Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/wa-tzfL2qOSkH22JCq_WpqzE7zE.roa
File: wa-tzfL2qOSkH22JCq_WpqzE7zE.roa (raw, json)
Hash identifier: P/3xi6YzI/oKUgtFVaYN3S1DYMCdkhJtIwZjxMG91GY=
Subject key identifier: C1:AF:AD:CD:F2:F6:A8:E4:A4:1F:6D:89:0A:AF:D6:A6:AC:C4:EF:31
Certificate issuer: /CN=06c44b821ab5db542cc536c1f88b84baf0621654
Certificate serial: 018D59B1F4D69D160214C20EF5D2B9FE3AF9
Authority key identifier: 06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/wa-tzfL2qOSkH22JCq_WpqzE7zE.roa
Signing time: Tue 30 Jan 2024 09:27:31 +0000
ROA not before: Tue 30 Jan 2024 09:27:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.128.36.0/24 maxlen: 24
185.128.38.0/24 maxlen: 24
185.128.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/BsRLghq121QsxTbB-IuEuvBiFlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/BsRLghq121QsxTbB-IuEuvBiFlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:b1:f4:d6:9d:16:02:14:c2:0e:f5:d2:b9:fe:3a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c44b821ab5db542cc536c1f88b84baf0621654
Validity
Not Before: Jan 30 09:27:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1afadcdf2f6a8e4a41f6d890aafd6a6acc4ef31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:3f:ff:fb:df:e9:f5:91:3e:50:7d:8f:98:
ed:80:b2:a8:8e:ac:f2:e2:6c:ec:5c:b9:8a:0b:08:
69:33:73:55:a6:2b:56:cb:f5:63:7a:ca:4c:aa:ca:
98:22:4b:c7:44:09:44:be:36:3d:c2:be:6a:02:9e:
d1:4d:31:60:10:49:ed:aa:46:c0:fb:28:e7:0f:d3:
91:3b:92:92:93:21:9f:0c:db:95:0c:f3:d1:64:9c:
7c:8e:fe:d1:0c:77:ef:0c:01:a7:5a:f5:c6:7f:af:
9e:39:1d:87:78:7e:29:a1:f5:e3:4d:66:8d:a5:50:
fd:1f:3f:02:d9:5b:07:66:b0:df:39:78:07:6b:90:
79:96:31:de:85:11:65:ef:03:3f:8e:d4:c6:76:a6:
9e:e7:2b:d4:52:2e:5c:9e:57:ad:ce:11:ed:d2:42:
44:8c:1a:14:49:a1:7d:1e:d9:0f:4c:7c:a6:70:ed:
bc:96:31:d1:06:0a:59:ac:57:12:7c:73:7d:4a:2a:
f4:a6:af:5c:cc:a2:59:24:dd:76:7c:25:4d:ee:67:
e4:32:30:0d:f2:7f:39:01:7c:83:02:c2:e3:ad:72:
68:85:06:f8:a0:99:bf:d5:dc:c1:63:78:ff:bf:4f:
6d:6f:64:12:36:14:27:e6:7c:98:95:69:7d:29:9a:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:AF:AD:CD:F2:F6:A8:E4:A4:1F:6D:89:0A:AF:D6:A6:AC:C4:EF:31
X509v3 Authority Key Identifier:
keyid:06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/wa-tzfL2qOSkH22JCq_WpqzE7zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/BsRLghq121QsxTbB-IuEuvBiFlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.36.0/24
