5:d1:1f:23:5f:f9:
cb:49:c9:2a:6e:20:df:98:89:a2:9c:6e:ed:e3:81:55:3e:a8:
ca:f1:db:32:dc:16:ff:f4:ab:34:cf:a8:e2:59:0e:4e:64:c5:
83:81:bd:0f:04:54:e4:67:4b:b5:ee:b6:1e:44:e1:3b:c5:87:
d7:a4:dc:26:87:cc:7a:f5:6d:c7:ff:83:b4:b7:51:54:fc:10:
e5:59:81:f6:29:99:0d:b7:d1:05:54:b5:38:52:ab:44:b4:14:
fc:85:6b:07:51:d1:13:5e:49:8f:c1:7b:32:6c:24:98:64:78:
c0:c1:1b:9b:f0:0e:4c:a9:26:dd:69:8c:08:bc:2c:99:c0:c7:
2e:f5:24:12:98:d7:6f:99:15:fa:10:95:67:79:ce:63:3f:2d:
5d:9e:78:93:0e:6f:2f:80:92:88:97:f8:b6:f4:d3:93:0e:c6:
1e:9e:5a:e5:42:91:7a:3a:5a:bd:4f:57:e6:a6:53:0b:11:00:
69:9e:96:ff:14:b2:d1:0b:e5:02:80:6c:ce:82:9d:da:f3:2d:
d4:e2:da:e4:25:07:39:77:89:fe:36:6a:f7:ef:33:1b:bd:c2:
de:b0:c5:28
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzC2wbJUs2T0WvoTSNk9gOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzk5NjhlNjZlZGJlYTM3MmVmOTViYWEyYmY2ODkxMzg1
NjdhNDAwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE4NDgzNzE1Njk1NTQzZWRiNmM5ZTZiZTVjZjY1NmIxMWIzNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKN7F90G0S51c+35udYvDBqxucSu
W3KHs8S7KeyzaT/TU8cCdI3z8iPvnCgM4EK5Vloxk04oJql5hRLm43JdO2w9/gUg
8FnHOXGSfWCl6W2uOvF8EMREh7VaYK4mF62tdYjtCVUBLV31sLK3whp7pqIagjRh
IMVkk0JnYwarvlZdi5wux+J+f79+w5MfD6gsVfWvRfufVV8oeM1IY2KAZiPN1OCv
u743dgGOvL3iT57KTTklrvsGwbo2HCKCukf5j3QY6EMnAnNnnqkJ0rUtTA/5H8He
HjqC79ZbKCLzhJtz3oClKYFgASYCtGj+x9lU9y9lCPNKozgR9pFC7syFkQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMKoSDcVaVVD7bbJ5r5c9laxGzW0MB8GA1UdIwQY
MBaAFNd5lo5m7b6jcu+VuqK/aJE4VnpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYt
NmU2ZmEzOWJiMWVjLzEvd3FoSU54VnBWVVB0dHNubXZsejJWckViTmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYtNmU2ZmEzOWJiMWVj
LzEvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCudbkAwQA
wg+JMA8EAgACMAkDBwAgAQZ8L9gwDQYJKoZIhvcNAQELBQADggEBAEDMChI9dNlX
qVNIX1WSOIfzREEUb46ifATIQzP4e+XRHyNf+ctJySpuIN+YiaKcbu3jgVU+qMrx
2zLcFv/0qzTPqOJZDk5kxYOBvQ8EVORnS7Xuth5E4TvFh9ek3CaHzHr1bcf/g7S3
UVT8EOVZgfYpmQ230QVUtThSq0S0FPyFawdR0RNeSY/BezJsJJhkeMDBG5vwDkyp
Jt1pjAi8LJnAxy71JBKY12+ZFfoQlWd5zmM/LV2eeJMOby+AkoiX+Lb005MOxh6e
WuVCkXo6Wr1PV+amUwsRAGmelv8UstEL5QKAbM6CndrzLdTi2uQlBzl3if42avfv
Mxu9wt6wxSg=
-----END CERTIFICATE-----
Generated at Sun May 19 05:59:24 2024 by rpki-client on console-fra.rpki-client.org