Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/WfRMqwEzwStURAh01roSLkYv1U0.roa
File: WfRMqwEzwStURAh01roSLkYv1U0.roa (raw, json)
Hash identifier: HNa0AY81x/+AccOuLe0azU0S7PEQCkT6eu3lt3/eu7c=
Subject key identifier: 59:F4:4C:AB:01:33:C1:2B:54:44:08:74:D6:BA:12:2E:46:2F:D5:4D
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018CC500C504A4975C66E8EBB26D25071864
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/WfRMqwEzwStURAh01roSLkYv1U0.roa
Signing time: Mon 01 Jan 2024 12:30:11 +0000
ROA not before: Mon 01 Jan 2024 12:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15596
IP address blocks: 109.122.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c5:04:a4:97:5c:66:e8:eb:b2:6d:25:07:18:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 1 12:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59f44cab0133c12b54440874d6ba122e462fd54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:18:7c:67:25:aa:2d:42:33:65:08:19:60:df:
1c:27:3b:69:fa:8f:9b:d1:f9:46:84:f4:34:b7:c2:
e2:7a:f3:90:cb:91:f2:a9:66:da:10:44:14:84:00:
d8:95:92:31:90:51:67:4b:eb:1a:79:75:9a:a8:07:
b6:1e:4c:02:22:66:35:15:b7:6a:3b:09:86:02:c8:
fd:b0:dc:2d:31:92:09:22:76:9c:8c:21:90:34:a6:
7f:32:34:70:13:7a:e1:df:3b:30:50:63:20:c3:e2:
e4:64:d9:62:af:59:eb:97:2c:b8:d7:3a:60:25:47:
3d:51:bb:ac:8e:43:94:9e:03:79:22:27:3b:48:b6:
9c:2c:6e:8a:9f:49:a4:4c:73:fa:20:35:24:68:4e:
91:a0:a9:6f:ad:0c:dc:64:5c:4c:68:0a:68:f2:b2:
c1:aa:49:5c:27:b5:52:b0:f7:65:d7:bc:ad:8d:f8:
a5:30:43:03:74:d5:b2:de:ee:bc:1a:d0:60:f3:87:
27:5f:b0:aa:74:12:84:4e:56:1f:a3:77:e7:10:2b:
9f:62:28:ca:7e:d2:3a:1b:7c:b6:cf:d6:90:8f:f2:
53:d2:9f:ab:41:d6:2e:9b:64:72:d1:07:65:ec:1e:
bb:79:c0:ca:9a:7d:bd:ac:9e:46:93:68:8a:a6:db:
0b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F4:4C:AB:01:33:C1:2B:54:44:08:74:D6:BA:12:2E:46:2F:D5:4D
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/WfRMqwEzwStURAh01roSLkYv1U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.56.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:1e:c2:4a:b1:90:91:13:56:ec:81:3f:eb:ef:7e:76:7b:c6:
6c:8a:33:a9:82:ef:9b:18:a8:ab:61:b3:93:f8:6b:5b:18:c6:
9e:ed:5b:ef:7a:04:3e:36:e3:38:bd:5f:1e:9e:7d:c7:6e:ef:
06:ba:b0:10:73:42:de:5d:43:8f:40:66:f6:01:4a:72:09:f1:
4b:44:24:27:56:00:7d:c9:f6:f1:92:d4:b1:be:eb:dc:1c:ed:
12:75:e3:ed:7b:05:83:18:24:e0:48:b2:e4:6f:67:ed:56:e3:
50:9e:44:6a:a9:6b:8c:70:da:10:1b:12:70:67:25:b6:6b:7d:
57:57:91:d3:7a:80:28:64:ea:79:3e:d7:67:32:9c:4d:63:a0:
13:f0:47:45:9a:8b:37:fc:60:25:db:07:91:cd:20:74:5e:13:
93:f1:7d:f1:ab:65:b5:e9:71:e3:f2:87:3f:19:e8:97:c8:78:
bf:75:c0:a8:1e:36:96:8b:8b:72:53:be:65:85:13:2c:f1:cd:
34:57:49:3f:a4:fd:b9:9a:48:71:ef:9b:ac:c2:0c:43:71:b3:
ff:6a:18:20:c5:8e:36:b7:6f:37:4f:5d:c6:4b:7d:66:4f:3a:
bc:b9:f8:03:b4:bd:74:26:b1:78:0d:b7:ed:da:ab:16:9b:60:
41:45:5f:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAMUEpJdcZujrsm0lBxhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTAxMTIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY0NGNhYjAxMzNjMTJiNTQ0NDA4NzRkNmJhMTIyZTQ2MmZkNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhh8ZyWqLUIzZQgZYN8cJztp+o+b
0flGhPQ0t8LievOQy5HyqWbaEEQUhADYlZIxkFFnS+saeXWaqAe2HkwCImY1Fbdq
OwmGAsj9sNwtMZIJInacjCGQNKZ/MjRwE3rh3zswUGMgw+LkZNlir1nrlyy41zpg
JUc9UbusjkOUngN5Iic7SLacLG6Kn0mkTHP6IDUkaE6RoKlvrQzcZFxMaApo8rLB
qklcJ7VSsPdl17ytjfilMEMDdNWy3u68GtBg84cnX7CqdBKETlYfo3fnECufYijK
ftI6G3y2z9aQj/JT0p+rQdYum2Ry0Qdl7B67ecDKmn29rJ5Gk2iKptsL5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn0TKsBM8ErVEQIdNa6Ei5GL9VNMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvV2ZSTXF3RXp3U3RVUkFoMDFyb1NMa1l2MVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbXo4MA0G
CSqGSIb3DQEBCwUAA4IBAQCmHsJKsZCRE1bsgT/r7352e8ZsijOpgu+bGKirYbOT
+GtbGMae7VvvegQ+NuM4vV8enn3Hbu8GurAQc0LeXUOPQGb2AUpyCfFLRCQnVgB9
yfbxktSxvuvcHO0SdePtewWDGCTgSLLkb2ftVuNQnkRqqWuMcNoQGxJwZyW2a31X
V5HTeoAoZOp5PtdnMpxNY6AT8EdFmos3/GAl2weRzSB0XhOT8X3xq2W16XHj8oc/
GeiXyHi/dcCoHjaWi4tyU75lhRMs8c00V0k/pP25mkhx75uswgxDcbP/ahggxY42
t283T13GS31mTzq8ufgDtL10JrF4Dbft2qsWm2BBRV+Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:58 2024 by rpki-client on console-ams.rpki-client.org