185.128.38.0/23
Signature Algorithm: sha256WithRSAEncryption
00:50:0f:f0:60:ff:20:f8:0d:e4:41:db:a4:2f:e8:f9:49:23:
59:37:ec:52:1b:ae:ce:68:46:af:0b:91:5c:2b:02:da:d8:0e:
3a:08:7a:98:cf:32:c5:3f:fb:43:fa:6a:ac:e9:45:f4:e6:56:
4f:fd:ea:c5:ca:2a:d7:31:25:e2:da:94:b7:e7:f6:5d:83:2e:
26:7a:bf:e0:b2:f0:04:14:08:10:b3:d1:f7:d4:ab:dd:7c:05:
45:83:97:5b:11:55:cc:6c:22:b3:93:db:58:ba:77:59:df:62:
5d:14:3e:f4:19:9f:9a:1f:c8:ab:a2:1e:17:5d:c9:4b:2c:ff:
53:af:81:71:e1:eb:36:db:c6:ad:02:c9:65:de:dc:da:c7:99:
e0:64:c5:01:d8:66:81:6d:c8:a2:5b:df:8c:19:1f:84:38:c3:
3e:e1:ef:45:08:10:b1:ab:66:15:4f:46:f3:72:83:bb:27:10:
46:15:f3:f3:87:ca:f3:e3:26:df:6f:1f:7f:e6:61:76:a9:13:
78:22:91:b1:38:a7:db:a6:3c:96:08:30:0e:bf:a7:0b:67:b2:
4d:64:4b:63:db:f1:8b:b9:c7:d9:d0:8b:fe:ba:6e:bb:06:58:
26:75:35:6f:32:99:f7:2c:10:4e:07:37:e3:c3:ad:01:c9:36:
32:2e:b7:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1ZsfTWnRYCFMIO9dK5/jr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzQ0YjgyMWFiNWRiNTQyY2M1MzZjMWY4OGI4NGJhZjA2
MjE2NTQwHhcNMjQwMTMwMDkyNzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWFmYWRjZGYyZjZhOGU0YTQxZjZkODkwYWFmZDZhNmFjYzRlZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGw///vf6fWRPlB9j5jtgLKojqzy
4mzsXLmKCwhpM3NVpitWy/VjespMqsqYIkvHRAlEvjY9wr5qAp7RTTFgEEntqkbA
+yjnD9ORO5KSkyGfDNuVDPPRZJx8jv7RDHfvDAGnWvXGf6+eOR2HeH4pofXjTWaN
pVD9Hz8C2VsHZrDfOXgHa5B5ljHehRFl7wM/jtTGdqae5yvUUi5cnletzhHt0kJE
jBoUSaF9HtkPTHymcO28ljHRBgpZrFcSfHN9Sir0pq9czKJZJN12fCVN7mfkMjAN
8n85AXyDAsLjrXJohQb4oJm/1dzBY3j/v09tb2QSNhQn5nyYlWl9KZqCVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMGvrc3y9qjkpB9tiQqv1qasxO8xMB8GA1UdIwQY
MBaAFAbES4IatdtULMU2wfiLhLrwYhZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYt
ZGM5ODQyNjU1NjdkLzEvd2EtdHpmTDJxT1NrSDIySkNxX1dwcXpFN3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYtZGM5ODQyNjU1Njdk
LzEvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYAkAwQB
uYAmMA0GCSqGSIb3DQEBCwUAA4IBAQAAUA/wYP8g+A3kQdukL+j5SSNZN+xSG67O
aEavC5FcKwLa2A46CHqYzzLFP/tD+mqs6UX05lZP/erFyirXMSXi2pS35/Zdgy4m
er/gsvAEFAgQs9H31KvdfAVFg5dbEVXMbCKzk9tYundZ32JdFD70GZ+aH8iroh4X
XclLLP9Tr4Fx4es228atAsll3tzax5ngZMUB2GaBbciiW9+MGR+EOMM+4e9FCBCx
q2YVT0bzcoO7JxBGFfPzh8rz4ybfbx9/5mF2qRN4IpGxOKfbpjyWCDAOv6cLZ7JN
ZEtj2/GLucfZ0Iv+um67BlgmdTVvMpn3LBBOBzfjw60ByTYyLrdz
-----END CERTIFICATE-----
Generated at Thu May 2 20:37:03 2024 by rpki-client on console-ams.rpki-client.org