Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/WT1eDLuXpMs4ojRnGeqdIGo2g9I.roa
File: WT1eDLuXpMs4ojRnGeqdIGo2g9I.roa (raw, json)
Hash identifier: OYLS3Znye70oaYXHuzzMJeLhZVIryU4bsLkBIgy4urI=
Subject key identifier: 59:3D:5E:0C:BB:97:A4:CB:38:A2:34:67:19:EA:9D:20:6A:36:83:D2
Certificate issuer: /CN=086438e9889389829fa5f51b6a210731082eac22
Certificate serial: 018D813F732AF733601D8D66027842AC54BB
Authority key identifier: 08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/WT1eDLuXpMs4ojRnGeqdIGo2g9I.roa
Signing time: Wed 07 Feb 2024 01:47:15 +0000
ROA not before: Wed 07 Feb 2024 01:47:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400318
IP address blocks: 193.57.228.0/24 maxlen: 24
193.57.229.0/24 maxlen: 24
193.57.230.0/24 maxlen: 24
193.57.231.0/24 maxlen: 24
194.165.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:3f:73:2a:f7:33:60:1d:8d:66:02:78:42:ac:54:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086438e9889389829fa5f51b6a210731082eac22
Validity
Not Before: Feb 7 01:47:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=593d5e0cbb97a4cb38a2346719ea9d206a3683d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:ea:e3:66:2c:01:e5:cc:9a:ba:ac:49:28:
ed:77:63:88:93:ff:b6:b8:41:e5:4d:ce:2b:60:7b:
f9:ca:16:ee:3a:c9:dc:0d:7e:00:c3:f7:14:35:b9:
87:18:d0:a0:58:66:4f:04:11:70:b7:98:17:33:60:
d6:43:35:4c:a9:37:a8:63:8b:93:06:43:9c:62:21:
14:19:96:cc:96:be:3c:a1:f2:c2:85:cb:4e:62:2e:
25:6d:1b:32:a2:8a:49:83:61:89:6b:32:24:c0:35:
c4:ca:13:38:79:80:e0:74:58:da:c9:e3:78:b8:fd:
f0:f8:b3:a7:ad:55:2b:0f:29:73:61:33:56:79:e2:
b5:0a:34:69:3d:8f:d1:6d:24:53:22:bb:63:12:b4:
c3:2c:99:53:22:87:b0:bc:34:23:91:1d:0b:c9:a7:
86:42:97:be:b7:1c:ae:28:9c:aa:ab:54:b7:02:94:
7e:3d:c1:3c:1a:34:62:a9:7f:10:8f:da:99:30:6c:
ad:bf:7f:ce:bd:ca:01:7b:cc:5c:aa:63:3d:d9:9e:
e1:fb:0c:ac:4a:fe:0b:2c:25:61:a9:d0:c6:9a:2c:
31:56:d6:a1:ca:14:96:c8:a7:65:6f:52:40:05:ad:
8a:7d:d3:61:b4:f6:6c:48:1e:98:5a:c6:9b:2e:f5:
11:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3D:5E:0C:BB:97:A4:CB:38:A2:34:67:19:EA:9D:20:6A:36:83:D2
X509v3 Authority Key Identifier:
keyid:08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/WT1eDLuXpMs4ojRnGeqdIGo2g9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.228.0/22
194.165.37.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b6:00:c7:2d:95:7c:58:7c:e9:40:f8:b6:a2:7f:51:2a:af:
bc:ee:3a:ac:ba:ae:8a:11:7c:a4:f1:ce:25:6b:8d:18:9f:f1:
44:28:f7:d2:e9:c3:c6:73:0f:0c:5b:fe:64:aa:dc:43:7c:6e:
76:e3:68:fd:53:50:62:2c:ca:02:79:dd:c9:00:e2:ad:53:bb:
f3:53:dc:ce:20:83:12:88:2d:05:d5:28:99:64:71:ab:b4:50:
43:a8:f8:52:26:96:08:db:68:30:d4:43:97:a4:c0:4e:8b:10:
7b:21:56:df:00:b2:07:1b:da:7b:41:01:8c:85:24:39:5b:34:
8e:ac:53:43:0e:9d:59:d4:f9:3d:c8:a9:ac:98:aa:b5:ba:d7:
d0:13:32:5c:1f:ec:49:21:8c:39:f1:d4:d1:9f:5b:e9:1e:a5:
72:e6:78:bb:02:41:aa:6d:02:e5:4c:83:e8:3d:a5:f6:ec:e3:
42:d9:5a:13:f0:b4:07:af:c4:79:54:e3:f8:88:a3:ee:8e:0c:
13:eb:4e:9f:c9:28:ba:cd:0b:1b:97:dc:c5:60:da:b3:ce:80:
5d:ff:12:68:8a:a7:f0:35:59:0e:e2:d0:1f:d3:2c:1f:7d:eb:
26:cd:dc:95:bb:fc:4b:cb:2a:7d:8d:c2:e4:c5:1f:27:e4:2c:
bf:17:8d:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2BP3Mq9zNgHY1mAnhCrFS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjQzOGU5ODg5Mzg5ODI5ZmE1ZjUxYjZhMjEwNzMxMDgy
ZWFjMjIwHhcNMjQwMjA3MDE0NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNkNWUwY2JiOTdhNGNiMzhhMjM0NjcxOWVhOWQyMDZhMzY4M2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZbq42YsAeXMmrqsSSjtd2OIk/+2
uEHlTc4rYHv5yhbuOsncDX4Aw/cUNbmHGNCgWGZPBBFwt5gXM2DWQzVMqTeoY4uT
BkOcYiEUGZbMlr48ofLChctOYi4lbRsyoopJg2GJazIkwDXEyhM4eYDgdFjayeN4
uP3w+LOnrVUrDylzYTNWeeK1CjRpPY/RbSRTIrtjErTDLJlTIoewvDQjkR0LyaeG
Qpe+txyuKJyqq1S3ApR+PcE8GjRiqX8Qj9qZMGytv3/OvcoBe8xcqmM92Z7h+wys
Sv4LLCVhqdDGmiwxVtahyhSWyKdlb1JABa2KfdNhtPZsSB6YWsabLvURNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFk9Xgy7l6TLOKI0ZxnqnSBqNoPSMB8GA1UdIwQY
MBaAFAhkOOmIk4mCn6X1G2ohBzEILqwiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1Yzgt
YTc4MTBlM2ExYmViLzEvV1QxZURMdVhwTXM0b2pSbkdlcWRJR28yZzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1YzgtYTc4MTBlM2ExYmVi
LzEvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwTnkAwQA
wqUlMA0GCSqGSIb3DQEBCwUAA4IBAQB9tgDHLZV8WHzpQPi2on9RKq+87jqsuq6K
EXyk8c4la40Yn/FEKPfS6cPGcw8MW/5kqtxDfG5242j9U1BiLMoCed3JAOKtU7vz
U9zOIIMSiC0F1SiZZHGrtFBDqPhSJpYI22gw1EOXpMBOixB7IVbfALIHG9p7QQGM
hSQ5WzSOrFNDDp1Z1Pk9yKmsmKq1utfQEzJcH+xJIYw58dTRn1vpHqVy5ni7AkGq
bQLlTIPoPaX27ONC2VoT8LQHr8R5VOP4iKPujgwT606fySi6zQsbl9zFYNqzzoBd
/xJoiqfwNVkO4tAf0ywffesmzdyVu/xLyyp9jcLkxR8n5Cy/F41M
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:16 2024 by rpki-client on console-fra.rpki-client.org