Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/wJWX9zHeskvt2X3iq78G_K0Z1II.roa
File: wJWX9zHeskvt2X3iq78G_K0Z1II.roa (raw, json)
Hash identifier: jJ6EDUl0hIOPZC7IezqN3HOQRpWfBLiNFGXiD0Vw3Cw=
Subject key identifier: C0:95:97:F7:31:DE:B2:4B:ED:D9:7D:E2:AB:BF:06:FC:AD:19:D4:82
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 018FD687AFFCEF21BBF806247B8B179408A2
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/wJWX9zHeskvt2X3iq78G_K0Z1II.roa
Signing time: Sun 02 Jun 2024 01:19:27 +0000
ROA not before: Sun 02 Jun 2024 01:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204646
IP address blocks: 194.213.13.0/24 maxlen: 24
194.213.15.0/24 maxlen: 24
194.213.17.0/24 maxlen: 24
194.213.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d6:87:af:fc:ef:21:bb:f8:06:24:7b:8b:17:94:08:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jun 2 01:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c09597f731deb24bedd97de2abbf06fcad19d482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:59:55:3f:6b:fd:fc:88:27:43:39:0a:bf:b6:
ec:af:22:df:79:89:90:6f:92:b5:f8:44:59:fd:98:
3a:a8:65:b4:ca:f6:9b:61:4b:95:43:9a:29:1c:2a:
44:77:c3:da:cc:4f:b5:ed:0d:a2:2d:a0:7c:43:0e:
5d:d2:36:ea:59:1d:8d:cc:45:2c:36:ce:e1:95:03:
a7:30:07:bc:ec:e9:b5:bd:f8:25:b3:08:d3:3e:2e:
cc:6c:3e:23:6b:8d:d4:99:ca:11:79:b3:1a:9f:60:
f9:fd:1a:15:7e:dc:13:c3:69:6c:9d:34:72:93:7c:
8f:fd:06:2e:18:80:eb:59:2a:63:fc:7e:a7:88:f1:
53:7d:3f:f0:df:2a:37:3c:c0:4d:ee:89:b7:f4:6e:
e2:0c:66:9b:5d:86:cf:a1:ee:5b:eb:fa:29:df:05:
78:e1:75:6e:d6:2d:1f:04:2d:ce:3f:70:6a:b9:e3:
dd:8c:b1:b4:04:1a:e7:e6:d7:c7:55:61:65:ab:65:
86:d2:00:91:a4:3b:0e:79:c0:20:c0:cc:c3:4f:63:
24:54:8e:bb:93:3a:77:9c:43:75:70:1a:3c:81:f7:
05:58:78:64:47:f4:da:43:47:77:ef:3d:44:af:c0:
dc:95:2e:73:86:b1:13:e4:82:f4:ec:dc:fe:c3:51:
d4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:95:97:F7:31:DE:B2:4B:ED:D9:7D:E2:AB:BF:06:FC:AD:19:D4:82
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/wJWX9zHeskvt2X3iq78G_K0Z1II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.213.13.0/24
194.213.15.0/24
194.213.17.0/24
194.213.20.0/24
Signature Algorithm: sha256WithRSAEncryption
31:fd:d7:ad:37:4a:67:8c:61:1e:aa:08:14:f7:f0:48:37:c7:
20:3b:47:a8:42:6d:2d:d7:a3:03:58:bc:bb:fd:a8:e6:d2:8c:
fc:55:6d:85:83:b2:b1:ab:87:36:c3:9e:2c:af:43:a6:92:72:
ff:ee:d0:77:80:6c:91:27:46:96:9e:61:3a:cb:5a:c6:9a:56:
30:ca:6f:ad:8c:bd:7f:d1:71:2a:76:c1:12:e3:e1:5e:0d:48:
f4:c7:a1:6b:0b:5a:6d:c6:b3:35:6c:33:99:e3:62:69:41:d6:
a5:af:05:29:7e:dc:75:2d:99:49:b7:75:79:f7:f2:dd:f8:0a:
12:92:37:04:a8:e8:89:70:9c:77:d8:9a:4c:fc:26:99:1b:f9:
b0:f5:41:f4:59:79:99:57:1b:f5:dd:17:bf:81:19:04:8b:ea:
ca:ec:3a:b1:67:c9:8a:48:7f:b1:c2:10:ee:d0:75:c3:5e:30:
1d:67:c9:02:dc:c5:28:a0:43:6b:9c:e2:31:4a:5c:8e:d8:2e:
bb:6b:8e:40:27:bb:a0:16:1c:06:c9:1a:2e:81:55:93:c2:33:
85:50:0b:a2:cf:62:4a:9a:59:84:15:e9:66:5c:c7:26:98:59:
cd:34:64:6c:38:88:7e:b9:fa:0e:a0:3c:a7:91:ba:33:62:7b:
fb:fa:8f:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/Wh6/87yG7+AYke4sXlAiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjQwNjAyMDExOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk1OTdmNzMxZGViMjRiZWRkOTdkZTJhYmJmMDZmY2FkMTlkNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFlVP2v9/IgnQzkKv7bsryLfeYmQ
b5K1+ERZ/Zg6qGW0yvabYUuVQ5opHCpEd8PazE+17Q2iLaB8Qw5d0jbqWR2NzEUs
Ns7hlQOnMAe87Om1vfglswjTPi7MbD4ja43UmcoRebMan2D5/RoVftwTw2lsnTRy
k3yP/QYuGIDrWSpj/H6niPFTfT/w3yo3PMBN7om39G7iDGabXYbPoe5b6/op3wV4
4XVu1i0fBC3OP3BquePdjLG0BBrn5tfHVWFlq2WG0gCRpDsOecAgwMzDT2MkVI67
kzp3nEN1cBo8gfcFWHhkR/TaQ0d37z1Er8DclS5zhrET5IL07Nz+w1HUaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMCVl/cx3rJL7dl94qu/BvytGdSCMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvd0pXWDl6SGVza3Z0MlgzaXE3OEdfSzBaMUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwtUNAwQA
wtUPAwQAwtURAwQAwtUUMA0GCSqGSIb3DQEBCwUAA4IBAQAx/detN0pnjGEeqggU
9/BIN8cgO0eoQm0t16MDWLy7/ajm0oz8VW2Fg7Kxq4c2w54sr0OmknL/7tB3gGyR
J0aWnmE6y1rGmlYwym+tjL1/0XEqdsES4+FeDUj0x6FrC1ptxrM1bDOZ42JpQdal
rwUpftx1LZlJt3V59/Ld+AoSkjcEqOiJcJx32JpM/CaZG/mw9UH0WXmZVxv13Re/
gRkEi+rK7DqxZ8mKSH+xwhDu0HXDXjAdZ8kC3MUooENrnOIxSlyO2C67a45AJ7ug
FhwGyRougVWTwjOFUAuiz2JKmlmEFelmXMcmmFnNNGRsOIh+ufoOoDynkbozYnv7
+o+Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:52 2024 by rpki-client on console-fra.rpki-client.org