Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wXEYLCT0JAWcbl0IIiaBhBTaQKE.roa
File: wXEYLCT0JAWcbl0IIiaBhBTaQKE.roa (raw, json)
Hash identifier: jgIYlLSLRYUTj5QJ7s5r0sa/VpBkkQIGIiRVsQ09qtw=
Subject key identifier: C1:71:18:2C:24:F4:24:05:9C:6E:5D:08:22:26:81:84:14:DA:40:A1
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0191772C61DE0976ED6F33C269C8AEDEF31C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wXEYLCT0JAWcbl0IIiaBhBTaQKE.roa
Signing time: Wed 21 Aug 2024 23:01:22 +0000
ROA not before: Wed 21 Aug 2024 23:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 45.159.23.0/24 maxlen: 24
88.218.46.0/24 maxlen: 24
89.19.34.0/24 maxlen: 24
176.126.111.0/24 maxlen: 24
193.31.127.0/24 maxlen: 24
193.56.20.0/24 maxlen: 24
193.202.16.0/24 maxlen: 24
194.99.25.0/24 maxlen: 24
194.110.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:77:2c:61:de:09:76:ed:6f:33:c2:69:c8:ae:de:f3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Aug 21 23:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c171182c24f424059c6e5d082226818414da40a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:52:c4:6b:f7:58:49:22:a2:1f:cb:67:78:68:
62:9f:62:24:66:f0:a0:4f:e3:32:4c:4b:da:85:b8:
b1:80:24:ab:9b:b8:39:26:8a:53:cd:37:27:e6:4c:
66:d8:7d:d7:a1:11:f1:5b:a3:14:1b:f1:16:fc:4a:
40:16:67:cf:79:76:3d:8a:66:4c:c9:7c:0e:97:c0:
5f:70:8a:04:89:9e:e3:2e:eb:29:77:b5:8a:76:30:
59:11:08:92:33:a5:74:1e:94:44:1f:20:58:68:54:
92:87:8d:02:d2:35:ee:f8:4f:4f:ae:5f:bd:84:a5:
e0:5b:21:7d:cd:0a:c7:f8:c2:77:9b:40:ae:34:16:
16:e4:1a:2e:75:97:9f:fb:40:b5:f8:a0:0e:f0:75:
e0:de:b6:27:34:57:2b:bd:8a:83:a8:7d:f0:bb:6e:
60:1e:e0:22:cb:03:ef:99:c2:1b:4f:58:ca:dc:b7:
4c:24:06:bd:21:09:8b:6b:79:7a:d1:1d:b9:c3:bc:
40:2b:a1:c7:a5:44:a5:6f:66:2c:cd:d3:8b:f7:72:
d4:f2:88:9a:29:e6:4e:73:42:ce:b9:ff:91:42:d8:
92:65:21:5b:13:0a:89:39:0a:7f:8b:9d:b0:eb:ad:
bc:5c:d4:e7:5b:0c:fb:3e:6c:d3:8b:e7:7d:16:f6:
6f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:71:18:2C:24:F4:24:05:9C:6E:5D:08:22:26:81:84:14:DA:40:A1
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wXEYLCT0JAWcbl0IIiaBhBTaQKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.23.0/24
88.218.46.0/24
89.19.34.0/24
176.126.111.0/24
193.31.127.0/24
193.56.20.0/24
193.202.16.0/24
194.99.25.0/24
194.110.150.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f6:97:93:7e:40:b8:89:12:fa:f9:bc:cb:8f:c2:09:cc:6c:
a0:2d:00:90:6d:66:be:bb:bb:05:a8:c9:ba:06:64:75:58:7b:
88:7f:63:88:f2:0b:65:82:19:4a:3f:c3:26:8a:c4:58:ef:15:
37:52:76:31:b5:4e:86:d6:03:5c:7f:e3:c9:d2:ba:9a:ad:11:
ca:6c:46:20:da:8e:cb:1c:eb:69:18:9e:7e:45:38:00:1a:17:
ff:e5:08:e3:eb:b0:13:a6:1c:e4:c4:5e:20:12:fa:3f:05:32:
d9:61:a3:5d:a5:27:e8:0d:ad:a2:fe:de:8e:70:90:41:ae:a7:
b1:3d:cd:61:72:4d:8b:6b:d7:0b:2f:7c:6d:f1:95:ce:0e:e5:
ed:a3:1e:cc:95:42:9b:f1:5c:95:f1:4f:46:5d:da:2c:5a:d2:
fd:7e:9a:78:9b:d0:1a:89:45:de:6c:cf:a0:02:45:83:71:ac:
94:aa:ac:a1:c5:3c:5f:f2:08:1d:a0:cf:da:cc:6b:75:45:52:
73:93:5a:74:87:0b:27:50:74:82:69:d2:16:dd:eb:f8:11:ff:
b4:61:0c:ae:06:73:5d:bf:2c:d8:20:7e:b9:f0:88:34:51:e5:
d9:87:80:1d:77:d2:bb:c0:e5:41:1e:b0:b7:90:23:e2:32:3f:
30:07:68:e0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZF3LGHeCXbtbzPCaciu3vMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwODIxMjMwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTcxMTgyYzI0ZjQyNDA1OWM2ZTVkMDgyMjI2ODE4NDE0ZGE0MGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlLEa/dYSSKiH8tneGhin2IkZvCg
T+MyTEvahbixgCSrm7g5JopTzTcn5kxm2H3XoRHxW6MUG/EW/EpAFmfPeXY9imZM
yXwOl8BfcIoEiZ7jLuspd7WKdjBZEQiSM6V0HpREHyBYaFSSh40C0jXu+E9Prl+9
hKXgWyF9zQrH+MJ3m0CuNBYW5BoudZef+0C1+KAO8HXg3rYnNFcrvYqDqH3wu25g
HuAiywPvmcIbT1jK3LdMJAa9IQmLa3l60R25w7xAK6HHpUSlb2YszdOL93LU8oia
KeZOc0LOuf+RQtiSZSFbEwqJOQp/i52w6628XNTnWwz7PmzTi+d9FvZv/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMFxGCwk9CQFnG5dCCImgYQU2kChMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvd1hFWUxDVDBKQVdjYmwwSUlpYUJoQlRhUUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZ8XAwQA
WNouAwQAWRMiAwQAsH5vAwQAwR9/AwQAwTgUAwQAwcoQAwQAwmMZAwQAwm6WMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ9peTfkC4iRL6+bzLj8IJzGygLQCQbWa+u7sFqMm6
BmR1WHuIf2OI8gtlghlKP8MmisRY7xU3UnYxtU6G1gNcf+PJ0rqarRHKbEYg2o7L
HOtpGJ5+RTgAGhf/5Qjj67ATphzkxF4gEvo/BTLZYaNdpSfoDa2i/t6OcJBBrqex
Pc1hck2La9cLL3xt8ZXODuXtox7MlUKb8VyV8U9GXdosWtL9fpp4m9AaiUXebM+g
AkWDcayUqqyhxTxf8ggdoM/azGt1RVJzk1p0hwsnUHSCadIW3ev4Ef+0YQyuBnNd
vyzYIH658Ig0UeXZh4Add9K7wOVBHrC3kCPiMj8wB2jg
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:58 2024 by rpki-client on console-ams.rpki-client.org