Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/WHCG6YZe0DCwZGLn2wzH99has_U.roa
File: WHCG6YZe0DCwZGLn2wzH99has_U.roa (raw, json)
Hash identifier: hgVLVwRisDE/i6Zs0k6sbqEMAXQdfwnkdXldrADnSPU=
Subject key identifier: 58:70:86:E9:86:5E:D0:30:B0:64:62:E7:DB:0C:C7:F7:D8:5A:B3:F5
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 018F2E382557FC3C50763D1B9E753C321426
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/WHCG6YZe0DCwZGLn2wzH99has_U.roa
Signing time: Tue 30 Apr 2024 08:56:22 +0000
ROA not before: Tue 30 Apr 2024 08:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 83.229.113.0/24 maxlen: 24
185.90.220.0/24 maxlen: 24
185.90.221.0/24 maxlen: 24
185.90.222.0/24 maxlen: 24
185.90.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:38:25:57:fc:3c:50:76:3d:1b:9e:75:3c:32:14:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Apr 30 08:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587086e9865ed030b06462e7db0cc7f7d85ab3f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:73:43:3d:68:0a:0d:b0:21:17:e4:39:ee:
8c:64:4f:fe:c1:84:fe:e8:77:a7:d2:45:c7:da:9e:
3e:9f:6c:f6:5c:fb:89:1b:45:a8:16:b1:06:e5:3a:
8f:b1:f0:ff:67:eb:36:54:0b:3f:59:68:b6:0c:25:
06:d9:f9:a7:e0:fa:ab:78:0a:fe:e3:a6:7b:f3:a0:
22:d4:b6:2a:47:d6:5a:e7:bf:aa:ac:15:1d:2e:2a:
bd:1e:79:a1:65:cc:18:b9:43:71:96:7a:cb:08:a3:
10:3e:0f:98:8e:cb:f1:26:9f:40:8f:ec:29:b1:57:
90:79:5c:2b:3d:d2:4f:e7:4f:e1:04:4a:24:0b:90:
6d:50:46:c5:e4:0c:20:82:5e:0d:c1:8d:4a:50:ae:
f7:7b:65:7e:9d:b6:2a:34:43:79:3e:75:c3:73:c3:
f5:f2:23:f7:87:53:5a:bc:ad:e0:79:65:f1:93:f8:
f9:d7:78:0a:6e:27:62:91:7e:34:ff:81:66:bf:cf:
03:62:17:42:ba:e4:08:4c:cc:5f:76:0a:15:e4:be:
91:e9:a9:f7:1c:86:d8:49:87:5f:26:e5:42:0e:81:
12:0c:86:3e:a0:d6:d1:66:37:d2:7d:a1:c3:cb:62:
e2:8d:69:88:39:d4:cb:80:69:09:b6:52:f1:f5:98:
7b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:70:86:E9:86:5E:D0:30:B0:64:62:E7:DB:0C:C7:F7:D8:5A:B3:F5
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/WHCG6YZe0DCwZGLn2wzH99has_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.113.0/24
185.90.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:b3:93:62:df:28:07:78:24:df:45:dc:2a:c1:bc:df:7b:be:
9d:59:d0:62:25:90:e5:81:07:ed:e8:08:be:41:92:61:bf:53:
ed:b8:de:51:a3:98:14:9b:22:b5:9f:c9:13:65:17:b1:dc:81:
38:51:4d:95:dc:d3:74:5b:63:65:b7:93:04:a8:a7:de:5e:63:
e8:e1:52:33:e9:63:6d:9d:e3:2f:4d:d5:d9:0e:3a:60:d0:91:
3d:07:8f:38:69:f1:a9:10:45:50:26:66:b0:b4:ce:5a:d5:64:
1b:07:39:2b:38:d4:06:21:dc:bb:b6:c8:ed:3d:4e:0c:5f:61:
5a:15:9e:7c:c3:1d:62:d8:22:ab:2e:72:9e:3a:f0:86:42:c7:
b1:e7:6b:67:8f:8e:c2:29:ba:d3:8c:83:c5:0a:8f:81:55:8b:
af:4b:0c:5b:2f:48:ac:c6:fd:4a:55:4f:28:95:7d:49:ff:ed:
d5:f8:de:05:38:e4:c1:21:74:30:61:d7:77:3a:53:fb:0b:f9:
6a:d6:ed:a5:94:a0:84:a0:62:55:6e:c0:5d:e5:e2:08:06:2a:
02:b9:f8:1d:40:de:5f:c8:4d:dd:f2:4f:85:1f:d3:4f:13:95:
a5:f1:6b:c4:75:f7:6d:b2:1b:0b:79:fe:35:98:fc:3a:00:5f:
02:31:0e:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8uOCVX/DxQdj0bnnU8MhQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwNDMwMDg1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODcwODZlOTg2NWVkMDMwYjA2NDYyZTdkYjBjYzdmN2Q4NWFiM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1zQz1oCg2wIRfkOe6MZE/+wYT+
6Hen0kXH2p4+n2z2XPuJG0WoFrEG5TqPsfD/Z+s2VAs/WWi2DCUG2fmn4PqreAr+
46Z786Ai1LYqR9Za57+qrBUdLiq9HnmhZcwYuUNxlnrLCKMQPg+YjsvxJp9Aj+wp
sVeQeVwrPdJP50/hBEokC5BtUEbF5Awggl4NwY1KUK73e2V+nbYqNEN5PnXDc8P1
8iP3h1NavK3geWXxk/j513gKbidikX40/4Fmv88DYhdCuuQITMxfdgoV5L6R6an3
HIbYSYdfJuVCDoESDIY+oNbRZjfSfaHDy2LijWmIOdTLgGkJtlLx9Zh7qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFhwhumGXtAwsGRi59sMx/fYWrP1MB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvV0hDRzZZWmUwREN3WkdMbjJ3ekg5OWhhc19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU+VxAwQC
uVrcMA0GCSqGSIb3DQEBCwUAA4IBAQAus5Ni3ygHeCTfRdwqwbzfe76dWdBiJZDl
gQft6Ai+QZJhv1PtuN5Ro5gUmyK1n8kTZRex3IE4UU2V3NN0W2Nlt5MEqKfeXmPo
4VIz6WNtneMvTdXZDjpg0JE9B484afGpEEVQJmawtM5a1WQbBzkrONQGIdy7tsjt
PU4MX2FaFZ58wx1i2CKrLnKeOvCGQsex52tnj47CKbrTjIPFCo+BVYuvSwxbL0is
xv1KVU8olX1J/+3V+N4FOOTBIXQwYdd3OlP7C/lq1u2llKCEoGJVbsBd5eIIBioC
ufgdQN5fyE3d8k+FH9NPE5Wl8WvEdfdtshsLef41mPw6AF8CMQ65
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:50:32 2024 by rpki-client on console-fra.rpki-client.org