Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/0WpnSBke64LYhoua4c8yOIP5iQg.roa
File: 0WpnSBke64LYhoua4c8yOIP5iQg.roa (raw, json)
Hash identifier: drSEuFrKMBTzYmgjvWSvR5+UNxdpivqfFB/UxHiguOQ=
Subject key identifier: D1:6A:67:48:19:1E:EB:82:D8:86:8B:9A:E1:CF:32:38:83:F9:89:08
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 018CCA2B7162B94530532A5FC2CDC9F93D98
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/0WpnSBke64LYhoua4c8yOIP5iQg.roa
Signing time: Tue 02 Jan 2024 12:34:53 +0000
ROA not before: Tue 02 Jan 2024 12:34:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50812
IP address blocks: 185.30.48.0/24 maxlen: 24
193.105.252.0/24 maxlen: 24
91.224.6.0/24 maxlen: 24
91.224.7.0/24 maxlen: 24
91.193.107.0/24 maxlen: 24
91.193.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:71:62:b9:45:30:53:2a:5f:c2:cd:c9:f9:3d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: Jan 2 12:34:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d16a6748191eeb82d8868b9ae1cf323883f98908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:06:ce:1b:15:c9:ad:73:aa:17:f2:17:52:11:
1a:c7:72:e9:ff:dd:29:15:2a:d5:b6:d6:e0:2e:47:
5e:b4:b6:b6:8a:33:9c:40:d7:76:af:2c:18:92:c4:
f6:10:c0:25:15:00:4b:1e:51:06:ff:0b:4b:a8:7d:
1b:18:91:dd:45:77:16:d8:11:ac:36:2d:f2:1e:91:
12:01:f1:4d:bc:71:0f:58:c3:97:37:5d:12:70:78:
cb:05:8d:64:f8:e3:49:11:c1:4c:22:f4:e7:a2:54:
b1:ca:52:83:7f:0e:ff:e9:4d:7b:07:4b:eb:43:fb:
9d:26:ba:89:18:a0:c2:f2:53:31:fe:53:3e:a3:66:
04:10:a6:55:1e:10:93:d9:44:11:57:48:54:50:1b:
5b:54:35:e4:f5:2b:58:6f:40:25:a7:61:ab:98:d7:
e4:3a:57:59:1a:f9:d5:19:ad:c7:47:13:e7:ff:78:
bf:4e:bd:ef:78:62:13:f8:ba:59:6b:c4:f4:92:51:
92:7a:37:0f:94:0e:9f:06:6d:f2:12:97:bf:e5:98:
7b:0f:c0:10:85:23:37:d8:97:86:cd:f3:10:e5:91:
e4:b2:e7:1f:22:0f:58:55:33:99:ec:df:eb:8b:bb:
d5:61:b8:78:35:b9:a9:b0:6f:c0:ee:51:53:d0:db:
dc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6A:67:48:19:1E:EB:82:D8:86:8B:9A:E1:CF:32:38:83:F9:89:08
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/0WpnSBke64LYhoua4c8yOIP5iQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.106.0/23
91.224.6.0/23
185.30.48.0/24
193.105.252.0/24
Signature Algorithm: sha256WithRSAEncryption
85:6a:5a:6f:67:37:ce:b8:b4:5d:0b:85:09:39:bb:d8:d6:46:
7a:05:f6:3d:07:8c:1c:e2:e1:3b:f2:8e:33:02:71:83:61:69:
c5:68:41:76:73:31:30:f4:1f:ee:27:7f:02:35:c2:93:54:f0:
19:78:3c:00:41:67:07:a3:fe:fc:ac:f8:8b:94:38:fc:a3:51:
d8:5c:9a:ba:40:db:c2:57:d3:b5:6e:39:ed:ef:9b:75:b1:ea:
5c:41:89:20:10:00:01:73:28:1c:51:c6:12:07:0d:35:96:f4:
25:69:b8:32:f1:5e:8f:63:cd:8d:e1:a5:e4:81:00:a0:4e:dd:
7c:e9:c4:ec:08:23:db:f5:47:a2:26:37:06:d9:64:62:f9:4f:
bb:23:ce:3e:8a:14:46:66:ca:15:fa:c9:56:e5:19:7b:5f:88:
69:5c:d3:40:86:3e:a4:53:3f:90:c8:70:34:a7:60:e0:b1:1a:
49:78:bb:99:20:09:39:3a:50:3c:cd:70:63:40:2c:32:48:13:
66:08:0c:38:a8:34:ef:f9:03:8b:d1:1e:fa:43:d2:69:1e:cf:
c5:d4:ea:20:49:8d:82:ac:e0:d6:74:01:6d:41:5f:44:20:14:
be:a1:19:48:03:49:c0:3e:55:8b:2c:dd:07:f5:10:b1:37:2d:
b8:d4:68:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKK3FiuUUwUypfws3J+T2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjQwMTAyMTIzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZhNjc0ODE5MWVlYjgyZDg4NjhiOWFlMWNmMzIzODgzZjk4OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwbOGxXJrXOqF/IXUhEax3Lp/90p
FSrVttbgLkdetLa2ijOcQNd2rywYksT2EMAlFQBLHlEG/wtLqH0bGJHdRXcW2BGs
Ni3yHpESAfFNvHEPWMOXN10ScHjLBY1k+ONJEcFMIvTnolSxylKDfw7/6U17B0vr
Q/udJrqJGKDC8lMx/lM+o2YEEKZVHhCT2UQRV0hUUBtbVDXk9StYb0Alp2GrmNfk
OldZGvnVGa3HRxPn/3i/Tr3veGIT+LpZa8T0klGSejcPlA6fBm3yEpe/5Zh7D8AQ
hSM32JeGzfMQ5ZHksucfIg9YVTOZ7N/ri7vVYbh4NbmpsG/A7lFT0NvcUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNFqZ0gZHuuC2IaLmuHPMjiD+YkIMB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEvMFdwblNCa2U2NExZaG91YTRjOHlPSVA1aVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8FqAwQB
W+AGAwQAuR4wAwQAwWn8MA0GCSqGSIb3DQEBCwUAA4IBAQCFalpvZzfOuLRdC4UJ
ObvY1kZ6BfY9B4wc4uE78o4zAnGDYWnFaEF2czEw9B/uJ38CNcKTVPAZeDwAQWcH
o/78rPiLlDj8o1HYXJq6QNvCV9O1bjnt75t1sepcQYkgEAABcygcUcYSBw01lvQl
abgy8V6PY82N4aXkgQCgTt186cTsCCPb9UeiJjcG2WRi+U+7I84+ihRGZsoV+slW
5Rl7X4hpXNNAhj6kUz+QyHA0p2DgsRpJeLuZIAk5OlA8zXBjQCwySBNmCAw4qDTv
+QOL0R76Q9JpHs/F1OogSY2CrODWdAFtQV9EIBS+oRlIA0nAPlWLLN0H9RCxNy24
1Ggt
-----END CERTIFICATE-----
Generated at Mon May 20 17:41:38 2024 by rpki-client on console-ams.rpki-client.org